urlscan.io logo urlscan.io
SecurityTrails logo

www.shefinds.com Open in urlscan Pro
2606:4700:10::6816:4f8f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://shefinds.com/
Effective URL: https://www.shefinds.com/
Submission: On September 04 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 200 IPs in 14 countries across 190 domains to perform 1117 HTTP transactions. The main IP is 2606:4700:10::6816:4f8f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.shefinds.com. The Cisco Umbrella rank of the primary domain is 121030.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 26th 2022. Valid for: a year.
This is the only time www.shefinds.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 71 2606:4700:10:... 13335 (CLOUDFLAR...)
6 151.101.194.207 54113 (FASTLY)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 151.101.129.91 54113 (FASTLY)
3 2607:f8b0:400... 15169 (GOOGLE)
3 13.225.214.43 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
33 199.232.197.131 54113 (FASTLY)
3 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
6 18.164.101.60 16509 (AMAZON-02)
3 54.192.161.188 16509 (AMAZON-02)
1 108.139.47.108 16509 (AMAZON-02)
6 54.166.159.80 14618 (AMAZON-AES)
5 2a03:2880:f00... 32934 (FACEBOOK)
1 18.164.116.73 16509 (AMAZON-02)
1 108.138.106.124 16509 (AMAZON-02)
1 34.102.147.248 396982 (GOOGLE-CL...)
1 4 2600:9000:220... 16509 (AMAZON-02)
5 7 2620:116:800b... 14618 (AMAZON-AES)
1 151.101.193.91 54113 (FASTLY)
3 18.164.131.14 16509 (AMAZON-02)
3 52.21.15.216 14618 (AMAZON-AES)
6 34.239.25.47 14618 (AMAZON-AES)
2 151.101.194.217 54113 (FASTLY)
3 52.46.154.149 16509 (AMAZON-02)
4 184.73.5.153 14618 (AMAZON-AES)
6 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:246... 16509 (AMAZON-02)
1 18.164.96.46 16509 (AMAZON-02)
10 54.230.163.71 16509 (AMAZON-02)
1 13.35.93.71 16509 (AMAZON-02)
5 104.18.38.76 13335 (CLOUDFLAR...)
1 2600:9000:210... 16509 (AMAZON-02)
2 104.19.150.54 13335 (CLOUDFLAR...)
2 19 2607:f8b0:400... 15169 (GOOGLE)
1 3 18.173.219.40 16509 (AMAZON-02)
1 2600:9000:21d... 16509 (AMAZON-02)
3 108.138.107.138 16509 (AMAZON-02)
7 2a03:2880:f10... 32934 (FACEBOOK)
1 20.40.202.0 8075 (MICROSOFT...)
30 31 52.223.40.198 16509 (AMAZON-02)
1 107.23.63.94 14618 (AMAZON-AES)
2 34.120.155.137 396982 (GOOGLE-CL...)
1 52.204.63.111 14618 (AMAZON-AES)
1 18.164.96.54 16509 (AMAZON-02)
3 52.94.225.95 16509 (AMAZON-02)
1 13.35.93.23 16509 (AMAZON-02)
1 52.73.128.118 14618 (AMAZON-AES)
1 5 52.201.46.70 14618 (AMAZON-AES)
1 2600:9000:246... 16509 (AMAZON-02)
1 35.241.9.51 15169 (GOOGLE)
28 43 68.67.179.166 29990 (ASN-APPNEX)
2 3.16.120.123 16509 (AMAZON-02)
1 2600:9000:26f... 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 3.236.169.110 14618 (AMAZON-AES)
7 34.107.254.252 396982 (GOOGLE-CL...)
1 23.23.220.154 14618 (AMAZON-AES)
2 18.164.107.227 16509 (AMAZON-02)
1 18.165.9.13 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 2 2607:f8b0:400... 15169 (GOOGLE)
21 69.173.151.96 26667 (RUBICONPR...)
3 44.217.4.96 14618 (AMAZON-AES)
4 2602:803:c002... 26667 (RUBICONPR...)
5 54.86.12.53 14618 (AMAZON-AES)
4 172.64.148.101 13335 (CLOUDFLAR...)
1 108.138.128.63 16509 (AMAZON-02)
2 52.86.112.232 14618 (AMAZON-AES)
5 52.4.33.45 14618 (AMAZON-AES)
21 34.149.50.64 15169 (GOOGLE)
1 34.232.59.64 14618 (AMAZON-AES)
7 15 147.28.146.89 54825 (PACKET)
1 2620:100:a001... 19750 (AS-CRITEO)
7 10 63.251.114.137 32475 (SINGLEHOP...)
2 199.250.161.129 26459 (TTD-ASN-01)
1 104.104.103.253 16625 (AKAMAI-AS)
2 108.138.128.28 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 162.19.138.82 16276 (OVH)
8 63 192.40.36.238 27381 (CASALE-MEDIA)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
3 6 52.203.22.13 14618 (AMAZON-AES)
1 35 52.46.151.131 16509 (AMAZON-02)
34 43 172.253.63.154 15169 (GOOGLE)
1 1 34.160.19.107 15169 (GOOGLE)
1 7 38.98.139.150 26558 (FREEWHEEL)
9 9 185.167.164.37 198622 (ADFORM)
3 2620:100:a001::4 19750 (AS-CRITEO)
1 2600:9000:246... 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
11 2606:4700:10:... 13335 (CLOUDFLAR...)
13 17 8.28.7.83 62713 (AS-PUBMATIC)
18 21 69.173.151.100 26667 (RUBICONPR...)
11 16 34.111.113.62 396982 (GOOGLE-CL...)
5 6 216.22.16.8 30633 (LEASEWEB-...)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
4 5 69.166.1.35 27630 (AS-XFERNET)
36 42 141.95.33.111 16276 (OVH)
37 40 199.127.204.142 26120 (RHYTHMONE)
13 13 2620:112:f002... 6336 (TURN-US-ASN)
2 4 34.197.26.74 14618 (AMAZON-AES)
2 2 23.215.40.23 16625 (AKAMAI-AS)
5 5 2600:9000:220... 16509 (AMAZON-02)
14 51.222.39.186 16276 (OVH)
7 7 35.194.66.159 396982 (GOOGLE-CL...)
6 9 3.215.203.164 14618 (AMAZON-AES)
1 2600:9000:251... 16509 (AMAZON-02)
7 44.207.99.201 14618 (AMAZON-AES)
6 80.77.87.162 46636 (NATCOWEB)
11 31 35.244.159.8 15169 (GOOGLE)
7 8 23.105.12.170 30633 (LEASEWEB-...)
18 18 2606:ae80:147... 25751 (VALUECLICK)
2 2600:9000:251... 16509 (AMAZON-02)
13 23.203.25.11 16625 (AKAMAI-AS)
1 3.225.45.118 14618 (AMAZON-AES)
30 23.220.121.87 16625 (AKAMAI-AS)
8 11 198.148.27.131 19189 (PULSEPOINT)
19 20 3.225.218.10 14618 (AMAZON-AES)
5 9 72.251.238.254 32475 (SINGLEHOP...)
45 3.221.79.249 14618 (AMAZON-AES)
11 51 52.223.22.214 16509 (AMAZON-02)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
2 3 52.71.215.87 14618 (AMAZON-AES)
5 14 2600:1f18:4e9... 14618 (AMAZON-AES)
2 37 3.214.33.241 14618 (AMAZON-AES)
42 42 35.211.178.172 15169 (GOOGLE)
1 1 131.153.148.3 19437 (SS-ASH)
6 8 64.202.112.31 22075 (AS-OUTBRAIN)
5 5 74.119.119.150 19750 (AS-CRITEO)
8 12 52.55.40.211 14618 (AMAZON-AES)
12 12 54.146.97.31 14618 (AMAZON-AES)
5 6 8.18.47.7 398989 (DEEPINTENT)
16 16 64.74.236.31 19024 (INTERNAP-...)
9 13 23.219.8.236 16625 (AKAMAI-AS)
8 8 34.201.248.15 14618 (AMAZON-AES)
7 8 151.101.2.49 54113 (FASTLY)
2 2 202.241.208.56 4694 (IDCF IDC ...)
27 32 162.248.18.32 62713 (AS-PUBMATIC)
2 11 8.28.7.84 62713 (AS-PUBMATIC)
5 5 185.184.8.90 204995 (RTB-HOUSE...)
12 12 104.127.172.242 16625 (AKAMAI-AS)
31 31 67.202.105.24 32748 (STEADFAST)
3 23.220.120.23 16625 (AKAMAI-AS)
3 3 2603:c020:400... 31898 (ORACLE-BM...)
7 7 18.235.85.213 14618 (AMAZON-AES)
1 19 195.244.31.10 63140 (IGUANA-WO...)
3 3 52.4.169.33 14618 (AMAZON-AES)
3 3 37.157.6.232 198622 (ADFORM)
3 4 35.186.253.211 15169 (GOOGLE)
6 6 96.46.186.57 7979 (SERVERS-COM)
4 4 204.62.13.72 46636 (NATCOWEB)
3 3 35.207.24.140 15169 (GOOGLE)
1 74.119.119.139 19750 (AS-CRITEO)
16 18.164.96.50 16509 (AMAZON-02)
12 12 207.198.113.203 13768 (COGECO-PEER1)
2 23.221.12.2 16625 (AKAMAI-AS)
3 9 52.5.117.77 14618 (AMAZON-AES)
5 10 35.190.60.146 15169 (GOOGLE)
1 1 107.178.254.65 396982 (GOOGLE-CL...)
1 5 2620:1ec:21::14 8068 (MICROSOFT...)
2 3.215.94.1 14618 (AMAZON-AES)
15 15 54.158.15.5 14618 (AMAZON-AES)
2 2 52.43.171.21 16509 (AMAZON-02)
4 9 104.36.115.113 62713 (AS-PUBMATIC)
1 34.96.105.8 396982 (GOOGLE-CL...)
3 3 74.121.140.211 30419 (MEDIAMATH...)
1 162.248.18.10 62713 (AS-PUBMATIC)
1 1 3.221.48.93 14618 (AMAZON-AES)
1 67.220.228.203 16509 (AMAZON-02)
1 40.76.134.238 8075 (MICROSOFT...)
15 28 162.248.18.37 62713 (AS-PUBMATIC)
3 3 54.174.208.173 14618 (AMAZON-AES)
5 5 199.38.167.131 54312 (ROCKETFUEL)
14 44.228.95.230 16509 (AMAZON-02)
1 18.165.26.102 16509 (AMAZON-02)
1 35.241.45.217 15169 (GOOGLE)
2 13 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2600:9000:246... 16509 (AMAZON-02)
1 2 34.102.243.38 396982 (GOOGLE-CL...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
9 2600:1f13:800... 16509 (AMAZON-02)
4 172.253.122.156 15169 (GOOGLE)
3 151.101.65.108 54113 (FASTLY)
1 104.18.111.252 13335 (CLOUDFLAR...)
3 3 178.250.7.11 44788 (ASN-CRITE...)
2 2 35.211.118.13 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.190.90.30 15169 (GOOGLE)
20 35.236.200.4 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2 52.23.107.16 14618 (AMAZON-AES)
3 2600:1408:c40... 20940 (AKAMAI-ASN1)
6 14 162.55.236.224 24940 (HETZNER-AS)
1 5 67.202.105.33 32748 (STEADFAST)
3 3 35.210.53.219 19527 (GOOGLE-2)
1 1 47.252.78.131 45102 (ALIBABA-C...)
3 3 82.145.213.8 39832 (NO-OPERA)
2 2 34.96.71.22 396982 (GOOGLE-CL...)
6 6 173.231.178.83 32475 (SINGLEHOP...)
4 4 52.86.45.136 14618 (AMAZON-AES)
3 172.64.149.180 13335 (CLOUDFLAR...)
1 1 172.105.235.90 63949 (AKAMAI-LI...)
1 18.164.96.6 16509 (AMAZON-02)
1 1 172.67.10.198 13335 (CLOUDFLAR...)
1 1 34.230.226.68 14618 (AMAZON-AES)
2 2 192.132.33.46 18568 (BIDTELLECT)
5 2600:1f18:61c... 14618 (AMAZON-AES)
2 4 34.193.131.34 14618 (AMAZON-AES)
5 174.137.133.32 27257 (WEBAIR-IN...)
1 2607:4f00:946::2 55081 (24SHELLS)
1 3 23.105.12.173 30633 (LEASEWEB-...)
1 2 34.233.10.41 14618 (AMAZON-AES)
1 52.4.119.35 14618 (AMAZON-AES)
2 2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 54.71.6.251 16509 (AMAZON-02)
1 2 38.98.69.175 174 (COGENT-174)
1 2600:1408:c40... 20940 (AKAMAI-ASN1)
1 2607:f8b0:400... 15169 (GOOGLE)
21 34.117.239.71 396982 (GOOGLE-CL...)
24 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 213.19.162.80 3356 (LEVEL3)
2 6 23.227.139.243 55081 (24SHELLS)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 8.28.7.105 62713 (AS-PUBMATIC)
1 1 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 52.201.5.219 14618 (AMAZON-AES)
2 2 2604:9e00:1:1... 27257 (WEBAIR-IN...)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
1 1 141.226.224.48 200478 (TABOOLA-AS)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
3 5 107.23.73.10 14618 (AMAZON-AES)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 1 54.204.10.18 14618 (AMAZON-AES)
2 13.225.214.84 16509 (AMAZON-02)
2 34.205.113.183 14618 (AMAZON-AES)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
2 2 69.90.254.78 13768 (COGECO-PEER1)
1 1 172.104.64.149 63949 (AKAMAI-LI...)
1 34.240.222.243 16509 (AMAZON-02)
1 1 185.184.10.30 203690 (RTB-HOUSE...)
1 35.186.193.173 15169 (GOOGLE)
1 1 20.85.134.6 8075 (MICROSOFT...)
1 23.88.86.2 24940 (HETZNER-AS)
1 195.5.165.20 44968 (IPROM-AS)
2 2 184.86.146.172 16625 (AKAMAI-AS)
1 2 34.204.212.37 14618 (AMAZON-AES)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 188.166.17.21 14061 (DIGITALOC...)
3 4 44.206.88.126 14618 (AMAZON-AES)
3 3 141.94.171.215 16276 (OVH)
1 1 2600:1f18:765... 14618 (AMAZON-AES)
1 1 8.2.110.206 46636 (NATCOWEB)
5 23.200.0.13 ()
1 2600:1408:c40... ()
7 3.227.84.17 ()
1 2 142.251.163.148 ()
1117 200
71    2606:4700:10::6816:4f8f (United States)

ASN13335 (CLOUDFLARENET, US)
shefinds.com
www.shefinds.com
6    151.101.194.207 (United States)

ASN54113 (FASTLY, US)
bc.marfeelcache.com
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    151.101.129.91 (United States)

ASN54113 (FASTLY, US)
cloud.typenetwork.com
3    2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    13.225.214.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-43.ewr50.r.cloudfront.net
cdn.boomtrain.com
2    2607:f8b0:4004:c09::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
33    199.232.197.131 (United States)

ASN54113 (FASTLY, US)
ads.blogherads.com
3    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
5    2606:4700::6813:d383 (United States)

ASN13335 (CLOUDFLARENET, US)
www.lightboxcdn.com
6    18.164.101.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-101-60.jfk50.r.cloudfront.net
cdn.parsely.com
3    54.192.161.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-161-188.ewr53.r.cloudfront.net
z-na.amazon-adsystem.com
1    108.139.47.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-108.jfk50.r.cloudfront.net
widget.sellwild.com
6    54.166.159.80 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-159-80.compute-1.amazonaws.com
people.api.boomtrain.com
5    2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    18.164.116.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-73.jfk50.r.cloudfront.net
static.bam-x.com
1    108.138.106.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-124.jfk50.r.cloudfront.net
static.hotjar.com
1    34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com
intljs.rmtag.com
4    2600:9000:2209:7200:e:ec66:e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.keywee.co
7    2620:116:800b:21:1456:d0e1:7db4:a56b (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    151.101.193.91 (United States)

ASN54113 (FASTLY, US)
fastly-cloud.typenetwork.com
3    18.164.131.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-131-14.jfk50.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
3    52.21.15.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-15-216.compute-1.amazonaws.com
onsite.boomtrain.net
6    34.239.25.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-25-47.compute-1.amazonaws.com
srv-2023-09-04-02.pixel.parsely.com
2    151.101.194.217 (United States)

ASN54113 (FASTLY, US)
ads.shemedia.com
3    52.46.154.149 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
aax-us-east.amazon-adsystem.com
4    184.73.5.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-5-153.compute-1.amazonaws.com
events.release.narrativ.com
6    2607:f8b0:4004:c17::71 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:246d:b000:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)
d15kdpgjg3unno.cloudfront.net
1    18.164.96.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-46.jfk50.r.cloudfront.net
script.hotjar.com
10    54.230.163.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-71.ewr53.r.cloudfront.net
tagan.adlightning.com
1    13.35.93.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-71.jfk50.r.cloudfront.net
cdn.adsafeprotected.com
5    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    2600:9000:210b:f200:1b:9b08:7f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.rhombusads.com
2    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
19    2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
www.googletagservices.com
pagead2.googlesyndication.com
3    18.173.219.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-40.jfk52.r.cloudfront.net
sb.scorecardresearch.com
1    2600:9000:21dd:4e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
3    108.138.107.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-107-138.jfk50.r.cloudfront.net
c.amazon-adsystem.com
7    2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lightboxapi.azurewebsites.net
31    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    107.23.63.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-63-94.compute-1.amazonaws.com
id.sv.rkdms.com
2    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
1    52.204.63.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-63-111.compute-1.amazonaws.com
idx.liadm.com
1    18.164.96.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-54.jfk50.r.cloudfront.net
vc.hotjar.io
3    52.94.225.95 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
fls-na.amazon-adsystem.com
1    13.35.93.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-23.jfk50.r.cloudfront.net
ats.rlcdn.com
1    52.73.128.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-128-118.compute-1.amazonaws.com
async01.admantx.com
5    52.201.46.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-46-70.compute-1.amazonaws.com
pixel.adsafeprotected.com
1    2600:9000:246d:7a00:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)
dyv1bugovvq1g.cloudfront.net
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
3d2fb0bd-52fc-4b75-aaf5-2d436c172540.prmutv.co
43    68.67.179.166 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    3.16.120.123 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-16-120-123.us-east-2.compute.amazonaws.com
socialcanvas-api.kargo.com
1    2600:9000:26fa:f400:13:6a46:aa00:93a1 (United States)

ASN16509 (AMAZON-02, US)
socialcanvas-cdn.kargo.com
2    2607:f8b0:4004:c08::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    3.236.169.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-236-169-110.compute-1.amazonaws.com
sqs.us-east-1.amazonaws.com
7    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
1    23.23.220.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-220-154.compute-1.amazonaws.com
pixel.keywee.co
2    18.164.107.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-107-227.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
1    18.165.9.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-9-13.pit50.r.cloudfront.net
geo.privacymanager.io
1    2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c1b::6a (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
21    69.173.151.96 (United States)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
3    44.217.4.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-4-96.compute-1.amazonaws.com
pre.ads.justpremium.com
match.justpremium.com
4    2602:803:c002:300::98 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
5    54.86.12.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-12-53.compute-1.amazonaws.com
g2.gumgum.com
4    172.64.148.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
r.casalemedia.com
1    108.138.128.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-63.jfk50.r.cloudfront.net
hb.undertone.com
2    52.86.112.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-112-232.compute-1.amazonaws.com
krk.kargo.com
5    52.4.33.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-33-45.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
21    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
1    34.232.59.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-59-64.compute-1.amazonaws.com
tlx.3lift.com
15    147.28.146.89 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
10    63.251.114.137 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    199.250.161.129 (United States)

ASN26459 (TTD-ASN-01, US)
direct.adsrvr.org
1    104.104.103.253 (Billerica, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-104-103-253.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    108.138.128.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-28.jfk50.r.cloudfront.net
tags.crwdcntrl.net
2    2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
2    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
lb.eu-1-id5-sync.com
63    192.40.36.238 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
ssum.casalemedia.com
6    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
a.ad.gt
p.ad.gt
pixels.ad.gt
6    52.203.22.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-22-13.compute-1.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
35    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
43    172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net
cm.g.doubleclick.net
1    34.160.19.107 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
7    38.98.139.150 (Chicago, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
9    185.167.164.37 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
3    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    2600:9000:246d:ee00:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
3    2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)
892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
11    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
ids.ad.gt
17    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
21    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
pixel-us-east.rubiconproject.com
16    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
6    216.22.16.8 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.smartadserver.com
2    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
5    69.166.1.35 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
42    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
40    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
13    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
4    34.197.26.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-26-74.compute-1.amazonaws.com
ads.yieldmo.com
2    23.215.40.23 (McAllen, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-40-23.deploy.static.akamaitechnologies.com
cs.media.net
hbx.media.net
5    2600:9000:2209:5400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
14    51.222.39.186 (Canada)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net
onetag-sys.com
7    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
9    3.215.203.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-203-164.compute-1.amazonaws.com
rtb.gumgum.com
1    2600:9000:2514:3600:17:c484:6380:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-tam.minutemedia-prebid.com
7    44.207.99.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-99-201.compute-1.amazonaws.com
sync.bfmio.com
6    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
31    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
eu-u.openx.net
8    23.105.12.170 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssbsync-global.smartadserver.com
18    2606:ae80:1471:1b::1690 (United States)

ASN25751 (VALUECLICK, US)
amazon-tam-match.dotomi.com
casale-match.dotomi.com
pulsepoint-match.dotomi.com
pubmatic-match.dotomi.com
33across-match.dotomi.com
triplelift-match.dotomi.com
2    2600:9000:2511:ee00:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
13    23.203.25.11 (Dallas, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-25-11.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    3.225.45.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-45-118.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
30    23.220.121.87 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-121-87.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
11    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
20    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
pixel.advertising.com
9    72.251.238.254 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
45    3.221.79.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-79-249.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
cs.yellowblue.io
cs.minutemedia-prebid.com
51    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
3    52.71.215.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-215-87.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
14    2600:1f18:4e9:5a05:92c5:57a0:36d6:5a53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
37    3.214.33.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-33-241.compute-1.amazonaws.com
usersync.gumgum.com
42    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    131.153.148.3 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
8    64.202.112.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
5    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
12    52.55.40.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-40-211.compute-1.amazonaws.com
sync.srv.stackadapt.com
12    54.146.97.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-97-31.compute-1.amazonaws.com
sync.ipredictive.com
6    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
16    64.74.236.31 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
13    23.219.8.236 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-8-236.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
8    34.201.248.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-248-15.compute-1.amazonaws.com
ad.360yield.com
ice.360yield.com
8    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    202.241.208.56 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
32    162.248.18.32 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
11    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
5    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
12    104.127.172.242 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-172-242.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
31    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
3    23.220.120.23 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-120-23.deploy.static.akamaitechnologies.com
contextual.media.net
3    2603:c020:400d:3000:7130:bb0b:d7e:bee2 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
7    18.235.85.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-85-213.compute-1.amazonaws.com
match.sharethrough.com
19    195.244.31.10 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor.omnitagjs.com
visitor-usa02.omnitagjs.com
3    52.4.169.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-169-33.compute-1.amazonaws.com
ssp.disqus.com
3    37.157.6.232 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
6    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
4    204.62.13.72 (Clifton, United States)

ASN46636 (NATCOWEB, US)
inv-nets.admixer.net
3    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
16    18.164.96.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-50.jfk50.r.cloudfront.net
usr.undertone.com
12    207.198.113.203 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    23.221.12.2 (Montreal, Canada)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-12-2.deploy.static.akamaitechnologies.com
cw.addthis.com
9    52.5.117.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-117-77.compute-1.amazonaws.com
dpm.demdex.net
10    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    3.215.94.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-94-1.compute-1.amazonaws.com
beacon.krxd.net
15    54.158.15.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-15-5.compute-1.amazonaws.com
match.prod.bidr.io
2    52.43.171.21 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-171-21.us-west-2.compute.amazonaws.com
www.storygize.net
9    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
3    74.121.140.211 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    162.248.18.10 (United States)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    3.221.48.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-48-93.compute-1.amazonaws.com
um4.eqads.com
1    67.220.228.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
28    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
3    54.174.208.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-208-173.compute-1.amazonaws.com
ads.avct.cloud
5    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
14    44.228.95.230 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-95-230.us-west-2.compute.amazonaws.com
collector.sheknows.com
1    18.165.26.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-26-102.pit50.r.cloudfront.net
d3r7h55ola878c.cloudfront.net
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
13    2607:f8b0:4004:c08::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    2600:9000:246c:d800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com
feed.pghub.io
pandg.tapad.com
1    2607:f8b0:4004:c19::84 (Washington, United States)

ASN15169 (GOOGLE, US)
lh6.googleusercontent.com
1    2607:f8b0:4004:c08::8b (Ashburn, United States)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
6    2607:f8b0:4004:c19::8b (Washington, United States)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
encrypted-tbn0.gstatic.com
1    2607:f8b0:4004:c08::8a (Ashburn, United States)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
3    2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
pubads.g.doubleclick.net
2    2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    2600:1f13:800:7782:dd1:ab44:ba2a:c71f (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
4    172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net
www.googleadservices.com
3    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    104.18.111.252 (None, )

ASN13335 (CLOUDFLARENET, US)
cs.seedtag.com
3    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.eu.criteo.com
2    35.211.118.13 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 13.118.211.35.bc.googleusercontent.com
r.bidswitch.net
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    2606:4700::6813:9f13 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
1    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
20    35.236.200.4 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.200.236.35.bc.googleusercontent.com
ssp.api.tappx.com
2    2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    52.23.107.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-107-16.compute-1.amazonaws.com
ads.creative-serving.com
3    2600:1408:c400:59::17d5:9e14 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
csync.smartadserver.com
14    162.55.236.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.236.55.162.clients.your-server.de
sync.richaudience.com
5    67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
3    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
1    47.252.78.131 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
3    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
6    173.231.178.83 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
4    52.86.45.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-45-136.compute-1.amazonaws.com
pm.w55c.net
3    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
1    172.105.235.90 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1889-90.members.linode.com
s.c.appier.net
1    18.164.96.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-6.jfk50.r.cloudfront.net
api-2-0.spot.im
1    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
1    34.230.226.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-226-68.compute-1.amazonaws.com
jadserve.postrelease.com
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
5    2600:1f18:61c0:2204:330d:d91c:ff43:9dc5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
d.adroll.com
4    34.193.131.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-131-34.compute-1.amazonaws.com
rtb.adentifi.com
5    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
1    2607:4f00:946::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.spotim.market
3    23.105.12.173 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
2    34.233.10.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-10-41.compute-1.amazonaws.com
thrtle.com
1    52.4.119.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-119-35.compute-1.amazonaws.com
crb.kargo.com
2    2606:4700:20::681a:832 (United States)

ASN13335 (CLOUDFLARENET, US)
a.clickcertain.com
2    54.71.6.251 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-6-251.us-west-2.compute.amazonaws.com
a.usbrowserspeed.com
2    38.98.69.175 (New York, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
1    2600:1408:c400:8::17cd:680d (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
1    2607:f8b0:4004:c07::95 (Washington, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
21    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
cms-xch-chicago.33across.com
24    2606:4700:10::6816:2460 (United States)

ASN13335 (CLOUDFLARENET, US)
sync.quantumdex.io
2    213.19.162.80 (United Kingdom)

ASN3356 (LEVEL3, US)
pixel-eu.rubiconproject.com
6    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.spotim.market
sync.adtelligent.com
1    2606:4700:3031::6815:29fd (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
1    8.28.7.105 (United States)

ASN62713 (AS-PUBMATIC, US)
ow.pubmatic.com
1    2606:4700:4400::ac40:97ee (United States)

ASN13335 (CLOUDFLARENET, US)
idpix.media6degrees.com
1    52.201.5.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-5-219.compute-1.amazonaws.com
aorta.clickagy.com
2    2604:9e00:1:129::2:a01 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.marketiq.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
3    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
5    107.23.73.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-73-10.compute-1.amazonaws.com
i.liadm.com
1    2600:1f18:ed:550a:4bc9:ac6a:bf5b:3f86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    54.204.10.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-10-18.compute-1.amazonaws.com
i.w55c.net
2    13.225.214.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-84.ewr50.r.cloudfront.net
aa.agkn.com
2    34.205.113.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-113-183.compute-1.amazonaws.com
bpi.rtactivate.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
2    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
1    172.104.64.149 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1674-149.members.linode.com
gocm.c.appier.net
1    34.240.222.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-222-243.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
1    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
us.creativecdn.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    20.85.134.6 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    184.86.146.172 (Eden Prairie, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-86-146-172.deploy.static.akamaitechnologies.com
px.owneriq.net
2    34.204.212.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-212-37.compute-1.amazonaws.com
io.narrative.io
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
4    44.206.88.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-88-126.compute-1.amazonaws.com
a.audrte.com
3    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel.onaudience.com
1    2600:1f18:765:4800:7681:18d0:4c60:ba77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pxl.iqm.com
1    8.2.110.206 (United States)

ASN46636 (NATCOWEB, US)
cs.mobfox.com
5    23.200.0.13 (None, )

ASN- ()
clipcentric-a.akamaihd.net
1    2600:1408:c400:1885::1ec4 (None, )

ASN- ()
secure.insightexpressai.com
7    3.227.84.17 (None, )

ASN- ()
tr.clipcentric.com
2    142.251.163.148 (None, )

ASN- ()
ad.doubleclick.net
Apex Domain
Subdomains		 Transfer
112 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 895
ads.pubmatic.com — Cisco Umbrella Rank: 513
image8.pubmatic.com — Cisco Umbrella Rank: 653
image4.pubmatic.com — Cisco Umbrella Rank: 1151
image6.pubmatic.com — Cisco Umbrella Rank: 752
aud.pubmatic.com — Cisco Umbrella Rank: 16994
simage2.pubmatic.com — Cisco Umbrella Rank: 794
simage4.pubmatic.com — Cisco Umbrella Rank: 1267
ow.pubmatic.com — Cisco Umbrella Rank: 1760
119 KB
90 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 811
fastlane.rubiconproject.com — Cisco Umbrella Rank: 510
token.rubiconproject.com — Cisco Umbrella Rank: 597
eus.rubiconproject.com — Cisco Umbrella Rank: 593
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1036
pixel.rubiconproject.com — Cisco Umbrella Rank: 366
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1110
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2179
208 KB
71 shefinds.com
shefinds.com — Cisco Umbrella Rank: 120631
www.shefinds.com — Cisco Umbrella Rank: 121030
4 MB
67 casalemedia.com
as-sec.casalemedia.com Failed
htlb.casalemedia.com — Cisco Umbrella Rank: 567
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 475
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
dsum.casalemedia.com — Cisco Umbrella Rank: 1377
ssum.casalemedia.com — Cisco Umbrella Rank: 1340
r.casalemedia.com — Cisco Umbrella Rank: 1668
60 KB
62 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
stats.g.doubleclick.net — Cisco Umbrella Rank: 87
cm.g.doubleclick.net — Cisco Umbrella Rank: 237
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
pubads.g.doubleclick.net — Cisco Umbrella Rank: 421
ad.doubleclick.net
242 KB
52 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1064
events-ssc.33across.com — Cisco Umbrella Rank: 2095
cms-xch-chicago.33across.com — Cisco Umbrella Rank: 5061
20 KB
52 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 583
eb2.3lift.com — Cisco Umbrella Rank: 388
26 KB
51 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1524
rtb.gumgum.com — Cisco Umbrella Rank: 1500
usersync.gumgum.com — Cisco Umbrella Rank: 1853
19 KB
50 amazon-adsystem.com
z-na.amazon-adsystem.com — Cisco Umbrella Rank: 8477
aax-us-east.amazon-adsystem.com — Cisco Umbrella Rank: 915
c.amazon-adsystem.com — Cisco Umbrella Rank: 327
fls-na.amazon-adsystem.com — Cisco Umbrella Rank: 7882
aax.amazon-adsystem.com — Cisco Umbrella Rank: 404
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1076
61 KB
46 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 239
secure.adnxs.com — Cisco Umbrella Rank: 450
acdn.adnxs.com — Cisco Umbrella Rank: 578
84 KB
44 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 342
r.bidswitch.net — Cisco Umbrella Rank: 6090
20 KB
44 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 755
id5-sync.com — Cisco Umbrella Rank: 400
117 KB
37 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1973
ups.analytics.yahoo.com — Cisco Umbrella Rank: 326
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 451
26 KB
35 openx.net
u.openx.net — Cisco Umbrella Rank: 670
us-u.openx.net — Cisco Umbrella Rank: 478
rtb.openx.net — Cisco Umbrella Rank: 751
eu-u.openx.net — Cisco Umbrella Rank: 2529
5 KB
33 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 348
direct.adsrvr.org — Cisco Umbrella Rank: 3526
19 KB
33 blogherads.com
ads.blogherads.com — Cisco Umbrella Rank: 14927
764 KB
29 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 561
19 KB
24 quantumdex.io
sync.quantumdex.io — Cisco Umbrella Rank: 2704
4 KB
24 minutemedia-prebid.com
cs-tam.minutemedia-prebid.com — Cisco Umbrella Rank: 8256
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 3806
12 KB
22 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2190
cs.yellowblue.io — Cisco Umbrella Rank: 2392
12 KB
22 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 4532
cs.seedtag.com — Cisco Umbrella Rank: 11592
17 KB
20 tappx.com
ssp.api.tappx.com — Cisco Umbrella Rank: 4031
11 KB
20 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1345
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6101
ssbsync.smartadserver.com — Cisco Umbrella Rank: 777
csync.smartadserver.com — Cisco Umbrella Rank: 3414
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 682
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1578
27 KB
20 googlesyndication.com
892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
263 KB
20 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3516
pixel.adsafeprotected.com — Cisco Umbrella Rank: 739
static.adsafeprotected.com — Cisco Umbrella Rank: 607
dt.adsafeprotected.com — Cisco Umbrella Rank: 579
226 KB
19 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 944
visitor-usa02.omnitagjs.com — Cisco Umbrella Rank: 25444
5 KB
19 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 659
ce.lijit.com — Cisco Umbrella Rank: 857
16 KB
19 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 3720
cdn.undertone.com — Cisco Umbrella Rank: 3447
usr.undertone.com — Cisco Umbrella Rank: 2319
13 KB
18 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 4956
casale-match.dotomi.com — Cisco Umbrella Rank: 2949
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 7135
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3398
33across-match.dotomi.com — Cisco Umbrella Rank: 3384
triplelift-match.dotomi.com — Cisco Umbrella Rank: 3748
6 KB
17 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 473
pandg.tapad.com — Cisco Umbrella Rank: 2374
3 KB
17 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1772
a.ad.gt — Cisco Umbrella Rank: 2369
p.ad.gt — Cisco Umbrella Rank: 2749
ids.ad.gt — Cisco Umbrella Rank: 1563
pixels.ad.gt — Cisco Umbrella Rank: 2553
17 KB
17 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 880
assets.a-mo.net — Cisco Umbrella Rank: 1725
11 KB
16 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 546
10 KB
15 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 564
7 KB
15 turn.com
d.turn.com — Cisco Umbrella Rank: 1356
ad.turn.com — Cisco Umbrella Rank: 834
7 KB
14 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1819
5 KB
14 sheknows.com
collector.sheknows.com — Cisco Umbrella Rank: 17498
1 KB
14 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 736
11 KB
13 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 584
tags.bluekai.com — Cisco Umbrella Rank: 631
5 KB
13 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1043
ats.rlcdn.com — Cisco Umbrella Rank: 3550
idsync.rlcdn.com — Cisco Umbrella Rank: 395
id.rlcdn.com — Cisco Umbrella Rank: 740
79 KB
12 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 706
8 KB
12 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 925
6 KB
12 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 716
5 KB
12 adform.net
c1.adform.net — Cisco Umbrella Rank: 591
cm.adform.net — Cisco Umbrella Rank: 1198
dmp.adform.net — Cisco Umbrella Rank: 3237
6 KB
12 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 767
gum.criteo.com — Cisco Umbrella Rank: 426
dis.criteo.com — Cisco Umbrella Rank: 596
mug.criteo.com — Cisco Umbrella Rank: 2631
dis.eu.criteo.com — Cisco Umbrella Rank: 6713
11 KB
12 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2946
srv-2023-09-04-02.pixel.parsely.com
113 KB
11 gstatic.com
www.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
fonts.gstatic.com
csi.gstatic.com Failed
221 KB
11 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 551
10 KB
11 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1239
6 KB
10 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2033
288 KB
9 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 223
8 KB
9 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2877
api.permutive.com — Cisco Umbrella Rank: 2160
486 KB
9 boomtrain.com
cdn.boomtrain.com — Cisco Umbrella Rank: 5326
people.api.boomtrain.com — Cisco Umbrella Rank: 5681
69 KB
8 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 692
2 KB
8 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 701
ice.360yield.com — Cisco Umbrella Rank: 2062
3 KB
8 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 778
3 KB
8 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 809
bcp.crwdcntrl.net — Cisco Umbrella Rank: 776
sync.crwdcntrl.net — Cisco Umbrella Rank: 795
25 KB
8 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
cdn.indexww.com — Cisco Umbrella Rank: 1556
32 KB
7 clipcentric.com
tr.clipcentric.com
953 B
7 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 558
2 KB
7 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1567
4 KB
7 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 791
3 KB
7 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 537
4 KB
7 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 2283
i.liadm.com — Cisco Umbrella Rank: 623
i6.liadm.com — Cisco Umbrella Rank: 2522
4 KB
7 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
349 B
7 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1240
pixel.quantserve.com — Cisco Umbrella Rank: 928
cms.quantserve.com — Cisco Umbrella Rank: 756
12 KB
6 spotim.market
s.spotim.market — Cisco Umbrella Rank: 5110
sync.spotim.market — Cisco Umbrella Rank: 2566
3 KB
6 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1651
dsp.adkernel.com — Cisco Umbrella Rank: 5726
4 KB
6 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1395
3 KB
6 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1532
4 KB
6 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 570
us.creativecdn.com — Cisco Umbrella Rank: 2873
2 KB
6 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1052
2 KB
6 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 937
528 B
6 kargo.com
socialcanvas-api.kargo.com — Cisco Umbrella Rank: 9007
socialcanvas-cdn.kargo.com — Cisco Umbrella Rank: 9141
krk.kargo.com — Cisco Umbrella Rank: 5068
crb.kargo.com — Cisco Umbrella Rank: 1575
89 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
23 KB
6 cloudfront.net
d3ezl4ajpp2zy8.cloudfront.net Failed
d1z2jf7jlzjs58.cloudfront.net
d15kdpgjg3unno.cloudfront.net
dyv1bugovvq1g.cloudfront.net
d3r7h55ola878c.cloudfront.net
53 KB
6 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 368
fonts.googleapis.com — Cisco Umbrella Rank: 41
imasdk.googleapis.com — Cisco Umbrella Rank: 488
445 KB
6 marfeelcache.com
bc.marfeelcache.com — Cisco Umbrella Rank: 223605
14 KB
5 akamaihd.net
clipcentric-a.akamaihd.net
73 KB
5 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1311
901 B
5 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 854
i.w55c.net — Cisco Umbrella Rank: 2115
4 KB
5 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1558
hde.tynt.com — Cisco Umbrella Rank: 3819
13 KB
5 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 812
4 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 365
2 KB
5 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 753
3 KB
5 media.net
cs.media.net — Cisco Umbrella Rank: 1454
contextual.media.net — Cisco Umbrella Rank: 666
hbx.media.net — Cisco Umbrella Rank: 1253
3 KB
5 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 677
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5276
3 KB
5 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 929
3 KB
5 keywee.co
cdn.keywee.co — Cisco Umbrella Rank: 14788
pixel.keywee.co — Cisco Umbrella Rank: 13044
34 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 169
212 KB
5 lightboxcdn.com
www.lightboxcdn.com — Cisco Umbrella Rank: 5810
143 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2537
3 KB
4 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1187
812 B
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 149
4 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2551
2 KB
4 narrativ.com
events.release.narrativ.com — Cisco Umbrella Rank: 8731
2 KB
4 typenetwork.com
cloud.typenetwork.com — Cisco Umbrella Rank: 29058
fastly-cloud.typenetwork.com — Cisco Umbrella Rank: 42943
72 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2967
1 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 805
s.tribalfusion.com — Cisco Umbrella Rank: 1949
1 KB
3 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1476
2 KB
3 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5311
907 B
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214
170 KB
3 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 4270
2 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1098
2 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1061
1 KB
3 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1334
586 B
3 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1382
8 KB
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1493
1 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 603
73 KB
3 justpremium.com
pre.ads.justpremium.com — Cisco Umbrella Rank: 7877
match.justpremium.com — Cisco Umbrella Rank: 3825
6 KB
3 google.com
analytics.google.com — Cisco Umbrella Rank: 164
www.google.com — Cisco Umbrella Rank: 2
783 B
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 165
3 KB
3 boomtrain.net
onsite.boomtrain.net — Cisco Umbrella Rank: 230926
2 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1033
31 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
11 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 4036
643 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1590
1 KB
2 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1278
1 KB
2 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1443
217 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 527
1 KB
2 marketiq.com
rtb2-useast.marketiq.com — Cisco Umbrella Rank: 4278
760 B
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4828
967 B
2 usbrowserspeed.com
a.usbrowserspeed.com — Cisco Umbrella Rank: 6839
526 B
2 clickcertain.com
a.clickcertain.com — Cisco Umbrella Rank: 4245
1 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1266
683 B
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 862
674 B
2 appier.net
s.c.appier.net — Cisco Umbrella Rank: 4293
gocm.c.appier.net — Cisco Umbrella Rank: 2344
812 B
2 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1506
726 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4404
1 KB
2 bing.com
c.bing.com — Cisco Umbrella Rank: 236
972 B
2 pghub.io
pghub.io — Cisco Umbrella Rank: 1976
feed.pghub.io — Cisco Umbrella Rank: 2270
6 KB
2 storygize.net
www.storygize.net — Cisco Umbrella Rank: 2362
758 B
2 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 654
675 B
2 addthis.com
cw.addthis.com — Cisco Umbrella Rank: 2686
852 B
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1555
484 B
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1188
2 KB
2 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1866
19 KB
2 shemedia.com
ads.shemedia.com — Cisco Umbrella Rank: 16711
1 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 727
script.hotjar.com — Cisco Umbrella Rank: 906
59 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
157 KB
1 insightexpressai.com
secure.insightexpressai.com
2 KB
1 mobfox.com
cs.mobfox.com — Cisco Umbrella Rank: 3013
540 B
1 iqm.com
pxl.iqm.com — Cisco Umbrella Rank: 4509
527 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2518
555 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4078
467 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5941
279 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6515
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3663
347 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5694
368 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2447
397 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2773
308 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 998
310 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1965
654 B
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 1693
557 B
1 adtelligent.com
sync.adtelligent.com — Cisco Umbrella Rank: 3092
473 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 1809
619 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 311
17 KB
1 sascdn.com
ced-ns.sascdn.com — Cisco Umbrella Rank: 2869
3 KB
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1210
598 B
1 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 2812
662 B
1 spot.im
api-2-0.spot.im — Cisco Umbrella Rank: 2947
457 B
1 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 4358
285 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1263
641 B
1 googleusercontent.com
lh6.googleusercontent.com — Cisco Umbrella Rank: 434
456 KB
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 3859
1 eqads.com
um4.eqads.com — Cisco Umbrella Rank: 2712
271 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1998
173 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 729
633 B
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 3323
609 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1732
2 KB
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1603
350 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 936
403 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1190
17 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1934
610 B
1 amazonaws.com
sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5034
682 B
1 prmutv.co
3d2fb0bd-52fc-4b75-aaf5-2d436c172540.prmutv.co — Cisco Umbrella Rank: 25701
394 B
1 admantx.com
async01.admantx.com — Cisco Umbrella Rank: 36223
1 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2658
258 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 5443
350 B
1 azurewebsites.net
lightboxapi.azurewebsites.net — Cisco Umbrella Rank: 25550
1 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1136
635 B
1 rhombusads.com
cdn.rhombusads.com — Cisco Umbrella Rank: 29920
71 KB
1 rmtag.com
intljs.rmtag.com — Cisco Umbrella Rank: 12464
6 KB
1 bam-x.com
static.bam-x.com — Cisco Umbrella Rank: 74647
42 KB
1 sellwild.com
widget.sellwild.com — Cisco Umbrella Rank: 42762
30 KB
0 semasio.net Failed
uipglob.semasio.net Failed
0 adotmob.com Failed
sync.adotmob.com Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
0 loopme.me Failed
csync.loopme.me Failed
0 colossusssp.com Failed
sync.colossusssp.com Failed
1117 190
Domain Requested by
69 www.shefinds.com www.shefinds.com
51 eb2.3lift.com 11 redirects s.amazon-adsystem.com
ads.blogherads.com
tagan.adlightning.com
eb2.3lift.com
sync.quantumdex.io
43 cm.g.doubleclick.net 34 redirects u.openx.net
rtb.gumgum.com
sync-amz.ads.yieldmo.com
eus.rubiconproject.com
eb2.3lift.com
42 x.bidswitch.net 42 redirects
42 id5-sync.com 36 redirects www.shefinds.com
37 usersync.gumgum.com 2 redirects rtb.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
35 s.amazon-adsystem.com 1 redirects tagan.adlightning.com
ssum-sec.casalemedia.com
s.amazon-adsystem.com
u.openx.net
rtb.gumgum.com
sync-amz.ads.yieldmo.com
cs-server-s2s.yellowblue.io
cs-tam.minutemedia-prebid.com
cdn.undertone.com
sync.bfmio.com
bh.contextweb.com
ce.lijit.com
eus.rubiconproject.com
ads.pubmatic.com
eb2.3lift.com
33 ads.blogherads.com www.shefinds.com
ads.blogherads.com
tagan.adlightning.com
32 image8.pubmatic.com 27 redirects s.amazon-adsystem.com
ads.pubmatic.com
32 ib.adnxs.com 17 redirects cdn.permutive.com
www.shefinds.com
ads.blogherads.com
acdn.adnxs.com
eb2.3lift.com
31 ssc-cms.33across.com 31 redirects
31 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
31 match.adsrvr.org 30 redirects js-sec.indexww.com
30 eus.rubiconproject.com s.amazon-adsystem.com
rtb.gumgum.com
cs-server-s2s.yellowblue.io
eus.rubiconproject.com
cs-tam.minutemedia-prebid.com
cdn.undertone.com
ads.blogherads.com
cs.seedtag.com
ssp.api.tappx.com
visitor.omnitagjs.com
de.tynt.com
hde.tynt.com
tagan.adlightning.com
29 sync.1rx.io 28 redirects ssp.api.tappx.com
28 simage2.pubmatic.com 15 redirects s.amazon-adsystem.com
ads.pubmatic.com
sync.quantumdex.io
25 us-u.openx.net 8 redirects u.openx.net
s.amazon-adsystem.com
sync.richaudience.com
us-u.openx.net
de.tynt.com
24 sync.quantumdex.io sync.adkernel.com
sync.quantumdex.io
cs-server-s2s.yellowblue.io
ssum-sec.casalemedia.com
ads.pubmatic.com
23 cs.minutemedia-prebid.com cs-tam.minutemedia-prebid.com
s.amazon-adsystem.com
eus.rubiconproject.com
22 ssum-sec.casalemedia.com 5 redirects ads.blogherads.com
ssum-sec.casalemedia.com
s.amazon-adsystem.com
cdn.undertone.com
js-sec.indexww.com
sync.quantumdex.io
sync.richaudience.com
21 s.seedtag.com www.shefinds.com
cs.seedtag.com
hde.tynt.com
eus.rubiconproject.com
ads.pubmatic.com
21 prebid-server.rubiconproject.com www.shefinds.com
ssum-sec.casalemedia.com
u.openx.net
ads.blogherads.com
eb2.3lift.com
ssp.api.tappx.com
rtb.gumgum.com
de.tynt.com
onetag-sys.com
20 events-ssc.33across.com de.tynt.com
hde.tynt.com
eus.rubiconproject.com
us-u.openx.net
ads.pubmatic.com
20 ssp.api.tappx.com ads.blogherads.com
ssp.api.tappx.com
de.tynt.com
eus.rubiconproject.com
tagan.adlightning.com
ads.pubmatic.com
sync.adkernel.com
18 ups.analytics.yahoo.com 17 redirects u.openx.net
17 image2.pubmatic.com 13 redirects ads.pubmatic.com
16 usr.undertone.com cdn.undertone.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
16 b1sync.zemanta.com 16 redirects
16 cs-server-s2s.yellowblue.io s.amazon-adsystem.com
cs-server-s2s.yellowblue.io
ads.pubmatic.com
s.spotim.market
sync.quantumdex.io
16 pixel.tapad.com 11 redirects sync-amz.ads.yieldmo.com
s.amazon-adsystem.com
u.openx.net
pandg.tapad.com
ssp.api.tappx.com
15 match.prod.bidr.io 15 redirects
15 prebid.a-mo.net 7 redirects www.shefinds.com
ads.blogherads.com
14 sync.richaudience.com 6 redirects cs.seedtag.com
ssp.api.tappx.com
sync.richaudience.com
us-u.openx.net
ssum-sec.casalemedia.com
14 collector.sheknows.com www.shefinds.com
14 pr-bh.ybp.yahoo.com 5 redirects u.openx.net
ssum-sec.casalemedia.com
s.amazon-adsystem.com
14 onetag-sys.com s.amazon-adsystem.com
cs-server-s2s.yellowblue.io
cs-tam.minutemedia-prebid.com
cs.seedtag.com
visitor.omnitagjs.com
sync.adkernel.com
s.spotim.market
sync.quantumdex.io
sync.richaudience.com
tagan.adlightning.com
13 tpc.googlesyndication.com 2 redirects 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
13 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
cs.seedtag.com
ssp.api.tappx.com
de.tynt.com
hde.tynt.com
s.spotim.market
sync.quantumdex.io
13 ad.turn.com 13 redirects
12 pixel-sync.sitescout.com 12 redirects
12 visitor.omnitagjs.com 1 redirects cs.seedtag.com
visitor.omnitagjs.com
ssbsync.smartadserver.com
s.spotim.market
eus.rubiconproject.com
12 secure-assets.rubiconproject.com 12 redirects
12 sync.ipredictive.com 12 redirects
12 sync.srv.stackadapt.com 8 redirects eb2.3lift.com
12 securepubads.g.doubleclick.net 2 redirects ads.blogherads.com
tagan.adlightning.com
securepubads.g.doubleclick.net
www.shefinds.com
11 pixel.rubiconproject.com 8 redirects eus.rubiconproject.com
11 bh.contextweb.com 8 redirects s.amazon-adsystem.com
bh.contextweb.com
11 sync.targeting.unrulymedia.com 9 redirects cs-server-s2s.yellowblue.io
11 secure.adnxs.com 11 redirects
11 ids.ad.gt www.shefinds.com
ssum-sec.casalemedia.com
10 ap.lijit.com 7 redirects www.shefinds.com
ads.blogherads.com
visitor.omnitagjs.com
10 tagan.adlightning.com ads.blogherads.com
tagan.adlightning.com
892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
9 dt.adsafeprotected.com www.shefinds.com
9 image6.pubmatic.com 4 redirects ads.pubmatic.com
9 dpm.demdex.net 3 redirects cdn.undertone.com
www.shefinds.com
ssum-sec.casalemedia.com
9 stags.bluekai.com 8 redirects us-u.openx.net
9 ce.lijit.com 5 redirects s.amazon-adsystem.com
ce.lijit.com
9 rtb.gumgum.com 6 redirects s.amazon-adsystem.com
pre.ads.justpremium.com
tagan.adlightning.com
9 dsum.casalemedia.com ssum-sec.casalemedia.com
8 sync-tm.everesttech.net 7 redirects ads.pubmatic.com
8 sync.outbrain.com 6 redirects rtb.gumgum.com
8 c1.adform.net 8 redirects
7 tr.clipcentric.com www.shefinds.com
7 visitor-usa02.omnitagjs.com visitor.omnitagjs.com
7 idsync.rlcdn.com 4 redirects u.openx.net
cdn.undertone.com
ssp.api.tappx.com
7 match.sharethrough.com 7 redirects
7 sync.bfmio.com s.amazon-adsystem.com
sync.bfmio.com
7 um.simpli.fi 7 redirects
7 ads.stickyadstv.com 1 redirects ssum-sec.casalemedia.com
7 api.permutive.com www.shefinds.com
7 www.facebook.com www.shefinds.com
6 cm.adgrx.com 6 redirects
6 pubmatic-match.dotomi.com 6 redirects
6 ads.betweendigital.com 6 redirects
6 cs.yellowblue.io sync-amz.ads.yieldmo.com
cs-server-s2s.yellowblue.io
ce.lijit.com
eus.rubiconproject.com
6 image4.pubmatic.com 2 redirects sync-amz.ads.yieldmo.com
cs-server-s2s.yellowblue.io
cs-tam.minutemedia-prebid.com
cdn.undertone.com
6 ssbsync.smartadserver.com 5 redirects visitor.omnitagjs.com
6 ad.360yield.com 6 redirects
6 match.deepintent.com 5 redirects rtb.gumgum.com
6 cs.admanmedia.com s.amazon-adsystem.com
rtb.gumgum.com
cs-tam.minutemedia-prebid.com
ssbsync.smartadserver.com
de.tynt.com
6 sync.smartadserver.com 5 redirects www.shefinds.com
6 www.google-analytics.com www.googletagmanager.com
ads.blogherads.com
www.google-analytics.com
6 srv-2023-09-04-02.pixel.parsely.com www.shefinds.com
6 people.api.boomtrain.com cdn.boomtrain.com
6 cdn.parsely.com www.shefinds.com
d1z2jf7jlzjs58.cloudfront.net
6 bc.marfeelcache.com www.shefinds.com
bc.marfeelcache.com
5 clipcentric-a.akamaihd.net tagan.adlightning.com
www.shefinds.com
clipcentric-a.akamaihd.net
5 i.liadm.com 3 redirects us-u.openx.net
sync.quantumdex.io
5 sync.spotim.market 2 redirects s.spotim.market
ads.pubmatic.com
5 sync.adkernel.com ssp.api.tappx.com
sync.adkernel.com
sync.quantumdex.io
5 d.adroll.com ssum-sec.casalemedia.com
5 simage4.pubmatic.com ads.pubmatic.com
5 static.adsafeprotected.com tagan.adlightning.com
www.shefinds.com
5 p.rfihub.com 5 redirects
5 pixel-us-east.rubiconproject.com 5 redirects
5 px.ads.linkedin.com 1 redirects cdn.undertone.com
eus.rubiconproject.com
eb2.3lift.com
5 creativecdn.com 5 redirects
5 dis.criteo.com 5 redirects
5 u.openx.net 3 redirects s.amazon-adsystem.com
ads.blogherads.com
5 s.ad.smaato.net 5 redirects
5 sync.go.sonobi.com 4 redirects www.shefinds.com
5 token.rubiconproject.com 5 redirects
5 cms.quantserve.com 5 redirects
5 c2shb.ssp.yahoo.com www.shefinds.com
5 g2.gumgum.com www.shefinds.com
5 pixel.adsafeprotected.com 1 redirects cdn.adsafeprotected.com
tagan.adlightning.com
www.shefinds.com
5 js-sec.indexww.com ads.blogherads.com
tagan.adlightning.com
5 connect.facebook.net www.shefinds.com
connect.facebook.net
5 www.lightboxcdn.com www.shefinds.com
www.lightboxcdn.com
4 a.audrte.com 3 redirects cs.seedtag.com
4 33across-match.dotomi.com 4 redirects
4 rtb.adentifi.com 2 redirects ssum-sec.casalemedia.com
s.amazon-adsystem.com
4 pm.w55c.net 4 redirects
4 de.tynt.com 1 redirects ssp.api.tappx.com
ads.blogherads.com
tagan.adlightning.com
4 pagead2.googlesyndication.com tagan.adlightning.com
imasdk.googleapis.com
4 www.googleadservices.com www.shefinds.com
4 encrypted-tbn0.gstatic.com 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
4 tags.bluekai.com 1 redirects cdn.undertone.com
cs.seedtag.com
4 sync.crwdcntrl.net 3 redirects sync.quantumdex.io
4 inv-nets.admixer.net 4 redirects
4 rtb.openx.net 3 redirects us-u.openx.net
4 ads.yieldmo.com 2 redirects s.amazon-adsystem.com
sync-amz.ads.yieldmo.com
4 fastlane.rubiconproject.com www.shefinds.com
ads.blogherads.com
4 events.release.narrativ.com static.bam-x.com
www.shefinds.com
4 cdn.keywee.co 1 redirects www.shefinds.com
cdn.keywee.co
3 pixel.onaudience.com 3 redirects
3 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
3 cdn.indexww.com ssum-sec.casalemedia.com
3 t.adx.opera.com 3 redirects
3 pool.admedo.com 3 redirects
3 csync.smartadserver.com cs.seedtag.com
csync.smartadserver.com
3 dis.eu.criteo.com 3 redirects
3 acdn.adnxs.com ads.blogherads.com
tagan.adlightning.com
3 id.rlcdn.com 1 redirects visitor.omnitagjs.com
us-u.openx.net
3 www.googletagservices.com tagan.adlightning.com
892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
3 ads.avct.cloud 3 redirects
3 sync.mathtag.com 3 redirects
3 rtb.mfadsrvr.com 3 redirects
3 cm.adform.net 3 redirects
3 ssp.disqus.com 3 redirects
3 sync.technoratimedia.com 3 redirects
3 contextual.media.net cs-server-s2s.yellowblue.io
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
3 static.criteo.net tagan.adlightning.com
ads.blogherads.com
www.shefinds.com
3 htlb.casalemedia.com www.shefinds.com
ads.blogherads.com
3 fls-na.amazon-adsystem.com www.shefinds.com
3 c.amazon-adsystem.com ads.blogherads.com
www.shefinds.com
3 sb.scorecardresearch.com 1 redirects ads.blogherads.com
www.shefinds.com
3 aax-us-east.amazon-adsystem.com z-na.amazon-adsystem.com
3 onsite.boomtrain.net cdn.boomtrain.com
3 d1z2jf7jlzjs58.cloudfront.net www.shefinds.com
3 z-na.amazon-adsystem.com www.shefinds.com
3 maxcdn.bootstrapcdn.com www.shefinds.com
3 cdn.boomtrain.com www.shefinds.com
3 ajax.googleapis.com www.shefinds.com
3 cloud.typenetwork.com www.shefinds.com
3 cdnjs.cloudflare.com www.shefinds.com
2 ad.doubleclick.net 1 redirects www.shefinds.com
2 io.narrative.io 1 redirects sync.quantumdex.io
2 px.owneriq.net 2 redirects
2 triplelift-match.dotomi.com 2 redirects
2 ums.acuityplatform.com 2 redirects
2 bpi.rtactivate.com us-u.openx.net
sync.quantumdex.io
2 aa.agkn.com us-u.openx.net
cs.seedtag.com
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 rtb2-useast.marketiq.com 2 redirects
2 pixel-eu.rubiconproject.com 2 redirects
2 pmp.mxptint.net 1 redirects s.amazon-adsystem.com
2 a.usbrowserspeed.com 2 redirects
2 a.clickcertain.com 2 redirects
2 thrtle.com 1 redirects s.amazon-adsystem.com
2 bttrack.com 2 redirects
2 s.company-target.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 imasdk.googleapis.com ads.blogherads.com
imasdk.googleapis.com
2 assets.a-mo.net prebid.a-mo.net
assets.a-mo.net
2 c.bing.com eb2.3lift.com
2 r.bidswitch.net 2 redirects
2 ice.360yield.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 googleads.g.doubleclick.net 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
2 encrypted-tbn3.gstatic.com 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
2 pulsepoint-match.dotomi.com 2 redirects
2 www.storygize.net 2 redirects
2 beacon.krxd.net cdn.undertone.com
2 cw.addthis.com cdn.undertone.com
2 pixel.advertising.com 2 redirects
2 tg.socdm.com 2 redirects
2 casale-match.dotomi.com 2 redirects
2 gum.criteo.com 1 redirects tagan.adlightning.com
2 cdn.undertone.com s.amazon-adsystem.com
ads.blogherads.com
2 amazon-tam-match.dotomi.com 2 redirects
2 d.turn.com 2 redirects
2 a.ad.gt tagan.adlightning.com
www.shefinds.com
2 bcp.crwdcntrl.net www.shefinds.com
ssp.api.tappx.com
2 id.hadron.ad.gt www.shefinds.com
2 cdn.id5-sync.com tagan.adlightning.com
2 cdn.hadronid.net www.shefinds.com
2 tags.crwdcntrl.net tagan.adlightning.com
2 direct.adsrvr.org www.shefinds.com
2 krk.kargo.com www.shefinds.com
2 pre.ads.justpremium.com www.shefinds.com
ads.blogherads.com
2 www.google.com 1 redirects www.shefinds.com
2 aax.amazon-adsystem.com www.shefinds.com
2 stats.g.doubleclick.net www.shefinds.com
www.googletagmanager.com
2 socialcanvas-api.kargo.com www.shefinds.com
2 api.rlcdn.com js-sec.indexww.com
www.shefinds.com
2 cdn.permutive.com ads.blogherads.com
www.shefinds.com
2 ads.shemedia.com ads.blogherads.com
tagan.adlightning.com
2 www.googletagmanager.com www.shefinds.com
ads.blogherads.com
2 shefinds.com 2 redirects
1 secure.insightexpressai.com tagan.adlightning.com
1 cs.mobfox.com 1 redirects
1 pxl.iqm.com 1 redirects
1 dmp.adform.net 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 mweb.ck.inmobi.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 us.creativecdn.com 1 redirects
1 synchroscript.deliveryengine.adswizz.com ssp.api.tappx.com
1 gocm.c.appier.net 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 eu-u.openx.net us-u.openx.net
1 i.w55c.net 1 redirects
1 cms-xch-chicago.33across.com de.tynt.com
1 i6.liadm.com ssum-sec.casalemedia.com
1 s.tribalfusion.com 1 redirects
1 sync.taboola.com 1 redirects
1 dsp.adkernel.com 1 redirects
1 aorta.clickagy.com 1 redirects
1 idpix.media6degrees.com 1 redirects
1 pubads.g.doubleclick.net imasdk.googleapis.com
1 sync.adtelligent.com sync.quantumdex.io
1 ow.pubmatic.com www.shefinds.com
1 ssbsync-global.smartadserver.com 1 redirects
1 id.a-mx.com 1 redirects
1 s0.2mdn.net imasdk.googleapis.com
1 ced-ns.sascdn.com csync.smartadserver.com
1 crb.kargo.com s.amazon-adsystem.com
1 s.spotim.market visitor.omnitagjs.com
1 jadserve.postrelease.com 1 redirects
1 csync.smilewanted.com 1 redirects
1 api-2-0.spot.im visitor.omnitagjs.com
1 s.c.appier.net 1 redirects
1 event.clientgear.com 1 redirects
1 hde.tynt.com cs.seedtag.com
1 match.justpremium.com pre.ads.justpremium.com
1 odr.mookie1.com 1 redirects
1 cs.seedtag.com ads.blogherads.com
1 encrypted-tbn2.gstatic.com 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
1 encrypted-tbn1.gstatic.com 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
1 lh6.googleusercontent.com 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
1 pandg.tapad.com pghub.io
1 feed.pghub.io 1 redirects
1 www.gstatic.com 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
1 fonts.googleapis.com 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
1 hbx.media.net 1 redirects
1 pghub.io ads.blogherads.com
1 d3r7h55ola878c.cloudfront.net www.lightboxcdn.com
1 us01.z.antigena.com s.amazon-adsystem.com
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 um4.eqads.com 1 redirects
1 aud.pubmatic.com www.shefinds.com
1 r.casalemedia.com ssum-sec.casalemedia.com
1 tr.blismedia.com ce.lijit.com
1 pippio.com 1 redirects
1 mug.criteo.com www.shefinds.com
1 ssum.casalemedia.com 1 redirects
1 server.cpmstar.com 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 ssbsync-us.smartadserver.com 1 redirects
1 cs-tam.minutemedia-prebid.com s.amazon-adsystem.com
1 cs.media.net 1 redirects
1 pixels.ad.gt tagan.adlightning.com
1 p.ad.gt a.ad.gt
1 cdn.prod.uidapi.com tagan.adlightning.com
1 dmp.brand-display.com 1 redirects
1 lb.eu-1-id5-sync.com www.shefinds.com
1 secure.cdn.fastclick.net tagan.adlightning.com
1 bidder.criteo.com www.shefinds.com
1 tlx.3lift.com www.shefinds.com
1 hb.undertone.com www.shefinds.com
1 analytics.google.com www.googletagmanager.com
1 geo.privacymanager.io ats.rlcdn.com
1 pixel.keywee.co www.shefinds.com
1 pixel.quantserve.com www.shefinds.com
1 sqs.us-east-1.amazonaws.com www.shefinds.com
1 socialcanvas-cdn.kargo.com cdn.rhombusads.com
1 3d2fb0bd-52fc-4b75-aaf5-2d436c172540.prmutv.co cdn.permutive.com
1 dyv1bugovvq1g.cloudfront.net ads.blogherads.com
1 async01.admantx.com ads.blogherads.com
1 ats.rlcdn.com ads.blogherads.com
1 vc.hotjar.io script.hotjar.com
1 idx.liadm.com js-sec.indexww.com
1 id.sv.rkdms.com js-sec.indexww.com
1 lightboxapi.azurewebsites.net www.lightboxcdn.com
1 rules.quantcount.com secure.quantserve.com
1 cdn.rhombusads.com ads.blogherads.com
1 cdn.adsafeprotected.com ads.blogherads.com
1 script.hotjar.com static.hotjar.com
1 d15kdpgjg3unno.cloudfront.net ads.blogherads.com
1 fastly-cloud.typenetwork.com cloud.typenetwork.com
1 secure.quantserve.com www.shefinds.com
1 intljs.rmtag.com www.shefinds.com
1 static.hotjar.com www.shefinds.com
1 static.bam-x.com www.shefinds.com
1 widget.sellwild.com www.shefinds.com
0 uipglob.semasio.net Failed cs.seedtag.com
0 csi.gstatic.com Failed imasdk.googleapis.com
0 sync.adotmob.com Failed visitor.omnitagjs.com
0 sync.search.spotxchange.com Failed cs.seedtag.com
0 csync.loopme.me Failed cs-server-s2s.yellowblue.io
cs-tam.minutemedia-prebid.com
ssp.api.tappx.com
visitor.omnitagjs.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
ads.pubmatic.com
de.tynt.com
0 sync.colossusssp.com Failed www.shefinds.com
0 as-sec.casalemedia.com Failed www.shefinds.com
js-sec.indexww.com
0 d3ezl4ajpp2zy8.cloudfront.net Failed www.shefinds.com
1117 319
Subject Issuer Validity Valid
shefinds.com
Go Daddy Secure Certificate Authority - G2		 2022-09-26 -
2023-10-25		 a year crt.sh
marfeelcache.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-07-27 -
2024-08-27		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
cloud.typenetwork.com
R3		 2023-08-19 -
2023-11-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.boomtrain.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-03-09		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.blogherads.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-27 -
2024-01-28		 a year crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
z-na.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-18 -
2024-02-17		 a year crt.sh
*.sellwild.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-22		 a year crt.sh
*.api.boomtrain.com
Amazon RSA 2048 M02		 2023-02-24 -
2023-11-14		 9 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-13 -
2023-09-11		 3 months crt.sh
static.planethowl.com
Amazon RSA 2048 M01		 2023-08-07 -
2024-09-04		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
intljs.rmtag.com
GTS CA 1D4		 2023-08-05 -
2023-11-03		 3 months crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
fastly-cloud.typenetwork.com
R3		 2023-08-19 -
2023-11-17		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
app.zetaglobal.net
Amazon RSA 2048 M02		 2023-04-15 -
2024-05-13		 a year crt.sh
*.pixel.parsely.com
R3		 2023-07-18 -
2023-10-16		 3 months crt.sh
*.shemedia.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-27 -
2024-01-28		 a year crt.sh
aax-us-east.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-05-07		 a year crt.sh
*.release.narrativ.com
Amazon RSA 2048 M02		 2023-07-17 -
2024-08-13		 a year crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-22 -
2024-06-19		 a year crt.sh
*.rhombusads.com
Amazon RSA 2048 M03		 2023-08-12 -
2024-09-08		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 06		 2023-05-21 -
2024-05-15		 a year crt.sh
*.anyword.com
Amazon RSA 2048 M01		 2023-06-05 -
2024-07-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
securedvisit.com
Amazon RSA 2048 M03		 2023-08-16 -
2024-09-13		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-28		 a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
fls-na.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-08 -
2024-03-07		 a year crt.sh
*.admantx.com
SSL.com RSA SSL subCA		 2023-04-18 -
2024-05-18		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
*.prmutv.co
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.kargo.com
Amazon RSA 2048 M01		 2023-04-30 -
2024-05-28		 a year crt.sh
queue.amazonaws.com
Amazon RSA 2048 M01		 2023-03-08 -
2024-03-07		 a year crt.sh
api.permutive.com
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
pixel.keywee.co
Amazon ECDSA 256 M01		 2023-02-01 -
2024-03-01		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
tracking.justpremium.com
Amazon RSA 2048 M01		 2023-01-26 -
2024-02-24		 a year crt.sh
gumgum.com
Amazon RSA 2048 M02		 2023-06-07 -
2024-07-06		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.undertone.com
Amazon RSA 2048 M02		 2023-08-03 -
2024-08-30		 a year crt.sh
*.app.kargo.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-18		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-05-23 -
2023-11-15		 6 months crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-29 -
2024-04-15		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-09		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-08-07 -
2023-11-05		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.sheknows.com
Amazon RSA 2048 M01		 2023-05-20 -
2024-06-17		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-08		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-06-02 -
2023-12-02		 6 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
ssp.api.tappx.com
R3		 2023-08-20 -
2023-11-18		 3 months crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.smartadserver.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-02 -
2024-08-04		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.spot.im
Amazon RSA 2048 M02		 2023-09-03 -
2024-09-30		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
s.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2023-07-31 -
2023-10-29		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M01		 2022-11-10 -
2023-12-09		 a year crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-14 -
2024-07-17		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
sync.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2023-07-23 -
2023-10-21		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-07-23 -
2023-10-21		 3 months crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-02-27 -
2023-11-07		 8 months crt.sh
events-ssc.33across.com
GTS CA 1D4		 2023-08-28 -
2023-11-26		 3 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
truffle.bid
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
aka.clipcentric.com
R3		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.insightexpressai.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-16 -
2024-03-15		 a year crt.sh
clipcentric.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-05		 10 months crt.sh

This page contains 188 frames:

Primary Page: https://www.shefinds.com/
Frame ID: 1483DA8E193A6DF07FA7A8ED877F6CFD
Requests: 265 HTTP requests in this frame

Frame: https://www.shefinds.com/iframe-modal/
Frame ID: B3CF35488330D2A780CE19331D57A215
Requests: 32 HTTP requests in this frame

Frame: https://www.shefinds.com/iframe-modal-homepage/
Frame ID: 9C3D4FCB700BF9848ACD15CD3446860B
Requests: 35 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/lightbox.js?mb=1693793838896&lv=1
Frame ID: FDDE16215CED58FA3459B549DC5C1A0E
Requests: 2 HTTP requests in this frame

Frame: https://ads.shemedia.com/static/optoutstatus.html
Frame ID: 4997E666848E7DC09E81558BACC8667E
Requests: 1 HTTP requests in this frame

Frame: https://events.release.narrativ.com/api/v0/session.html
Frame ID: FA46F6F01C653C0DE1131B1E3CAD4132
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=1---&C=1
Frame ID: AFDADA4F92857ACFA2A3826A1F8826F6
Requests: 10 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift
Frame ID: E687323B6D440BB2F7E2CC65754B122E
Requests: 1 HTTP requests in this frame

Frame: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DD4FC85455AF3495A8561623034638BA
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: C8FCCCFC6C52208E3127E30A95AA545A
Requests: 6 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: A00ED3FD31A475F5A00DD818C12338E5
Requests: 14 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: E6EF418FFC60C0A6F9A611B034181831
Requests: 10 HTTP requests in this frame

Frame: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Frame ID: 8E9F0E25A0BA8B8EE01E1CB2E116A008
Requests: 26 HTTP requests in this frame

Frame: https://sync.bfmio.com/syncb?pid=137
Frame ID: BEC19456072F5E7F16233B43E2880F66
Requests: 7 HTTP requests in this frame

Frame: https://cs.admanmedia.com/e1edfb9aa2a9066a203a7fce17c3a388.gif?puid=[UID]&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dacuity.com%26id%3D%5BUID%5D
Frame ID: 99F2E012A3705F7E151ACC4F84BFAFA2
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: DDE4C10CD4DDDC6086BAE554300BF893
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1869577055167662355&gdpr=0&gdpr_consent=
Frame ID: D796DC4148CF1604EE791D29D433B7A8
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAACeGicS2fGjQN2YiKtAAAAAAA&expiration=1693880241&is_secure=true
Frame ID: 73E16EAEFE4154526ECF00023ABAB959
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Frame ID: F05C3F1400192217A43D37E3D2FB2377
Requests: 14 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 8F0FA669A8DA5E234245E729D77DF4FE
Requests: 12 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 87F4585ED7CD42E731914CC2E8A894EB
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: D89D17A2FCAD0318595A6D4C9BF97992
Requests: 11 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: FE864AF1A910B7C1F7BEC349AA2B68B0
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1oWUVranJCRTJ1SmZraVJYUm9Cb05mb3dOVFB3U1hwSH5B
Frame ID: AA264D31C24B74C3007F4A01A021DB6B
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=4011881537103642354&ex=appnexus.com
Frame ID: 4BB69ED1428616DD1F17C43ED6AAE527
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Frame ID: AB25F2CB574FDDA436141246686AC045
Requests: 7 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Frame ID: 259D6615BFAAB24396DB2C6C1F92F48D
Requests: 19 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3934349205523529802736
Frame ID: F01CDF34DE3A5256C847AEA8845FD832
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.shefinds.com&us_privacy=1---
Frame ID: 41FB4987EBBC8C9FE49CCEF56BBF3D4F
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZPU_MQAAAyPauwA4&gdpr=&gdpr_consent=&_test=ZPU_MQAAAyPauwA4
Frame ID: 9FD656C29B02F74435ADFC1A66B45AD3
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV81YWNjM2FhYS0xNzA5LTQ4YmMtOTk2ZC03OTkzMzkyYzJkNDk=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 374E95635DC3811108F5F7B15FC3818C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: A4F4C8E72205B5F6DB210EF22B8825CC
Requests: 10 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=7928e066-76a9-463e-af89-7ce88bea635d
Frame ID: 54ABA01F582045CCA594C09148CFA370
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZPU.McCo5uYAAFGFxvUAAAAA
Frame ID: 9C9068F0DDC4435CF38565DA0CE205B3
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 88F34EED27E710AB1C476BAB32060E4A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=qa45XtQKCxwmfyBqSHIl&pi=gumgum&tc=1
Frame ID: 4D6AD16FAFC8B87529FF0E749FE2F35A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: ED94EA928D3D03635D94E83C8F827FD2
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: CF90CB2C53C09785D4B22481E2BD1377
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Frame ID: F48C3EABBC002D4D169470C7D90FD608
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Frame ID: 12F28CB52053EFC5282BBF13326D0655
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Frame ID: 75587A98427026BE45026DA8DF2A9719
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: 94774D175755E2C1C9256EA5EB893F62
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 91E994DC069F17CB54982E899FFD0243
Requests: 3 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=954cc683-4c37-4611-8406-3ce451d1e04b&expiration=1701656241
Frame ID: 5142FB9C9C537DE0243863A9E2F058B3
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=546B0175-D6AA-46B9-A0AD-C2A930BF5276&redir=true&gdpr=0&gdpr_consent=
Frame ID: 5FD46BD334B5A4B9976FFA5FECDCAA4B
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID546B0175-D6AA-46B9-A0AD-C2A930BF5276
Frame ID: 4B763E29184B31D15636BAD428872E12
Requests: 1 HTTP requests in this frame

Frame: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DAF41B52C1A98C4930497B9B0DA757BE
Requests: 13 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Frame ID: 4FCA881F648EDA70DBC206A861A47502
Requests: 23 HTTP requests in this frame

Frame: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 30F80F1CD1E91829EB466B75F7E5A39B
Requests: 23 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Frame ID: B2047528D358C4312F6C0D11D0F033F6
Requests: 4 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=930203&campId=728x90&pubId=15403870&chanId=223928350&placementId=5064405287&pubCreative=138308429211&pubOrder=2543335655&cb=1562974638&adsafe_par&impId=2cf79976-4ac9-11ee-bef5-0ac9557753d3&custom2=frame2&custom3=s1
Frame ID: BEB19C54091EECC27FFAC197B2EB4F9F
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: 32195F56E686B1686E32BCBB193EA359
Requests: 8 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fwww.shefinds.com%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22fashion%22%7D
Frame ID: 4136BEFE545B6ECC26CD3D460640B36A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A8E0B2B88978A6D10B2CCFEBD84F1AF1
Requests: 2 HTTP requests in this frame

Frame: https://ads.shemedia.com/static/optoutstatus.html
Frame ID: 6111877B2FE6D267D251F27DFB82EA7C
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 349DD0F2104EF08599AF683872412769
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
Frame ID: 7C0E2A0908CC7C3F6ECC9812F09911F1
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 90AC3A4169A5B947C72D960F7671ADB1
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2460C87E32FCCFD77E8272FD051374BC
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 607E34F4B147EC582E6CC30526F4CDAF
Requests: 1 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=abr5b581693793840611&usPrivacy=1---
Frame ID: 79750FCE4EB0287FBC78AA34C3E51C3F
Requests: 2 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Frame ID: 0064A9D03CF139EFE86B086913A3583E
Requests: 13 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=_e%3DCrcBShB3d3cuc2hlZmluZHMuY29tUgthYXMtNWI4NDI0NVoIcGJhMS4zLjJqEHd3dy5zaGVmaW5kcy5jb236AQY3LjQwLjDoAgGIA7D81KcGqANA6gMkZjNlY2U4NDYtMDdhZC00ZTA1LThkMjctZDAyOTUzMWJkNGY1qgQDRENIsgUDVVNE0gUEMTEyNtgFAeAFAeoFB2Rlc2t0b3D6BQRkYzEzqgcDd2ViygcMc2hlZmluZHMuY29t
Frame ID: 32756E1E2D43D5B884D7A7B913E997AE
Requests: 12 HTTP requests in this frame

Frame: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Frame ID: D2E3F339EF606D5330F84DC1111341C2
Requests: 19 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 003843250C8AB3F63AE8A97064794FD8
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: A00CA2C827194237CAD481ECEE750F13
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4F99F4BBAFCB5898433B951DC8B14803
Requests: 1 HTTP requests in this frame

Frame: https://ads.blogherads.com/static/outstream-creative.js
Frame ID: ABCDE05CB6A1BE44041C63B214579F39
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Frame ID: E2397FDCD6B52EF42B5288DB43A50301
Requests: 12 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=1---&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Frame ID: 8CBE92D7156720375B03E7E94E6D0B46
Requests: 13 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 10F26A7A759D6AA8877E8A2CB6D36AA2
Requests: 10 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-dad2e94d-5bdd-43fd-83d7-963b6bf43e4b-158060-635452036%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Frame ID: A6E04303A7BEA5E5A640F8BC25D963F3
Requests: 8 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: 745F410995C72DD8AEDC1D2B7717D990
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: EE8FB3F10EA11F84B962D416886D26D4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
Frame ID: 2972B02B72495BEE544F342D8C132F18
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 54FE037CB3A9779058B75CA2ED757D7B
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Frame ID: 3EEF2311ADBE61AB17596464E71D2163
Requests: 3 HTTP requests in this frame

Frame: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Frame ID: 3D270A78F3AC4B6B14E2815C4AE83A2E
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Frame ID: A14FEDDEAF3D258F1D937F016B548047
Requests: 7 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693793844570&pubconsent=&euconsent=&hasConsent=1&rd=1
Frame ID: D4F09CFF6A9A0AB5794D5FB1DB3EF9F5
Requests: 4 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Frame ID: 41188CB4BC34E4D03B090A745819269B
Requests: 6 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Frame ID: DD1584D709BB08BCC1594FBDC9289351
Requests: 20 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75601b04186d260
Frame ID: 1568F7B81A220D0275B2C3E4293C97D2
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=5006350c-a261-44d7-84dd-dbea8f08b6e4&gdpr=0
Frame ID: 462CE29CDF680A5439FD1CC589A89CFB
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=zgn5cAUresle&ev=1&us_privacy=1---&pid=562983
Frame ID: 7660CA2977565161FFB8D9E3F550356F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZPU_MQAAAyPauwA4&gdpr=0&gdpr_consent=
Frame ID: D1AF41719B6AAE323C94A3DBF026A5E0
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV81YWNjM2FhYS0xNzA5LTQ4YmMtOTk2ZC03OTkzMzkyYzJkNDk=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 97231C18421370C251EF555AAA56C297
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 6F75AA90C514C5738B5AD90EF084E80E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=7928e066-76a9-463e-af89-7ce88bea635d
Frame ID: FC8D41B405709DA1560D1D6FB316E7B2
Requests: 1 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usync?idmn=50&type=iframe&id=3547929380008100760&auxuid=
Frame ID: 246A257AA0A45FAF02FA403801DFC166
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158111&userIdMacro=(PM_UID)&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D76%26type%3Diframe%26id%3D%28PM_UID%29%26auxuid%3D
Frame ID: 76AE7A3ECB8ED31483DA6D4B85FE9A8B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
Frame ID: 81E73E6D90A6EFF2A0F65479B88EBDB3
Requests: 3 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usync?idmn=13&type=iframe&id=HQzJeBZHuGCrpGR8Q52pzqdh&auxuid=
Frame ID: 5B93C5F519F69577064177AE94165906
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
Frame ID: 0F3F53703D814B0D631B081FFC1BCC5C
Requests: 6 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usync?idmn=1111&type=iframe&id=A8961146309600924623&auxuid=
Frame ID: 0E69C8E1AC5ED26F3DAB83EA2EA6EE2D
Requests: 3 HTTP requests in this frame

Frame: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Frame ID: 797793247391B9BE8BF2E1ED1C92759C
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Frame ID: A49848A4F7DDAA7861D6B2441A573FAF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: C3C2CF0681BFAC8AD083CFD38BD120FB
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 9EBACAA3489CF52D5A375642DEAA8D2D
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: E827162A3588CA4784EAA40E51A51AEA
Requests: 2 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Frame ID: 2F08F0FC66FA5C64D81075DFC6E367E4
Requests: 6 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Frame ID: 9F2EE3FBD07DA07C20E961571266C14D
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: E5CA21C60854C6F006E3B107CAD69D6B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=30046c42-4ac9-11ee-ba0a-6250e198ad71
Frame ID: C6C4860377E39D85A4D96C5A8D08E24C
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: FDCB693F2FBCBF57A57FA9ECE77CC056
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: E973F7FB7C7A21F7DB5E8E2E2F6835C8
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 797C8D9702F401E578875BE637053A0B
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 86FA5303FA05EFAE1871B12A5C3F06F5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Frame ID: F566B2299D1F82367444DB87CA2DBE2F
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Frame ID: F13AFB774F6FC524D7BDBACD2C3CCAB4
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E178863939DF8376254A0519BD2B44E5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 48C160C3A765EDCB12DB4DC0CC94B30A
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: BF3F25D2496A1D28738FCCAE9463B5A5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 05736CF7C1D7EB10C1B25FCD5FD4B74C
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: F59667D903D6EC54418C64351A3F0234
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: 2E9C4EC216427A66ED9BA4AFD8D937AC
Requests: 8 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Frame ID: 44F3E61AABF33B9C66133EFD95CEFFA4
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/152media
Frame ID: 67557CB6C732F94BF2081D6943126AF4
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Frame ID: FCDBB105226F9F8510D645A13C321FEF
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=644680&extuid=3934349205523529802736
Frame ID: E481ABA43394900DBAA1380A839247BE
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: DC2B915537528D66BC0D431935E356AD
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZPU.McCo5uYAAFGFxvUAAAAA
Frame ID: 80A2539E6EF845F755855D8CB993AA43
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: B9BE3F12D6834D32156F9BE118EEA4B1
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=qa45XtQKCxwmfyBqSHIl&pi=gumgum
Frame ID: A4E0290AA0E59639FE2FA375D5B093A8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZPU_MQAAAyPauwA4&gdpr=&gdpr_consent=
Frame ID: 89581FA5C6364A2E652F03402F7EDA38
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV81YWNjM2FhYS0xNzA5LTQ4YmMtOTk2ZC03OTkzMzkyYzJkNDk=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 50B4A7B51240F43A7326F0DD29506492
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 3AFD6301253111CD557985F7BE10F947
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 743093815645E4CC22639FB2AE16E8B4
Requests: 10 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Frame ID: FCD283AB9A132AB61F292220EF2CD1FC
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Frame ID: 73BC72B3C82A9CC1D228C3D7B5E6B804
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 1BB3C5AC0BB8ABACE4E235C76DA557CF
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Frame ID: D22DF42B90F3DADCEA56F614587A3CB3
Requests: 6 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: DD54C2C8AE703BFE51FF85CFDA533260
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fuid%3D&gdpr=0&gdpr_consent=
Frame ID: 69D35209808CCB7CA223B38BDC7A40D0
Requests: 10 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Frame ID: 5E58486D0A9168E7BF5B7972E202D441
Requests: 8 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Frame ID: 061347F65B86A69744D11651292BF089
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Frame ID: D5C2D929D1EDBDBB87DE1113BAC8C33D
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: 7E8A44C9BED71D167A89402E793B43EC
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Frame ID: A32237C62B544C8595033B399756F708
Requests: 7 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Frame ID: 3236C78C828D91683452BACA92740B4B
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=
Frame ID: 405953F6C5A647E17FA8C35568C4097F
Requests: 2 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Frame ID: D5B93F614E75C8B558C1B4AD17766BCB
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158111&userIdMacro=(PM_UID)&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D76%26type%3Diframe%26id%3D%28PM_UID%29%26auxuid%3D
Frame ID: 1068F8FD4B0E66914D720E6627D06CFD
Requests: 7 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usync?idmn=1111&type=iframe&id=A8961146309600924623&auxuid=
Frame ID: 0C10D803BDA8E353A462C0060B624438
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=6wZ77XdxVwJpBPGiE6JmkSaEdkw&gdpr=0&gdpr_consent=
Frame ID: 16E4190395C1CA65383585F95C20D9E0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3SV3kkOj1QCZ9y5&gdpr=0&gdpr_consent=
Frame ID: C7C2247C91D4519009E6FE884DC2EF4E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
Frame ID: 49EEB8F8A0888FE6FAE7D1B50E2986F0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968907269421605264
Frame ID: 186F499677990AC6DCD5E97413D81590
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Frame ID: 311D5126F0333B8814BFB721C1A7D6FC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU7a960d576c444aa68d904f18f36ecd5a
Frame ID: 7CB16B7CAC5FAD5A4CAD5665149EB9BD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=822873238760
Frame ID: D9B4C2F654F510864AB5D602875F6543
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 898B8BB6D0E5102FC9B6EB02B888FA81
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 011D64DDE6030B78160CF064172B5716
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=s7nypE8-D5-hKIUNNT71ZA
Frame ID: 0DD3436F9FF691CB532E1A2A1CEDE333
Requests: 1 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usync?idmn=76&type=iframe&id=546B0175-D6AA-46B9-A0AD-C2A930BF5276&auxuid=
Frame ID: 5CEACFAC91BD18739CED69A2B9DA6AE2
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7624469232B92C5F76064DC1C2AF4D32
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 9A143150C3F933E17F8A82BD03CEBD70
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E1435194AE3C1C4BEE312692CEA97B0D
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Frame ID: D2170D761B95E0C0A14BCA6F26EB911D
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/152mediaweb
Frame ID: 4FB50A6FE5837DED81C2B35A124B858F
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 8E81D1AE1AEC918A1CFAC022C9E531B8
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 98258CFFA5C2AA3583B829C820B66F6F
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 489CF8C23A950D4917FD7FA795B5C1B7
Requests: 9 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Frame ID: 8474338BD0CACD62B247D1F617F00867
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: E0FA67AEDFDC124307B8DF4F176B0C4D
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Frame ID: 1B0F068716C46D94250F151885A2BD49
Requests: 4 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Frame ID: 4E626E31F5ACD19922360C614246C807
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: A4C046DBF36C8073E884C7E20B0A0CD1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
Frame ID: E628531A1812B987970EA9F865418AC3
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: E1C1EAEDED343FDE4B2629381930E20D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=b70f714c-1bc3-4302-a8ca-81ae5d5dae7b
Frame ID: BAB023400A5D2F35C291415C0C702B41
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 3C9452FAA294F8DD145F1830539A0EB8
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 1395FC435A961DB45A8B8F1F59DC7B9B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C0079F51A67C45978E5DF77E05DE4DD6&gdpr=0&gdpr_consent=
Frame ID: FCD65A566964ED81BCEE61217AF482B8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7470802481858437332
Frame ID: F77035A205F28399ADBDC50365A988FB
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Frame ID: 5DCBBBE7C7D19A61D82B31BC36479BE7
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Frame ID: 7DC1E0E1F065565CFCE0785003C7C4B7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Frame ID: EBBDC29AB65EC04C45A828B54BACF849
Requests: 1 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usync?idmn=76&type=iframe&id=546B0175-D6AA-46B9-A0AD-C2A930BF5276&auxuid=
Frame ID: 279E6E92143AEB27FE54386959D770D5
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=448580&extuid=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Frame ID: 7CBA7FBDEFF805EE24F17C79FA9667D4
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Frame ID: 2082047E97F1595569E672947B97D840
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Frame ID: D355ECBD242176B5B6D100C7E5CDFAAA
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Frame ID: EE8F2D0B77EC435CB1537B146C06550A
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Frame ID: 55D79AC38848A7BBBB2CBCAF415D9071
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Frame ID: 9F632A1C06DBAA3F7FFA47C4EFB0FA4F
Requests: 8 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Frame ID: 1EA2F747E21126D6C34AC458F6461949
Requests: 18 HTTP requests in this frame

Frame: https://clipcentric-a.akamaihd.net/user-10/resources/ad.html
Frame ID: DA34F465F5B1D44E673DF818CCC89B1E
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 344DBDD14E622035098605B8E66F567E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Women’s Fashion, Beauty & Lifestyle – SHEfinds

Page URL History Show full URLs

  1. http://shefinds.com/ HTTP 301
    https://shefinds.com/ HTTP 301
    https://www.shefinds.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 10%
Detected patterns
  • basket.*\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

1117
Requests

65 %
HTTPS

25 %
IPv6

190
Domains

319
Subdomains

200
IPs

14
Countries

9769 kB
Transfer

21752 kB
Size

398
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shefinds.com/ HTTP 301
    https://shefinds.com/ HTTP 301
    https://www.shefinds.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://cdn.keywee.co/dist/analytics.min.js HTTP 301
  • https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Request Chain 206
  • https://sb.scorecardresearch.com/b?c1=2&c2=15476338&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1693793840153&ns_c=UTF-8&c7=https%3A%2F%2Fwww.shefinds.com%2F&c8=Women%E2%80%99s%20Fashion%2C%20Beauty%20%26%20Lifestyle%20%E2%80%93%20SHEfinds&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=15476338&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1693793840153&ns_c=UTF-8&c7=https%3A%2F%2Fwww.shefinds.com%2F&c8=Women%E2%80%99s%20Fashion%2C%20Beauty%20%26%20Lifestyle%20%E2%80%93%20SHEfinds&c9=
Request Chain 256
  • https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=1---&C=1
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKLiUwK6vRw2Fl8PBNwdgc0&google_cver=1
Request Chain 266
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?us_privacy=1---&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZPU.MAL8NXL8cEAE-8TFkQAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?us_privacy=1---&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZPU.MAL8NXL8cEAE-8TFkQAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJqsDOAkWf1HZ96lu-Qs8CU&google_cver=1&google_hm=2
Request Chain 267
  • https://match.adsrvr.org/track/cmf/casale?us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7928e066-76a9-463e-af89-7ce88bea635d&expiration=1696385840&gdpr=0&gdpr_consent=
Request Chain 268
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e&us_privacy=1--- HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b56d40b5-7773-1242-2f6aa0d4
Request Chain 270
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=wh2QmcdMxZzZGsCVkhHbzcYRlJXZT5PNxU2SXYpG
Request Chain 271
  • https://c1.adform.net/serving/cookie/match?party=29&us_privacy=1--- HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3547929380008100760&expiration=1695003441
Request Chain 279
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&adnxs_id=$UID&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001693793841-FI5KD5ET-NTNO%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&adnxs_id=4011881537103642354&gdpr=0
Request Chain 280
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001693793841-FI5KD5ET-NTNO&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=7928e066-76a9-463e-af89-7ce88bea635d&id=AU1D-0100-001693793841-FI5KD5ET-NTNO
Request Chain 281
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001693793841-FI5KD5ET-NTNO HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001693793841-FI5KD5ET-NTNO HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=546B0175-D6AA-46B9-A0AD-C2A930BF5276&id=AU1D-0100-001693793841-FI5KD5ET-NTNO
Request Chain 282
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001693793841-FI5KD5ET-NTNO&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&rub=LM494BTJ-1P-8OPA&gdpr=0
Request Chain 283
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001693793841-FI5KD5ET-NTNO&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001693793841-FI5KD5ET-NTNO%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001693793841-FI5KD5ET-NTNO&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001693793841-FI5KD5ET-NTNO%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001693793841-FI5KD5ET-NTNO%252526tapad_id%25253D8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7928e066-76a9-463e-af89-7ce88bea635d&ttd_puid=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001693793841-FI5KD5ET-NTNO%2526tapad_id%253D8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&tapad_id=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec
Request Chain 284
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001693793841-FI5KD5ET-NTNO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001693793841-FI5KD5ET-NTNO&google_tc= HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&google_gid=CAESELLoPY9fw-eN3etguzwUmVc&google_cver=1&google_ula=450542624,0
Request Chain 286
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001693793841-FI5KD5ET-NTNO%26sas_uid%3D%5bsas_uid%5d&gdpr=0 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&sas_uid=[sas_uid]&gdpr=0&cklb=1
Request Chain 287
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001693793841-FI5KD5ET-NTNO HTTP 302
  • https://ids.ad.gt/api/v1/amo_match?turn_id=8528246354618352674&id=AU1D-0100-001693793841-FI5KD5ET-NTNO
Request Chain 288
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&uid=[UID]&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&uid=6275276a-1c31-4f7d-a3ea-7cf382941856&gdpr=0
Request Chain 295
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1693793841383 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2435467036 HTTP 302
  • https://sync.1rx.io/usersync/turn/7671167391070426394?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a8ae4ae0-6744-40a6-89da-320e02e0e33f-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-a8ae4ae0-6744-40a6-89da-320e02e0e33f-005 HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-a8ae4ae0-6744-40a6-89da-320e02e0e33f-005
Request Chain 296
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3367954411524422000V10
Request Chain 297
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=818970230e
Request Chain 299
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=141417E546E040B6AD3962250CFD9CC1&ex=simpli.fi&status=ok
Request Chain 305
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 306
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1869577055167662355&gdpr=0&gdpr_consent=
Request Chain 307
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=5f5dbf9f869d04a9&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAACeGicS2fGjQN2YiKtAAAAAAA&expiration=1693880241&is_secure=true
Request Chain 312
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 313
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1oWUVranJCRTJ1SmZraVJYUm9Cb05mb3dOVFB3U1hwSH5B
Request Chain 314
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=4011881537103642354&ex=appnexus.com
Request Chain 315
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Request Chain 317
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3934349205523529802736
Request Chain 319
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
Request Chain 320
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZPU.MAL8NXL8cEAE-8TFkQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJqsDOAkWf1HZ96lu-Qs8CU&google_cver=1&google_hm=2
Request Chain 322
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7928e066-76a9-463e-af89-7ce88bea635d&expiration=1696385841&gdpr=0&gdpr_consent=
Request Chain 323
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C0079F51A67C45978E5DF77E05DE4DD6
Request Chain 324
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=3516034f14b304a9&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAACqLm9CWEgvgNvBoZ3AAAAAAA&expiration=1693880241&is_secure=true
Request Chain 325
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=38aa4246-e467-4cc5-9f7c-952976286688&expiration=1725416241
Request Chain 326
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7671167391070426394
Request Chain 332
  • https://match.adsrvr.org/track/cmf/openx?oxid=fcea82e9-40ca-3092-4f4e-697a40bb2f80&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=7928e066-76a9-463e-af89-7ce88bea635d&ttd_puid=fcea82e9-40ca-3092-4f4e-697a40bb2f80&gdpr=0&gdpr_consent=
Request Chain 334
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOxrBZt74oeY9DAT_YDu4EM&google_cver=1
Request Chain 335
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=4011881537103642354
Request Chain 336
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=3a2d6f47-f20d-4033-9be9-629d68a3e87f&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dgumgum2%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=gumgum2&user_id=Vzv7yYIb7id9re8oU3B80 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&us_privacy=
Request Chain 337
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28313dKssAclANv5-C39Ri45BIkcR5gONliu0IIbpnFmFVHTR6tgolVWMPlmgOPMeO%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28313dKssAclANv5-C39Ri45BIkcR5gONliu0IIbpnFmFVHTR6tgolVWMPlmgOPMeO%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&obuid=ENC(313dKssAclANv5-C39Ri45BIkcR5gONliu0IIbpnFmFVHTR6tgolVWMPlmgOPMeO) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3D313dKssAclANv5-C39Ri45BIkcR5gONliu0IIbpnFmFVHTR6tgolVWMPlmgOPMeO%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26platformId%3DGUMGU18H7EL9NI653I7DPEH51%26initiator%3Dplatform HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=criteo&uid=6b3993bb-7262-427d-8897-2ad913a7b869&obUid=313dKssAclANv5-C39Ri45BIkcR5gONliu0IIbpnFmFVHTR6tgolVWMPlmgOPMeO&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&platformId=GUMGU18H7EL9NI653I7DPEH51&initiator=platform
Request Chain 338
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=0bd72699-68df-08c4-2835-799788eb2ec6
Request Chain 339
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-eb067bed-7771-5702-6904-f1a213a26691$ip$38.132.118.76
Request Chain 340
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-q_GnEVZE2pelL9NY_GB_BwR3tHSl_dfnzKS_~A
Request Chain 341
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=ef64a777-f1cd-43a8-a50e-1af8b0183d5c
Request Chain 343
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=pJzQ7WI8Qm9vWQAlMsLp&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVYEU6SRG5LUSOCRNU4XMV2RIFWE242MOA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVYEU6SRG5LUSOCRNU4XMV2RIFWE242MOA HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=pJzQ7WI8Qm9vWQAlMsLp
Request Chain 344
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=d28fcfe5-3705-4821-8ffc-49f439ce1b44
Request Chain 345
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=Fp0YLgfWeIDa&ev=1&pid=558355
Request Chain 346
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1869577055167662355
Request Chain 348
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZPU_MQAAAyPauwA4 HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZPU_MQAAAyPauwA4&gdpr=&gdpr_consent=&_test=ZPU_MQAAAyPauwA4
Request Chain 351
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=7928e066-76a9-463e-af89-7ce88bea635d
Request Chain 352
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZPU.McCo5uYAAFGFxvUAAAAA
Request Chain 355
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTQ2QjAxNzUtRDZBQS00NkI5LUEwQUQtQzJBOTMwQkY1Mjc2&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VHBn9dRE2uWExNUgvLatIWJKUoocc0M-~A&gdpr=0
Request Chain 356
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1693793841458 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4023070349 HTTP 302
  • https://sync.1rx.io/usersync/turn/7671167391070426394?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
Request Chain 357
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=4011881537103642354&pn_id=an
Request Chain 359
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3Rc7eqqnn7qDpk7WJcMz HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=4011881537103642354&pt=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec%2C%2C
Request Chain 360
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=qa45XtQKCxwmfyBqSHIl&pi=gumgum&tc=1
Request Chain 361
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 362
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=4011881537103642354&gdpr=0&gdpr_consent=
Request Chain 363
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=14ea9e7f-9725-0dd7-0409-35e86112fbc3
Request Chain 364
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=6275276a-1c31-4f7d-a3ea-7cf382941856
Request Chain 365
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=e8def573-4079-4fed-a230-54596150311f
Request Chain 366
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11600&id=1869577055167662355&gdpr=0&gdpr_consent=
Request Chain 367
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3Rc7eqqnn7qDpk7WJcMz&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 368
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212259677762089
Request Chain 369
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings&zcc=1&cb=1693793841480 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=802866287 HTTP 302
  • https://sync.1rx.io/usersync/turn/7671167391070426394?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a8ae4ae0-6744-40a6-89da-320e02e0e33f-005
Request Chain 371
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11575%26uid%3D%5BUSER_ID%5D HTTP 307
  • https://cs-server-s2s.yellowblue.io/cs?aid=11575&uid=325EFEFEE69D4CC091A3A44A64B0FD63
Request Chain 372
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTQ2QjAxNzUtRDZBQS00NkI5LUEwQUQtQzJBOTMwQkY1Mjc2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VHBn9dRE2uWExNUgvLatIWJKUoocc0M-~A&gdpr=0
Request Chain 373
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=zgn5cAUresle&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Request Chain 374
  • https://sync.1rx.io/usersync2/rise?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rise?zcc=1&redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3D%5BRX_UUID%5D&cb=1693793841494 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2366306222 HTTP 302
  • https://sync.1rx.io/usersync/turn/7671167391070426394?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a8ae4ae0-6744-40a6-89da-320e02e0e33f-005
Request Chain 375
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=10cc90a5543d40bf1773b37f7cb6655&gdpr_consent=&gdpr=0
Request Chain 376
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194590&cb=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11583%26id%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11583&id=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
Request Chain 378
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11587&uid=7fd2fd0a-3037-41ee-a72d-cc602bef1832&gdpr=0
Request Chain 381
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Request Chain 383
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21483%26id%3D%5BUSER_ID%5D HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21483&id=325EFEFEE69D4CC091A3A44A64B0FD63
Request Chain 384
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=4011881537103642354
Request Chain 385
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTQ2QjAxNzUtRDZBQS00NkI5LUEwQUQtQzJBOTMwQkY1Mjc2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VHBn9dRE2uWExNUgvLatIWJKUoocc0M-~A&gdpr=0
Request Chain 386
  • https://bh.contextweb.com/bh/rtset?pid=562963&ev=1&us_privacy=[US_PRIVACY]&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=zgn5cAUresle&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
Request Chain 387
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=91b287752595b0928c3fe9c48677b9d0
Request Chain 388
  • https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21489&id=d28fcfe5-3705-4821-8ffc-49f439ce1b44
Request Chain 390
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-6a35ffea-8057-313e-bfb9-3e646aac53b8
Request Chain 391
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F38710%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3De04b39a0-b6a4-433d-b5c7-aeb7ac81aed7%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/38710?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&bidder=appnexus&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=4011881537103642354 HTTP 302
  • https://cm.adform.net/cookie?&gdpr=0&gdpr_consent=&us_privacy=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F38710%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3De04b39a0-b6a4-433d-b5c7-aeb7ac81aed7%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/cchain/2/38710?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&bidder=adform&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=3547929380008100760 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F38710%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3De04b39a0-b6a4-433d-b5c7-aeb7ac81aed7%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/3/38710?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&bidder=index_rtb&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=ZPU.MAL8NXL8cEAE-8TFkQAA%26938 HTTP 302
  • https://rtb.openx.net/sync/prebid?&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F38710%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3De04b39a0-b6a4-433d-b5c7-aeb7ac81aed7%26bidder%3Dopenx%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24%7BUID%7D HTTP 302
  • https://prebid.a-mo.net/cchain/4/38710?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&bidder=openx&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=c5340d26-f955-037b-24c2-a96fc1e0ed0d HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F5%252F38710%253Fgpp%253D%2526gdpr_consent%253D%2526gdpr%253D0%2526gpp_sid%253D%2526us_privacy%253D%2526A%253De04b39a0-b6a4-433d-b5c7-aeb7ac81aed7%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F38710%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3De04b39a0-b6a4-433d-b5c7-aeb7ac81aed7%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D546B0175-D6AA-46B9-A0AD-C2A930BF5276 HTTP 302
  • https://prebid.a-mo.net/cchain/5/38710?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=546B0175-D6AA-46B9-A0AD-C2A930BF5276 HTTP 302
  • https://ap.lijit.com/pixel?&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F7%2F38710%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3De04b39a0-b6a4-433d-b5c7-aeb7ac81aed7%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/cchain/7/38710?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&bidder=sovrn&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=HQzJeBZHuGCrpGR8Q52pzqdh HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21492&uid=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&gdpr=0
Request Chain 392
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=HQzJeBZHuGCrpGR8Q52pzqdh
Request Chain 393
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZPU.MAL8NXL8cEAE-8TFkQAA%26938
Request Chain 394
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1&rts=-6557616649119493033 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=b0231eb4-a9f2-53f7-952d-4f68f1d87159
Request Chain 395
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21504&uid=6275276a-1c31-4f7d-a3ea-7cf382941856
Request Chain 396
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dminutemedia%26bsw_param%3De8def573-4079-4fed-a230-54596150311f%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=2c13604cc4584d1995e49827a64c2897&ssp=minutemedia&bsw_param=e8def573-4079-4fed-a230-54596150311f&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21490&id=e8def573-4079-4fed-a230-54596150311f
Request Chain 397
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=3Rc7eqqnn7qDpk7WJcMz&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Request Chain 398
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=65b360ed-3f58-0fc6-37d6-708d00b8a565
Request Chain 399
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT] HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=1869577055167662355&gdpr=0&gdpr_consent=
Request Chain 400
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=3934349205523529802736
Request Chain 401
  • https://b1sync.zemanta.com/usersync/minutemedia/?&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21515%26uid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=pJzQ7WI8Qm9vWQAlMsLp&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3TFZWWS3TVORSW2ZLENFQS24DSMVRGSZBOMNXW2L3DOM7WC2LEHUZDCNJRGUTGK6DDNBQW4Z3FHVWWS3TVORSW2ZLENFQSM5LJMQ6XAST2KE3VOSJYKFWTS5SXKFAWYTLTJRYA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3TFZWWS3TVORSW2ZLENFQS24DSMVRGSZBOMNXW2L3DOM7WC2LEHUZDCNJRGUTGK6DDNBQW4Z3FHVWWS3TVORSW2ZLENFQSM5LJMQ6XAST2KE3VOSJYKFWTS5SXKFAWYTLTJRYA HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21515&uid=pJzQ7WI8Qm9vWQAlMsLp
Request Chain 402
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7653242496 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/7928e066-76a9-463e-af89-7ce88bea635d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3DRX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
Request Chain 403
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=5006350c-a261-44d7-84dd-dbea8f08b6e4&gdpr=0
Request Chain 405
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=minutemedia HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=d3abac0a-72dc-4079-b6bf-3a54511c4e93
Request Chain 406
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212259677762089
Request Chain 408
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=shefinds.com&sn=ChromeSyncframe&so=0&topUrl=www.shefinds.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=JCIetXxaMFF5bVpsVGZiNUk0TzdjTGhwWDR6YUxMRWU5M3dkei9BZ0hHOUpKdkdJeGN0dVlRWVlNTFcxb3NFK3JEV0txS2w4V3l5OHU0NmRaU2JSWnpQSWEwYWpRaVRmM2ZOKzc2N1k4dUlyT2lIdkoyWWtBK04rTE5ZME41allCM3V5UkxSNWtNZVdMVEt6R0NVd0JjWkdEVnNZaUxTT1ZqTnF3K25aMkk3MzJzbVIvckI5SUF4WGlONjV4UE0ydlA4ZWRVaUdmdWcrYzlSNkxwdHZrOWNFeXlDei9QSlBhaFB5YWdpdmJvRFhNSU9Lb0Y0Zi9NYXVHSTM5ZzM0Z1ZiYVFMcmpYRmp4Zk04ZjdXellCajA1dEtoUT09fA&cppv=2
Request Chain 409
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Request Chain 412
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 413
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=b787e5ce-4065-0cf1-25cb-76bdb7170fd2
Request Chain 414
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-MjJj8ERE2uG26LattTglFSDPccItfil4~A
Request Chain 415
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=7928e066-76a9-463e-af89-7ce88bea635d&ttl=1696385841
Request Chain 416
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM494BTJ-1P-8OPA
Request Chain 417
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTQ2QjAxNzUtRDZBQS00NkI5LUEwQUQtQzJBOTMwQkY1Mjc2&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VHBn9dRE2uWExNUgvLatIWJKUoocc0M-~A&gdpr=0
Request Chain 418
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253D9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553
Request Chain 419
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-70lmELdE2uFYfjk5c.xD9t3xIJYO_ELvJyAImdQ-~A
Request Chain 422
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=4bywjpflk0hcx6zrrym79v937 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=4bywjpflk0hcx6zrrym79v937
Request Chain 424
  • https://idsync.rlcdn.com/403716.gif?partner_uid=4bywjpflk0hcx6zrrym79v937 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CITSGBIlCiEIARCakQEaGTRieXdqcGZsazBoY3g2enJyeW03OXY5MzcQABoNCLH81KcGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=85ee5936033e0c178eb23e14a086dbbc8bf7ff8b4a4bf12cb38be8c7024f72f5791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=85ee5936033e0c178eb23e14a086dbbc8bf7ff8b4a4bf12cb38be8c7024f72f5791426b5417dce21&rand=04969934 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=85ee5936033e0c178eb23e14a086dbbc8bf7ff8b4a4bf12cb38be8c7024f72f5791426b5417dce21&rand=04969934&expected_cookie=a2159579-e179-46ac-a581-32e54fcaa8a9
Request Chain 426
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=7928e066-76a9-463e-af89-7ce88bea635d
Request Chain 427
  • https://ad.turn.com/r/cs?pid=60 HTTP 302
  • https://sync.bfmio.com/sync?pid=169&uid=7671167391070426394
Request Chain 429
  • https://match.prod.bidr.io/cookie-sync/bch HTTP 303
  • https://match.prod.bidr.io/cookie-sync/bch?_bee_ppp=1 HTTP 303
  • https://sync.bfmio.com/sync?pid=168&uid=AAEzzU7J6nwAACbk4ScR2w
Request Chain 430
  • https://www.storygize.net/ccm/ab07fd15-2039-48b6-b2a2-4c9d1869ba93 HTTP 302
  • https://www.storygize.net/csr?r=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D178%26uid%3Df3ecbccc-aea0-40f7-af63-e68aebb6f2f1 HTTP 302
  • https://sync.bfmio.com/sync?pid=178&uid=f3ecbccc-aea0-40f7-af63-e68aebb6f2f1
Request Chain 431
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=B8C43B19-109C-445A-B4F6-EE6B3765AF18&rurl=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D166%26uid%3D%24%24visitor_cookie%24%24 HTTP 302
  • https://sync.bfmio.com/sync?pid=166&uid=2c13604cc4584d1995e49827a64c2897
Request Chain 432
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=N2dIY25XRlNnRlhoTWRTSHFhS1drZw&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEAxQmIhGF8zzjaf4HKYK258&google_cver=1
Request Chain 433
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=3e3e5d83873206f4&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAACqLm9CWEgwgMARrNJAAAAAAA&expiration=1693880241&nuid=&is_secure=true
Request Chain 439
  • https://um.simpli.fi/lj_match?r=1693793841383&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=C0079F51A67C45978E5DF77E05DE4DD6
Request Chain 440
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=zgn5cAUresle&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 441
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=XDfmHVlmsxhHMLYRDDutSVg74hFHZeVJW2cpQXEK
Request Chain 442
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8946715365 HTTP 302
  • https://sync.1rx.io/usersync/turn/7671167391070426394?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
Request Chain 443
  • https://id5-sync.com/i/1173/8.gif?id5id=ID5*M9P78xF7zartpS38R_iQqtcv4ZpVZ1lPz8J6Zp8nosZfVchjY0UR50Tol2ll1SFPX1aKdltd9DVout0-zBSBcg&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-01ceEplVPO5HtWpEGgg81M15DFaFwdnMIOLwnMU6UA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F3%2F7%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1173/3/7/2.gif?puid=789c64f5-3e31-4100-b68c-6bef558fd551&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/1173/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1173/2/6/3.gif?puid=4011881537103642354&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F434%2F5%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/1173/434/5/4.gif?puid=6275276a-1c31-4f7d-a3ea-7cf382941856&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=4011881537103642354&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F1246%2F4%2F5.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/1173/1246/4/5.gif?puid=HQzJeBZHuGCrpGR8Q52pzqdh&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AAEzzU7J6nwAACbk4ScR2w&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F429%2F2%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/1173/429/2/7.gif?puid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=7928e066-76a9-463e-af89-7ce88bea635d&ttl=%%TTL%%
Request Chain 445
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4011881537103642354
Request Chain 446
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
Request Chain 447
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZPU_MQAAAyPauwA4
Request Chain 448
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=6wZ77XdxVwJpBPGiE6JmkSaEdkw
Request Chain 449
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
Request Chain 450
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&gdpr=0&gdpr_consent=
Request Chain 452
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---&khaos=LM494BTJ-1P-8OPA HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LM494BTJ-1P-8OPA&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Request Chain 455
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D441%26segid%3D21144%2C21967%2C32638%2C32745%2C33093%2C33097%2C33495%2C33515%2C34895%2C35238%2C38317%2C38334 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=441&segid=21144,21967,32638,32745,33093,33097,33495,33515,34895,35238,38317,38334
Request Chain 456
  • https://um4.eqads.com/um/cs HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=954cc683-4c37-4611-8406-3ce451d1e04b&expiration=1701656241
Request Chain 458
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM494BTJ-1P-8OPA&us_privacy=1---
Request Chain 459
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHMtJlAKG67RU_1iH2_oYVc&google_cver=1
Request Chain 460
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/LpjUiR-4Y5E41ZCckhc618n5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Ak0yNAxE2oJbAhbrDHCoOBb9YkUf2eYBj8ecxg--~A
Request Chain 461
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7928e066-76a9-463e-af89-7ce88bea635d&gdpr=0&gdpr_consent=&expires=30
Request Chain 463
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xAZL0qlLT_2C2-FpFJZYaA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xAZL0qlLT_2C2-FpFJZYaA
Request Chain 464
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmNlNjFjNmFkOTI1NGI1N2I2M2JiMTFlZmMzOTI3NTE0MjA0YjQ1Zg&us_privacy=1---
Request Chain 465
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE00OTRCVEotMVAtOE9QQQ==&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF64KM8Y6EMI5uDlXN6idpY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE00OTRCVEotMVAtOE9QQQ==&google_push=
Request Chain 469
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VGsBddaqRrmgrcKpML9Sdg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 470
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=546B0175-D6AA-46B9-A0AD-C2A930BF5276 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=37325644865334343530996390913382611896&pt=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec%2C%2C
Request Chain 473
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTQ2QjAxNzUtRDZBQS00NkI5LUEwQUQtQzJBOTMwQkY1Mjc2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7671167391070426394&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=10c3ae70f05904a9&is_secure=true&networkId=17100&version=1&nuid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACfs2zcBQ3fwN3KdwnAAAAAAA&expiration=1693880243&nuid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 474
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBIFCuL02ctOmxY2EnZKdvU&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7671167391070426394&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6bdc6534928106f4&is_secure=true&networkId=17100&version=1&nuid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAABp91Ff6SkOQMg0_wWAAAAAAA&expiration=1693880243&nuid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=ef64a777-f1cd-43a8-a50e-1af8b0183d5c&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=4a128e3b-88fd-4575-854f-3b7c5c958939&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 475
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C0079F51A67C45978E5DF77E05DE4DD6 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Request Chain 476
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7928e066-76a9-463e-af89-7ce88bea635d&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7671167391070426394&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5adc93bef05d0706&is_secure=true&networkId=17100&version=1&nuid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACqLm9CWEhUAMIhyVHAAAAAAA&expiration=1693880243&nuid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=ef64a777-f1cd-43a8-a50e-1af8b0183d5c&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=968907269421605264&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 495
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LM494BTJ-1P-8OPA HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LM494BTJ-1P-8OPA
Request Chain 497
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=3367954411524477000V10
Request Chain 517
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LM494BTJ-1P-8OPA HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LM494BTJ-1P-8OPA
Request Chain 518
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LM494BTJ-1P-8OPA HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LM494BTJ-1P-8OPA
Request Chain 519
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=LM494BTJ-1P-8OPA HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM494BTJ-1P-8OPA
Request Chain 528
  • https://feed.pghub.io/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fwww.shefinds.com%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22fashion%22%7D HTTP 302
  • https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fwww.shefinds.com%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22fashion%22%7D
Request Chain 533
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODq98TLzAEQsAkYsAkyCL7QyPRNNYKU HTTP 301
  • https://tpc.googlesyndication.com/simgad/9832126723343678101
Request Chain 537
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=a92cfd8f-8d8d-06f2-1037-e98979204e58 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=a92cfd8f-8d8d-06f2-1037-e98979204e58
Request Chain 538
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=4011881537103642354
Request Chain 539
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7671167391070426394&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 540
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZPU_MQAAAyPauwA4
Request Chain 541
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec%252C%252C%25257B%252522architecture%252522%25253A%252522%252522%25252C%252522bitness%252522%25253A%252522%252522%25252C%252522brands%252522%25253A%25255B%25255D%25252C%252522fullVersionList%252522%25253A%25255B%25255D%25252C%252522mobile%252522%25253Afalse%25252C%252522model%252522%25253A%252522%252522%25252C%252522platform%252522%25253A%252522%252522%25252C%252522platformVersion%252522%25253A%252522%252522%25257D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7928e066-76a9-463e-af89-7ce88bea635d&ttd_puid=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec%2C%2C%257B%2522architecture%2522%253A%2522%2522%252C%2522bitness%2522%253A%2522%2522%252C%2522brands%2522%253A%255B%255D%252C%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D
Request Chain 553
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODq98TLzAEQsAkYsAkyCL7QyPRNNYKU HTTP 301
  • https://tpc.googlesyndication.com/simgad/9832126723343678101
Request Chain 575
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 579
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CM-1zMT71ZOjQB9DtzwWRrbeIBufu7tlynqfppqYRue7wyKoBEAEggMz4HmDJhoCA3KPEEKABocCY8SjIAQngAgCoAwHIA8sEqgT3AU_QlUB74lYTEMV_APu0u8zW72W40bzIwciDV9RK4WRwSAbT7eCJnHEtaCFsmtzmcfMxMls_tVhyujDdnuUa3mj59W32EiedvEDizeFJAUvLiXL1MRBT-feRjzTOTqUdgvZsVunbl2PJNr9NYQy5goPGCKXWZOOSHmFogF2oTpiBdtJv9wEYut1OqvRWbjWvXFAFro2K7jL5ri2eyy51nWDZFsyURXzwU2xWPihNcKy7CRoJN9q_8qABU7mo201WO1CQbEWQ_0F4uj5Zl1LmAjdOeYqyRBY5vHIKqnhF3l8EeoEpVmNpljL2kbTBW1HxDlRubAs-0bTABK3y3OGuBOAEAYgFptuOikuSBQQIBBgBkgUECAUYBKAGLoAHjvC4ngSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQjoAm0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTM1MTIwMDI5Nzg2NjIyNzOaCf4BaHR0cHM6Ly93d3cudGVtdS5jb20va3VpcGVyL3VuMS5odG1sP3N1Ymo9ZmVlZC11biZfYmdfZnM9MSZfcF9tYXQxX3R5cGU9MSZfcF9qdW1wX2lkPTcyNSZfeF92c3Rfc2NlbmU9YWRnJmxvY2FsZV9vdmVycmlkZT0yMTF-ZW5-VVNEJmdvb2RzX2lkPTYwMTA5OTUxNTg3NTI4NiZfcF9yZnM9MSZfeF9hZHNfc3ViX2NoYW5uZWw9b3RoZXImX3hfYWRzX2NoYW5uZWw9Z29vZ2xlJl94X2JnX2FkaWQ9Z2QzMjY5MTMtMSZ0b3BpY19jbGFzc2lmeT0xMjCACgPICwHaDBEKCxDAp9vyndHziswBEgIBA9gTDNAVAYAXAbIXHgocCAASFHB1Yi05NDg5NjIxNzU1NjA1MzQ4GL7DEg&sigh=NbeH0_FG1dU&uach_m=[UACH]&ase=2&cid=CAQSXgBpAlJWHLdkgd4HpCQ4CatwUr1uXqGj84qxebsFFVR-3PdjH44hlqWu3jHUonlQd6X2P2a_TnLiN21ngUr0sIHF9n4WKh2bHGMZ8zXgM4GfaXsywgJQlVC0X20nYG0YAQ&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc2efdb6aeda07fb0000000000000000%22,%222%22:%220xa278e52a2e87ce040000000000000000%22,%223%22:%220xc2fe126f530a7ebe0000000000000000%22,%224%22:%220x4912f5c659c5fbed0000000000000000%22,%225%22:%220xf3133837edf98f40000000000000000%22},%22debug_key%22:%2212298511281680659660%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2209-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215981831421006668529%22}&andc=true
Request Chain 597
  • https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=0&gdpr_consent=undefined&ust=image HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=7928e066-76a9-463e-af89-7ce88bea635d&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=7928e066-76a9-463e-af89-7ce88bea635d
Request Chain 598
  • https://id5-sync.com/s/441/9.gif?puid=u_db626397-f440-4bdf-8b4a-d5a003334797&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AAEzzU7J6nwAACbk4ScR2w&id5AccountNum=155&numCascadesAllowed=9
Request Chain 599
  • https://id5-sync.com/s/441/9.gif?puid=u_ba28544a-ba89-4c0f-880d-1f5015d18911&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/108/8/2.gif?puid=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/7/3.gif?puid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=85&3pid=AAEzzU7J6nwAACbk4ScR2w&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1241%2F6%2F4.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/441/1241/6/4.gif?puid=HQzJeBZHuGCrpGR8Q52pzqdh&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/5/5.gif?puid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F796%2F4%2F6.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/796/4/6.gif?puid=ef64a777-f1cd-43a8-a50e-1af8b0183d5c&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=85&3pid=AAEzzU7J6nwAACbk4ScR2w&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1241%2F3%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/441/1241/3/7.gif?puid=HQzJeBZHuGCrpGR8Q52pzqdh&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F203%2F2%2F8.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/203/2/8.gif?puid=6b3993bb-7262-427d-8897-2ad913a7b869&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=85&3pid=AAEzzU7J6nwAACbk4ScR2w&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1241%2F1%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/441/1241/1/9.gif?puid=HQzJeBZHuGCrpGR8Q52pzqdh&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=58&3pid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1242%2F0%2F10.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/441/1242/0/10.gif?puid=HQzJeBZHuGCrpGR8Q52pzqdh&gdpr=0&gdpr_consent=
Request Chain 600
  • https://id5-sync.com/s/441/9.gif?puid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F796%2F8%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/796/8/2.gif?puid=ef64a777-f1cd-43a8-a50e-1af8b0183d5c&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/7/3.gif?puid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-01ceEplVPO5HtWpEGgg81M15DFaFwdnMIOLwnMU6UA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F6%2F4.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/6/4.gif?puid=d28fcfe5-3705-4821-8ffc-49f439ce1b44&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/5/5.gif?puid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/108/4/6.gif?puid=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=7928e066-76a9-463e-af89-7ce88bea635d&ttl=%%TTL%% HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F203%2F2%2F8.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/203/2/8.gif?puid=6b3993bb-7262-427d-8897-2ad913a7b869&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=7928e066-76a9-463e-af89-7ce88bea635d&ttl=%%TTL%% HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=i5td&nuid=7928e066-76a9-463e-af89-7ce88bea635d&gdpr=0&consent=&id5id=ID5-01ceEplVPO5HtWpEGgg81M15DFaFwdnMIOLwnMU6UA
Request Chain 601
  • https://id5-sync.com/s/441/9.gif?puid=u_0527843c-eb64-4ee8-996b-b7931f16ad27&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=7928e066-76a9-463e-af89-7ce88bea635d&ttl=%%TTL%% HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F796%2F2%2F7.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1173/796/2/7.gif?puid=ef64a777-f1cd-43a8-a50e-1af8b0183d5c&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F203%2F1%2F8.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/1173/203/1/8.gif?puid=6b3993bb-7262-427d-8897-2ad913a7b869&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F796%2F0%2F9.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1173/796/0/9.gif?puid=ef64a777-f1cd-43a8-a50e-1af8b0183d5c&gdpr=0&gdpr_consent=
Request Chain 602
  • https://id5-sync.com/s/441/9.gif?puid=u_548f6681-f31c-4651-8513-e46920dfb6f1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=7928e066-76a9-463e-af89-7ce88bea635d&ttl=%%TTL%% HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-01ceEplVPO5HtWpEGgg81M15DFaFwdnMIOLwnMU6UA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F1173%2F124%2F2%2F7.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/1173/124/2/7.gif?puid=d28fcfe5-3705-4821-8ffc-49f439ce1b44&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F429%2F1%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/1173/429/1/8.gif?puid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F441%2F0%2F9.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1173/441/0/9.gif?puid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=0&gdpr_consent=
Request Chain 603
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CxTuPMT71ZObQB9DtzwWRrbeIBufu7tlynqfppqYRue7wyKoBEAEggMz4HmDJhoCA3KPEEKABocCY8SjIAQbgAgCoAwHIA8MEqgT0AU_QfRhLY_z80Bw1y5O0UjFMm6t9GjzwJJ3tHR5YBeZ_LUhqJhR1ttIxyu-tdyMoLucRxeKdz3WOt3kSNN_v9cA97j0OGkyc3OJeJgZqy1QZvX6ahyYKPKRBPLue8we9AJTQlP7y3xVMZWYGuRBsSPeNaJ3WEjAu15eRYDIlwow0fVjbYYxV7JdEp_eD9BtFxYDK0agudXbHxnjph5PPIBrWIP4X_QWLJJOp28k5YI-r2EH4GJM1-560CTHRnjgmSqlXLL7A6GSgZrZ78SNxnJrrzFK2Zzd5KHvGosplFQSvWNfwqHT8EtaryfI7rnigFRy8s9vABK3y3OGuBOAEAYgFptuOikuSBQQIBBgBkgUECAUYBKAGN4AHjvC4ngSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwHyBwQQuvFO0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTM1MTIwMDI5Nzg2NjIyNzOaCf4BaHR0cHM6Ly93d3cudGVtdS5jb20va3VpcGVyL3VuMS5odG1sP3N1Ymo9ZmVlZC11biZfYmdfZnM9MSZfcF9tYXQxX3R5cGU9MSZfcF9qdW1wX2lkPTcyNSZfeF92c3Rfc2NlbmU9YWRnJmxvY2FsZV9vdmVycmlkZT0yMTF-ZW5-VVNEJmdvb2RzX2lkPTYwMTA5OTUxNTg3NTI4NiZfcF9yZnM9MSZfeF9hZHNfc3ViX2NoYW5uZWw9b3RoZXImX3hfYWRzX2NoYW5uZWw9Z29vZ2xlJl94X2JnX2FkaWQ9Z2QzMjY5MTMtMSZ0b3BpY19jbGFzc2lmeT0xMjCACgPICwHaDBEKCxCg5OGJr9OjiIYBEgIBA9gTDNAVAYAXAbIXHgocCAASFHB1Yi05NDg5NjIxNzU1NjA1MzQ4GL7DEg&sigh=kWrlHzAEEjQ&uach_m=[UACH]&ase=2&cid=CAQSXgBpAlJWHLdkgd4HpCQ4CatwUr1uXqGj84qxebsFFVR-3PdjH44hlqWu3jHUonlQd6X2P2a_TnLiN21ngUr0sIHF9n4WKh2bHGMZ8zXgM4GfaXsywgJQlVC0X20nYG0YAQ&template_id=493&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc2efdb6aeda07fb0000000000000000%22,%222%22:%220xa278e52a2e87ce040000000000000000%22,%223%22:%220xc2fe126f530a7ebe0000000000000000%22,%224%22:%220x4912f5c659c5fbed0000000000000000%22,%225%22:%220xf3133837edf98f40000000000000000%22},%22debug_key%22:%227456045907539866766%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2209-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210080939116944098913%22}&andc=true
Request Chain 611
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7928e066-76a9-463e-af89-7ce88bea635d&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 612
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkzNDM0OTIwNTUyMzUyOTgwMjczNg%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 613
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGJ9ndNU06XGIuOwvzt_ovs&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 614
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkzNDM0OTIwNTUyMzUyOTgwMjczNg%3D%3D
Request Chain 616
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3934349205523529802736&gdpr=0&gdpr_consent= HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=e8def573-4079-4fed-a230-54596150311f HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=e8def573-4079-4fed-a230-54596150311f&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dtriplelift%26bsw_param%3De8def573-4079-4fed-a230-54596150311f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=triplelift&bsw_param=e8def573-4079-4fed-a230-54596150311f HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=e8def573-4079-4fed-a230-54596150311f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 617
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3934349205523529802736?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-oeTwoP5E2oQirhVxJIMp6LtveIKWIs8IMiJStnUJJw--~A&dongle=0883
Request Chain 619
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=6b3993bb-7262-427d-8897-2ad913a7b869&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 620
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4011881537103642354&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 623
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7928e066-76a9-463e-af89-7ce88bea635d&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 624
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkzNDM0OTIwNTUyMzUyOTgwMjczNg%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 625
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGJ9ndNU06XGIuOwvzt_ovs&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 626
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkzNDM0OTIwNTUyMzUyOTgwMjczNg%3D%3D
Request Chain 628
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3934349205523529802736&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e8def573-4079-4fed-a230-54596150311f&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10599855045206035720&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=e8def573-4079-4fed-a230-54596150311f&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 629
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3934349205523529802736?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-oeTwoP5E2oQirhVxJIMp6LtveIKWIs8IMiJStnUJJw--~A&dongle=0883
Request Chain 631
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=6b3993bb-7262-427d-8897-2ad913a7b869&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 632
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4011881537103642354&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 637
  • https://rtb.gumgum.com/getuid/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-dad2e94d-5bdd-43fd-83d7-963b6bf43e4b-158060-635452036%26ex_uid%3D%5BUID%5D&us_privacy=1--- HTTP 302
  • https://match.justpremium.com/match/gg?jp_uid=r-dad2e94d-5bdd-43fd-83d7-963b6bf43e4b-158060-635452036&ex_uid=u_5acc3aaa-1709-48bc-996d-7993392c2d49
Request Chain 644
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 645
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=b787e5ce-4065-0cf1-25cb-76bdb7170fd2
Request Chain 646
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-MjJj8ERE2uG26LattTglFSDPccItfil4~A
Request Chain 647
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=7928e066-76a9-463e-af89-7ce88bea635d&ttl=1696385844
Request Chain 648
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM494BTJ-1P-8OPA
Request Chain 649
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D546B0175-D6AA-46B9-A0AD-C2A930BF5276 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Request Chain 650
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553
Request Chain 651
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-70lmELdE2uFYfjk5c.xD9t3xIJYO_ELvJyAImdQ-~A
Request Chain 655
  • https://idsync.rlcdn.com/403716.gif?partner_uid=4bywjpflk0hcx6zrrym79v937 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPB-au-2J0mhh3YOehAXjCI&google_cver=1
Request Chain 664
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=4011881537103642354
Request Chain 665
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=e8def573-4079-4fed-a230-54596150311f&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=e8def573-4079-4fed-a230-54596150311f&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=e809844b-aeaa-4e32-a1cb-4bc5246812a0&ssp=gumgum2&expires=30&user_group=5&bsw_param=e8def573-4079-4fed-a230-54596150311f HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&us_privacy=
Request Chain 666
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28313dKssAclANv5-C39Ri45BIkcR5gONliu0IIbpnFmFVHTR6tgolVWMPlmgOPMeO%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28313dKssAclANv5-C39Ri45BIkcR5gONliu0IIbpnFmFVHTR6tgolVWMPlmgOPMeO%29%26gdpr%3D0 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&obuid=ENC(313dKssAclANv5-C39Ri45BIkcR5gONliu0IIbpnFmFVHTR6tgolVWMPlmgOPMeO)&gdpr=0 HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=0&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3D313dKssAclANv5-C39Ri45BIkcR5gONliu0IIbpnFmFVHTR6tgolVWMPlmgOPMeO%26gdpr%3D0%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=centro&uid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&obUid=313dKssAclANv5-C39Ri45BIkcR5gONliu0IIbpnFmFVHTR6tgolVWMPlmgOPMeO&gdpr=0&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Request Chain 667
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=0bd72699-68df-08c4-2835-799788eb2ec6
Request Chain 668
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-eb067bed-7771-5702-6904-f1a213a26691$ip$38.132.118.76
Request Chain 669
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-q_GnEVZE2pelL9NY_GB_BwR3tHSl_dfnzKS_~A
Request Chain 670
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=ef64a777-f1cd-43a8-a50e-1af8b0183d5c
Request Chain 672
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Request Chain 675
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693793844570&pubconsent=&euconsent=&hasConsent=1 HTTP 302
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693793844570&pubconsent=&euconsent=&hasConsent=1&rd=1
Request Chain 676
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Request Chain 679
  • https://match.sharethrough.com/universal/v1?supply_id=2TwkgUpM&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=5006350c-a261-44d7-84dd-dbea8f08b6e4&gdpr=0
Request Chain 680
  • https://bh.contextweb.com/bh/rtset?pid=562983&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpulsepoint%3Fchanneluid%3D%25%25VGUID%25%25 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=zgn5cAUresle&ev=1&us_privacy=1---&pid=562983
Request Chain 682
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID HTTP 302
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=4011881537103642354
Request Chain 683
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=1---&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/smart?channeluid=1869577055167662355
Request Chain 684
  • https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=pJzQ7WI8Qm9vWQAlMsLp&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOONSWKZDUMFTS4Y3PNUXWG4ZPMNXW623JMVZXS3TDF5XXK5DCOJQWS3R7MNUGC3TOMVWHK2LEHVYEU6SRG5LUSOCRNU4XMV2RIFWE242MOATGK6DDNBQW4Z3FHVZWKZLEORQWOJTHMRYHEPJQEZ2XGX3QOJUXMYLDPE6TCLJNFU&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOONSWKZDUMFTS4Y3PNUXWG4ZPMNXW623JMVZXS3TDF5XXK5DCOJQWS3R7MNUGC3TOMVWHK2LEHVYEU6SRG5LUSOCRNU4XMV2RIFWE242MOATGK6DDNBQW4Z3FHVZWKZLEORQWOJTHMRYHEPJQEZ2XGX3QOJUXMYLDPE6TCLJNFU HTTP 302
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=pJzQ7WI8Qm9vWQAlMsLp&gdpr=0&us_privacy=1---
Request Chain 685
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=5jrh0rv&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://s.seedtag.com/cs/cookiesync/ttd?channeluid=7928e066-76a9-463e-af89-7ce88bea635d
Request Chain 686
  • https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=seedtag&bsw_custom_parameter=e8def573-4079-4fed-a230-54596150311f HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=seedtag&bsw_custom_parameter=e8def573-4079-4fed-a230-54596150311f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=2940fdbe-e48c-4339-a0ac-04f2fd9d5fc9&user_group=1&ssp=seedtag&bsw_param=e8def573-4079-4fed-a230-54596150311f HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=
Request Chain 688
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=7928e066-76a9-463e-af89-7ce88bea635d
Request Chain 690
  • https://ad.360yield.com/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=d28fcfe5-3705-4821-8ffc-49f439ce1b44
Request Chain 691
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZPU.MAL8NXL8cEAE-8TFkQAA%26938
Request Chain 692
  • https://ups.analytics.yahoo.com/ups/58427/occ HTTP 302
  • https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-70lmELdE2uFYfjk5c.xD9t3xIJYO_ELvJyAImdQ-~A
Request Chain 693
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fadform%3Fchanneluid%3D%24UID HTTP 303
  • https://s.seedtag.com/cs/cookiesync/adform?channeluid=3547929380008100760
Request Chain 694
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID HTTP 307
  • https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=HQzJeBZHuGCrpGR8Q52pzqdh
Request Chain 695
  • https://u.openx.net/w/1.0/cm?id=e297ef35-c932-4587-9b44-3838020a33e7&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fopenx%3Fchanneluid%3D%7BOPENX_ID%7D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/openx?channeluid=aeb3dbbf-9971-0447-19d7-dabe2058df30
Request Chain 696
  • https://event.clientgear.com/cookie/seedtag?partner=seedtag&cookieid= HTTP 302
  • https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mka1c417f5f6be44b981c906350ba5cfaf
Request Chain 697
  • https://creativecdn.com/cm-notify?pi=seedtag HTTP 302
  • https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=qa45XtQKCxwmfyBqSHIl&pi=seedtag
Request Chain 698
  • https://t.adx.opera.com/pub/sync?pubid=pub9283744565120 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPUf145c78f92fa42b288627a33f5e584ec
Request Chain 700
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZPU_MQAAAyPauwA4&gdpr=0&gdpr_consent=
Request Chain 702
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1--- HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEzzU7J6nwAACbk4ScR2w&expiration=1695003444&us_privacy=1---
Request Chain 703
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709518644&external_user_id=0a80450f-9a45-46a8-b0ba-1e6a38dde008
Request Chain 704
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&us_privacy=1--- HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=30046c42-4ac9-11ee-ba0a-6250e198ad71
Request Chain 705
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&us_privacy=1--- HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=3SV3kkOj1QCZ9y5&us_privacy=1---
Request Chain 707
  • https://match.deepintent.com/usersync/113?us_privacy=1--- HTTP 303
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_4180617bbf17460393dff
Request Chain 709
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&us_privacy=1--- HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4011881537103642354&us_privacy=1---
Request Chain 711
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D32%26type%3Diframe%26id%3D%24UID%26auxuid%3D HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=32&type=iframe&id=4011881537103642354&auxuid=
Request Chain 713
  • https://sync.smartadserver.com/getuid?gdpr_consent=&url=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D45%26type%3Diframe%26id%3D%5Bsas_uid%5D%26auxuid%3D HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=45&type=iframe&id=1869577055167662355&auxuid=
Request Chain 714
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=skJudSCZ30&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D108%26type%3Diframe%26id%3D%5BPDID%5D%26auxuid%3D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer= HTTP 303
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/ HTTP 302
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=1869577055167662355
Request Chain 715
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D162%26type%3Diframe%26id%3D%5BRX_UUID%5D%26auxuid%3D HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2064%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=632308182 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/2064/789c64f5-3e31-4100-b68c-6bef558fd551?zcc=0&sspret=1
Request Chain 716
  • https://match.sharethrough.com/universal/v1?supply_id=49574e61&gdpr=&gdpr_consent=&tappx=1 HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=80&id=5006350c-a261-44d7-84dd-dbea8f08b6e4
Request Chain 717
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D28%26type%3Diframe%26id%3D%24UID%26auxuid%3D&gdpr=&gdpr_consent= HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=28&type=iframe&id=3934349205523529802736&auxuid=
Request Chain 718
  • https://s.c.appier.net/tappx HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=728&id=s7nypE8-D5-hKIUNNT71ZA
Request Chain 719
  • https://ad.360yield.com/server_match?partner_id=1934&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D253%26type%3Diframe%26id%3D%7BPUB_USER_ID%7D%26auxuid%3D HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=253&type=iframe&id=d28fcfe5-3705-4821-8ffc-49f439ce1b44&auxuid=
Request Chain 720
  • https://ads.betweendigital.com/match?bidder_id=43929&callback_url=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D724%26type%3Diframe%26id%3D%24%7BUSER_ID%7D%26auxuid%3D HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=724&type=iframe&id=b0231eb4-a9f2-53f7-952d-4f68f1d87159&auxuid=
Request Chain 721
  • https://t.adx.opera.com/pub/sync?pubid=pub6192414557248&gdpr=&consent=&us_privacy={{US_PRIVACY}} HTTP 302
  • https://ssp.api.tappx.com/cs/usync?consent=&gdpr=&id=OPU7a960d576c444aa68d904f18f36ecd5a&idmn=1135&us_privacy=%7B%7BUS_PRIVACY%7D%7D
Request Chain 723
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=4011881537103642354&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 724
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=4011881537103642354&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 725
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=qa45XtQKCxwmfyBqSHIl&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
Request Chain 727
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadyoulike%26bsw_param%3De8def573-4079-4fed-a230-54596150311f%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=2c13604cc4584d1995e49827a64c2897&ssp=adyoulike&bsw_param=e8def573-4079-4fed-a230-54596150311f&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=e8def573-4079-4fed-a230-54596150311f&name=BIDSWITCH&gdpr=0&gdpr_consent=
Request Chain 728
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=7928e066-76a9-463e-af89-7ce88bea635d&name=THE_TRADE_DESK
Request Chain 729
  • https://match.prod.bidr.io/cookie-sync/aul HTTP 303
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAEzzU7J6nwAACbk4ScR2w&name=BEESWAX
Request Chain 730
  • https://csync.smilewanted.com/getuid?source=openrtb&zoneCode=openrtb_adyoulike&redirect=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSMILE_WANTED%26ttl%3D720%26uid%3De77031af9e62c4ae76bee5b9517c4ef4%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=294eef79fe6e6c3b9a340b25c294c68b&gdpr=0&gdpr_consent=
Request Chain 731
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%3D%23PMUID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
Request Chain 733
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=pJzQ7WI8Qm9vWQAlMsLp&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGM5SHA4R5GATGOZDQOJPWG33OONSW45B5EZXGC3LFHVNEKTKBJZKECX2OIFKESVSFL4YV6MRGOR2GYPJXGIYCM5LJMQ6WMMTEHEYTGNTDMY2TGZDFMRSTOZRYGNRGCMJWGE3TCYJTG5TGIZBGOZUXG2LUN5ZD24CKPJITOV2JHBIW2OLWK5IUC3CNONGHA&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGM5SHA4R5GATGOZDQOJPWG33OONSW45B5EZXGC3LFHVNEKTKBJZKECX2OIFKESVSFL4YV6MRGOR2GYPJXGIYCM5LJMQ6WMMTEHEYTGNTDMY2TGZDFMRSTOZRYGNRGCMJWGE3TCYJTG5TGIZBGOZUXG2LUN5ZD24CKPJITOV2JHBIW2OLWK5IUC3CNONGHA HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr=0&gdpr_consent=&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=pJzQ7WI8Qm9vWQAlMsLp
Request Chain 735
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-eb067bed-7771-5702-6904-f1a213a26691$ip$38.132.118.76&name=STACKADAPT&gdpr=0&gdpr_consent=
Request Chain 736
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45fe67019618f4c5f35f52e%26visitor%3D%24%24visitor_cookie%24%24%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=2c13604cc4584d1995e49827a64c2897&gdpr=0&gdpr_consent=
Request Chain 737
  • https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNTV_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=3411b08f-c53d-4f81-a57c-759cc8a2dbdb&gdpr=0&gdpr_consent=
Request Chain 739
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D&gdpr=0&consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=b0231eb4-a9f2-53f7-952d-4f68f1d87159&name=BETWEENX&gdpr=0&gdpr_consent=
Request Chain 740
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=6bd378a7-55b8-474b-b8db-de7ae9eca2ad&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Request Chain 743
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1791377150691978257
Request Chain 745
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=2710a000-cfcc-4fa3-9ebf-7e20a62c118d
Request Chain 746
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4011881537103642354
Request Chain 748
  • https://match.deepintent.com/usersync/113 HTTP 303
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_4180617bbf17460393dff
Request Chain 751
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1--- HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEzzU7J6nwAACbk4ScR2w&expiration=1695003444&us_privacy=1---
Request Chain 752
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709518644&external_user_id=13b8a4b4-b9b3-4619-9b4b-4e8a29adbfd0
Request Chain 753
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&us_privacy=1--- HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=30046c42-4ac9-11ee-ba0a-6250e198ad71
Request Chain 754
  • https://match.deepintent.com/usersync/113?us_privacy=1--- HTTP 303
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_4180617bbf17460393dff
Request Chain 758
  • https://p.rfihub.com/cm?in=1&pub=2079&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2810316564796538587
Request Chain 762
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=7928e066-76a9-463e-af89-7ce88bea635d
Request Chain 764
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D50%26type%3Diframe%26id%3D%24UID%26auxuid%3D HTTP 303
  • https://ssp.api.tappx.com/cs/usync?idmn=50&type=iframe&id=3547929380008100760&auxuid=
Request Chain 766
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=tappx&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
Request Chain 767
  • https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D13%26type%3Diframe%26id%3D%24UID%26auxuid%3D HTTP 307
  • https://ssp.api.tappx.com/cs/usync?idmn=13&type=iframe&id=HQzJeBZHuGCrpGR8Q52pzqdh&auxuid=
Request Chain 768
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
Request Chain 772
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 773
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 774
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 776
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFenpVN0o2bndBQUNiazRTY1Iydw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEzzU7J6nwAACbk4ScR2w&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1869577055167662355&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?uid=AAEzzU7J6nwAACbk4ScR2w&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1869577055167662355%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1869577055167662355&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAEzzU7J6nwAACbk4ScR2w&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1869577055167662355%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1869577055167662355&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAEzzU7J6nwAACbk4ScR2w&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEzzU7J6nwAACbk4ScR2w&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3547929380008100760 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Request Chain 777
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4011881537103642354&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 778
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=30046c42-4ac9-11ee-ba0a-6250e198ad71
Request Chain 779
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_4180617bbf17460393dff HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 780
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eG5vbn0_OmtjaT9iKGIkOnxia2JjPGw6fz5nywKv HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 782
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 784
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&vxii_pid=12&vxii_pid1=10067&vxii_rcid=15c55c92-fb26-49ab-9c1d-66f09685044d
Request Chain 788
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=e8def573-4079-4fed-a230-54596150311f HTTP 302
  • https://a.usbrowserspeed.com/cs?puid=42243296-7b04-5b95-89b6-466ebf42f3c3&pid=lc&r=https%3a%2f%2fmatch%2eprod%2ebidr%2eio%2fcookie%2dsync%2ffivebyfive%3fr%3dhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526bidswitch_ssp_id%253dpubmatic HTTP 302
  • https://match.prod.bidr.io/cookie-sync/fivebyfive?r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26bidswitch_ssp_id%3dpubmatic HTTP 303
  • https://a.usbrowserspeed.com/cs?puid=AAEzzU7J6nwAACbk4ScR2w&pid=beeswax&r=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26bidswitch_ssp_id%3Dpubmatic HTTP 302
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=179&user_id=5ba5167a-a1f7-4992-a28e-f709ca5f9046&expires=5&user_group=0&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 790
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_10874B36B_F6275555&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 798
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3547929380008100760&gdpr=0&gdpr_consent=
Request Chain 799
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=5006350c-a261-44d7-84dd-dbea8f08b6e4&gdpr=0
Request Chain 805
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D200784%26dsp%3D631495%26t%3Dimage%26uid%3D%24UID HTTP 302
  • https://sync.adkernel.com/user-sync?zone=200784&dsp=631495&t=image&uid=4011881537103642354
Request Chain 807
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 808
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1693793844913.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Request Chain 809
  • https://ssc-cms.33across.com/ps/?_=1693793844913.&ri=0010b00001siQHqAAM&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=58&type=iframe&id=212259677762089&auxuid=
Request Chain 810
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=the33across&bsw_param=e8def573-4079-4fed-a230-54596150311f&google_hm=ZThkZWY1NzMtNDA3OS00ZmVkLWEyMzAtNTQ1OTYxNTAzMTFm HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEEtw_A56VWyshdgAPDjm35M&google_cver=1&ssp=the33across&bsw_param=e8def573-4079-4fed-a230-54596150311f HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=e8def573-4079-4fed-a230-54596150311f HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=e8def573-4079-4fed-a230-54596150311f&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 811
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-oOBjYdZE2uEwY1BGEt4zD_FJ5refzOdP~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-oOBjYdZE2uEwY1BGEt4zD_FJ5refzOdP%7EA&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 812
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=4aed342139a106f4&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAACqLm9CWEhrQNxpcDFAAAAAAA&expiration=1693880245&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAACqLm9CWEhrQNxpcDFAAAAAAA&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 813
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=3934349205523529802736 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=3934349205523529802736&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 814
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 815
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=7928e066-76a9-463e-af89-7ce88bea635d&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=e8def573-4079-4fed-a230-54596150311f HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=e8def573-4079-4fed-a230-54596150311f&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 816
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-oOBjYdZE2uEwY1BGEt4zD_FJ5refzOdP~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-oOBjYdZE2uEwY1BGEt4zD_FJ5refzOdP%7EA&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 817
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=37f863d519c90706&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAACqLm9CWEhtQNe8wDAAAAAAAA&expiration=1693880245&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAACqLm9CWEhtQNe8wDAAAAAAAA&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 818
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=3934349205523529802736 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=3934349205523529802736&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 819
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1693793844913.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Request Chain 820
  • https://ssc-cms.33across.com/ps/?_=1693793844913.&ri=0010b00002MptHCAAZ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X HTTP 302
  • https://s.seedtag.com/cs/cookiesync/33across?channeluid=212259677762089
Request Chain 824
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=seedtag&us_privacy=1---&khaos=LM494BTJ-1P-8OPA HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LM494BTJ-1P-8OPA&us_privacy=1---
Request Chain 826
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=644680&extuid=3934349205523529802736
Request Chain 828
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=c5340d26-f955-037b-24c2-a96fc1e0ed0d
Request Chain 829
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005&rndcb=6763225531 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adconductor HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3547929380008100760&ssp=adconductor HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/e8def573-4079-4fed-a230-54596150311f?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3DRX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005 HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
Request Chain 830
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Fredir%3Dhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fuid%253D9f93135e824096b627ff609f5cdee636%2526visitor%253D%257Buid%257D%2526name%253DOPENWEB HTTP 302
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D9f93135e824096b627ff609f5cdee636%26visitor%3D%7Buid%7D%26name%3DOPENWEB HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=257707a9de85b7d4&name=OPENWEB
Request Chain 832
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dadaptmx%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=adaptmx&user_id=k-3kDPGTXcsSsOt9IIysDWu4dmNYrRL7yPBhS09A&gdpr=0&gdpr_consent= HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=e8def573-4079-4fed-a230-54596150311f&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 833
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-70lmELdE2uFYfjk5c.xD9t3xIJYO_ELvJyAImdQ-~A&gdpr=0
Request Chain 834
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LM494BTJ-1P-8OPA&gdpr=0&us_privacy=1---
Request Chain 835
  • https://id.a-mx.com/u?&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De04b39a0-b6a4-433d-b5c7-aeb7ac81aed7%26bidder%3Damx_com%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&bidder=amx_com&uid=
Request Chain 836
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De04b39a0-b6a4-433d-b5c7-aeb7ac81aed7%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid.a-mo.net/setuid?A=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&bidder=smartadserver&uid=1869577055167662355
Request Chain 843
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=ef64a777-f1cd-43a8-a50e-1af8b0183d5c
Request Chain 844
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=e8def573-4079-4fed-a230-54596150311f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=2940fdbe-e48c-4339-a0ac-04f2fd9d5fc9&user_group=1&ssp=gumgum2&bsw_param=e8def573-4079-4fed-a230-54596150311f HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&us_privacy=
Request Chain 845
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=0bd72699-68df-08c4-2835-799788eb2ec6
Request Chain 846
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
  • https://usersync.gumgum.com/usersync?b=dit&i=di_4180617bbf17460393dff
Request Chain 847
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=zgn5cAUresle&ev=1&pid=558355
Request Chain 848
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1869577055167662355
Request Chain 853
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZPU.McCo5uYAAFGFxvUAAAAA
Request Chain 855
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=qa45XtQKCxwmfyBqSHIl&pi=gumgum
Request Chain 856
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZPU_MQAAAyPauwA4&gdpr=&gdpr_consent=
Request Chain 859
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-6a35ffea-8057-313e-bfb9-3e646aac53b8
Request Chain 860
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=818970230e
Request Chain 861
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5006350c-a261-44d7-84dd-dbea8f08b6e4
Request Chain 862
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=b0231eb4-a9f2-53f7-952d-4f68f1d87159
Request Chain 863
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HQzJeBZHuGCrpGR8Q52pzqdh
Request Chain 864
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-01ceEplVPO5HtWpEGgg81M15DFaFwdnMIOLwnMU6UA
Request Chain 865
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4011881537103642354
Request Chain 867
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&us_privacy=1---&khaos=LM494BTJ-1P-8OPA HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LM494BTJ-1P-8OPA&name=RUBICON&gdpr=0&us_privacy=1---
Request Chain 868
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=tappx&us_privacy=1---&khaos=LM494BTJ-1P-8OPA HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=52&id=LM494BTJ-1P-8OPA&us_privacy=1---
Request Chain 871
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Request Chain 879
  • https://match.prod.bidr.io/cookie-sync/richaudience&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AAEzzU7J6nwAACbk4ScR2w
Request Chain 880
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/ HTTP 302
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=1869577055167662355
Request Chain 881
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=7928e066-76a9-463e-af89-7ce88bea635d
Request Chain 888
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=50471763-5852-15a4-b867-228965766f42 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=0kfrvsng9khw0
Request Chain 889
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=e364b60c-12b0-0cdc-39db-f23ba48921b1&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZPU-NcFaWZMhnQFsPQK1N_1u
Request Chain 890
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=I7wI1elMibypOiXNk6IVOg==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 891
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=ef64a777-f1cd-43a8-a50e-1af8b0183d5c
Request Chain 892
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&gdpr=0&gdpr_consent=
Request Chain 895
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=ef64a777-f1cd-43a8-a50e-1af8b0183d5c&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 896
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=7671167391070426394&dongle=d407&gdpr=0&gdpr_consent=
Request Chain 897
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=pJzQ7WI8Qm9vWQAlMsLp&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5OBFHUUJXK5ETQULNHF3FOUKBNRGXGTDQ&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5OBFHUUJXK5ETQULNHF3FOUKBNRGXGTDQ HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=pJzQ7WI8Qm9vWQAlMsLp
Request Chain 898
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-eb067bed-7771-5702-6904-f1a213a26691$ip$38.132.118.76&dongle=4430
Request Chain 901
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3646&xuid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Request Chain 905
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3547929380008100760 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Request Chain 906
  • https://sync.1rx.io/usersync2/rise?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005&rndcb=1624172726 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adconductor HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3547929380008100760&ssp=adconductor HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/e8def573-4079-4fed-a230-54596150311f?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3DRX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005 HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
Request Chain 911
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=ef64a777-f1cd-43a8-a50e-1af8b0183d5c&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 912
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=7671167391070426394&dongle=d407&gdpr=0&gdpr_consent=
Request Chain 913
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=pJzQ7WI8Qm9vWQAlMsLp&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5OBFHUUJXK5ETQULNHF3FOUKBNRGXGTDQ&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5OBFHUUJXK5ETQULNHF3FOUKBNRGXGTDQ HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=pJzQ7WI8Qm9vWQAlMsLp
Request Chain 914
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-eb067bed-7771-5702-6904-f1a213a26691$ip$38.132.118.76&dongle=4430
Request Chain 917
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3646&xuid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Request Chain 920
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&us_privacy=1---&khaos=LM494BTJ-1P-8OPA HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LM494BTJ-1P-8OPA HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LM494BTJ-1P-8OPA&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 921
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://rtb2-useast.marketiq.com/sync?exchange=685&ssp=index&bsw_param=e8def573-4079-4fed-a230-54596150311f HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.marketiq.com%2Fsync%3Fexchange%3D685%26ssp%3Dindex%26bsw_param%3De8def573-4079-4fed-a230-54596150311f HTTP 302
  • https://rtb2-useast.marketiq.com/sync?adkuid=A8961146309600924623&exchange=685&ssp=index&bsw_param=e8def573-4079-4fed-a230-54596150311f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=458&user_id=A8961146309600924623&expires=5&ssp=index&bsw_param=e8def573-4079-4fed-a230-54596150311f HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&us_privacy=
Request Chain 922
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZPU.MAL8NXL8cEAE-8TFkQAA%26938&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=d32fa22b-0d5e-4f29-9a14-567781a29849-tuctbeec3b5
Request Chain 923
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZPU.MAL8NXL8cEAE-8TFkQAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZPU.MAL8NXL8cEAE-8TFkQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104813317142
Request Chain 924
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://stags.bluekai.com/site/23178?id=pJzQ7WI8Qm9vWQAlMsLp&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD24CKPJITOV2JHBIW2OLWK5IUC3CNONGHA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD24CKPJITOV2JHBIW2OLWK5IUC3CNONGHA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=pJzQ7WI8Qm9vWQAlMsLp
Request Chain 925
  • https://rtb.adentifi.com/CookieIndex HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=188&external_user_id=cuid_3003c761-4ac9-11ee-ba9f-12fa6b58ae11
Request Chain 926
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
Request Chain 930
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZPU.MAL8NXL8cEAE-8TFkQAA%26938&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZPU.MAL8NXL8cEAE-8TFkQAA%26938&gpp_sid=&us_privacy=&gpdr=
Request Chain 931
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1869577055167662355&gdpr=0&gdpr_consent=
Request Chain 933
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://stags.bluekai.com/site/23178?id=pJzQ7WI8Qm9vWQAlMsLp&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD24CKPJITOV2JHBIW2OLWK5IUC3CNONGHA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD24CKPJITOV2JHBIW2OLWK5IUC3CNONGHA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=pJzQ7WI8Qm9vWQAlMsLp
Request Chain 936
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
Request Chain 937
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
Request Chain 944
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dsmaato%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=smaato&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=818970230e
Request Chain 945
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Request Chain 946
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1693793846656.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Request Chain 947
  • https://ssc-cms.33across.com/ps/?_=1693793846656.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=212259677762089
Request Chain 948
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=1--- HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1696385846%26external_user_id%3D7928e066-76a9-463e-af89-7ce88bea635d HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1696385846&external_user_id=7928e066-76a9-463e-af89-7ce88bea635d
Request Chain 949
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1693793846656.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D2%2526external_user_id%253D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=1---&cb=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D2%26external_user_id%3D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=1---&bidder_id=2&external_user_id=ZPU.MAL8NXL8cEAE-8TFkQAA%26938
Request Chain 950
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=45&xu=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&ts=1693793846&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 951
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy=1--- HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=120&xu=6wZ77XdxVwJpBPGiE6JmkSaEdkw&us_privacy=1--- HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=120&external_user_id=6wZ77XdxVwJpBPGiE6JmkSaEdkw&ts=1693793846&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 952
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1693793846656.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=1---&bidder_id=90&external_user_id=4011881537103642354
Request Chain 955
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=3SV3kkOj1QCZ9y5
Request Chain 956
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3547929380008100760
Request Chain 957
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=N9KNTTKD2Egs1d1BZ97GGTPeiUEsgI4ZMIKl80Nv
Request Chain 958
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=4a128e3b-88fd-4575-854f-3b7c5c958939&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&us_privacy=
Request Chain 959
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=968907269421605264
Request Chain 960
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=C0079F51A67C45978E5DF77E05DE4DD6
Request Chain 961
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=fc5c5e6d-7710-0ae3-0dc8-957cca2dee6f HTTP 303
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=d3cf66ec-fc8a-455f-b615-5cc76c73542a&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D HTTP 302
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=e8def573-4079-4fed-a230-54596150311f HTTP 303
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=d3cf66ec-fc8a-455f-b615-5cc76c73542a HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=liveintent&bsw_custom_parameter=e8def573-4079-4fed-a230-54596150311f HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=e8def573-4079-4fed-a230-54596150311f&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dliveintent%26bsw_param%3De8def573-4079-4fed-a230-54596150311f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=liveintent&bsw_param=e8def573-4079-4fed-a230-54596150311f HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=e8def573-4079-4fed-a230-54596150311f
Request Chain 970
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=skJudSCZ30&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D108%26type%3Diframe%26id%3D%5BPDID%5D%26auxuid%3D HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=108&type=iframe&id=77b813dd-875f-4c75-8e07-1zz1693793603&auxuid=
Request Chain 971
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D162%26type%3Diframe%26id%3D%5BRX_UUID%5D%26auxuid%3D HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly&rndcb=7291739752 HTTP 302
  • https://sync.1rx.io/usersync/rubicon/LM494BTJ-1P-8OPA HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005?redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D162%26type%3Diframe%26id%3DRX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005%26auxuid%3D HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=162&type=iframe&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005&auxuid=
Request Chain 976
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=6wZ77XdxVwJpBPGiE6JmkSaEdkw&gdpr=0&gdpr_consent=
Request Chain 977
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3SV3kkOj1QCZ9y5&gdpr=0&gdpr_consent=
Request Chain 978
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
Request Chain 979
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968907269421605264
Request Chain 980
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=38aa4246-e467-4cc5-9f7c-952976286688&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Request Chain 981
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU7a960d576c444aa68d904f18f36ecd5a
Request Chain 982
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=822873238760
Request Chain 985
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=s7nypE8-D5-hKIUNNT71ZA
Request Chain 988
  • https://idsync.rlcdn.com/712188.gif?partner_uid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent= HTTP 307
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1 HTTP 302
  • https://idsync.rlcdn.com/362588.gif?partner_uid=7928e066-76a9-463e-af89-7ce88bea635d
Request Chain 994
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D200784%26dsp%3D631495%26t%3Dimage%26uid%3D%24UID HTTP 302
  • https://sync.adkernel.com/user-sync?zone=200784&dsp=631495&t=image&uid=4011881537103642354
Request Chain 998
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HQzJeBZHuGCrpGR8Q52pzqdh
Request Chain 999
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=818970230e
Request Chain 1000
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=b0231eb4-a9f2-53f7-952d-4f68f1d87159
Request Chain 1001
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-01ceEplVPO5HtWpEGgg81M15DFaFwdnMIOLwnMU6UA
Request Chain 1002
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4011881537103642354
Request Chain 1003
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5006350c-a261-44d7-84dd-dbea8f08b6e4
Request Chain 1004
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-6a35ffea-8057-313e-bfb9-3e646aac53b8
Request Chain 1008
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Request Chain 1012
  • https://ums.acuityplatform.com/tum?umid=8&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=822873281840
Request Chain 1015
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
Request Chain 1025
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
Request Chain 1029
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
Request Chain 1032
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=-EKJ4P0T3OXjRdnsqE7CtPxOjezjEIq0_xKE9JeM
Request Chain 1033
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://triplelift-match.dotomi.com/match/bounce/current?DotomiTest=23a1aa33e7ec0706&is_secure=true&networkId=74572&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAABp91Ff6SlJQNp76bpAAAAAAA&expiration=1693880247&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 1034
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent= HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAEzzU7J6nwAACbk4ScR2w&dongle=bzwx&gdpr=0
Request Chain 1035
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3690&xuid=789c64f5-3e31-4100-b68c-6bef558fd551&dongle=3995&gdpr=0&gdpr_consent=
Request Chain 1036
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3657&xuid=ZPU_MQAAAyPauwA4&dongle=3c0a&gdpr=0&gdpr_consent=
Request Chain 1037
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4945&xuid=d3abac0a-72dc-4079-b6bf-3a54511c4e93&dongle=31ac&gdpr=0&gdpr_consent=
Request Chain 1038
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=C0079F51A67C45978E5DF77E05DE4DD6&dongle=yf3
Request Chain 1039
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6547&xuid=qa45XtQKCxwmfyBqSHIl&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
Request Chain 1040
  • https://rtb.adentifi.com/CookieSyncTripleLift?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2715&dongle=1c5c&xuid=cuid_3003c761-4ac9-11ee-ba9f-12fa6b58ae11
Request Chain 1041
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6019&xuid=3SV3kkOj1QCZ9y5&dongle=465e&gdpr=0&gdpr_consent=
Request Chain 1047
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1508%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=6816780443 HTTP 302
  • https://sync.1rx.io/usersync3/centro/1508/9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553?zcc=0&sspret=1&rndcb=6816780443 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
Request Chain 1049
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=b70f714c-1bc3-4302-a8ca-81ae5d5dae7b
Request Chain 1052
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C0079F51A67C45978E5DF77E05DE4DD6&gdpr=0&gdpr_consent=
Request Chain 1053
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7470802481858437332&uid=Q7470802481858437332&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7470802481858437332
Request Chain 1058
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:546B0175-D6AA-46B9-A0AD-C2A930BF5276 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=31dc30e0-4ac9-11ee-b039-16c962239a11&companyId=673&id=pubmatic_id:546B0175-D6AA-46B9-A0AD-C2A930BF5276
Request Chain 1059
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4011881537103642354
Request Chain 1060
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0233db94-73f6-4b7d-96d6-70bb25b59c43&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 1063
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=546B0175-D6AA-46B9-A0AD-C2A930BF5276 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MWk1VWZGTkkzU2RRYVNQWC1EUy1aU3dpZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=3547929380008100760&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 1066
  • https://pixel.onaudience.com/?partner=214&mapped=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e979fbba7253bef3/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=84caeabe7dca810754df0c83f721d6ba&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=28f8cc7909dee48f HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=NG1tRFl1Mkg5OVlEQjRQQQ%3D%3D HTTP 302
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEK4prbhu-mMwmu2MBk9e2WM&google_cver=1
Request Chain 1069
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dsmaato%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=smaato&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=818970230e
Request Chain 1075
  • https://ups.analytics.yahoo.com/ups/58401/sync?redir=true&gdpr=&gdpr_consent= HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=yahooAdvertising&uid=y-Lbur4j1E2uEm00sMIgscSHowiZjLDx1J~A
Request Chain 1077
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Request Chain 1078
  • https://ssc-cms.33across.com/ps/?_=1693793848818.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=212259677762089
Request Chain 1080
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc1MDI2NzU4Mi90LzI/url/https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D44%26ts%3D1693793848818.3%26us_privacy%3D%26xu%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=44&ts=1693793848818.3&us_privacy=&xu=7671167391070426394 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=44&external_user_id=7671167391070426394&ts=1693793849&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1081
  • https://sync.1rx.io/usersync2/33across?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D43%26ts%3D123%26us_privacy%3D1---%26xu%3D%5BRX_UUID%5D HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D43%26ts%3D123%26us_privacy%3D1---%26xu%3DRX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=43&ts=123&us_privacy=1---&xu=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=43&external_user_id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005&ts=1693793849&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 1083
  • https://pxl.iqm.com/i/ck/ttacross?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D123%26ts%3D1693793848818.6%26us_privacy%3D%26xu%3D%5BPUID%5D HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=123&ts=1693793848818.6&us_privacy=&xu=4333c3a9-09d8-4906-a740-6f06cc0edf20 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=123&external_user_id=4333c3a9-09d8-4906-a740-6f06cc0edf20&ts=1693793849&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1084
  • https://cs.mobfox.com/4601c426c7c74dd7172eb80111ccb2bf.gif?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D126%26us_privacy%3D%26xu%3D%5BUID%5D HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=126&us_privacy=&xu=d0cd7073-0b72-4a83-80f5-0eb2bb391d01 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=126&external_user_id=d0cd7073-0b72-4a83-80f5-0eb2bb391d01&ts=1693793850&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1106
  • https://pixel.adsafeprotected.com/rfw/st/1463401/71225013/skeleton.js?adsafe_url=https%3A%2F%2Fwww.shefinds.com%2F&adsafe_type=abedfq&adsafe_jsinfo=,id:97f159bb-6c63-6eac-bc28-7283e06aac88,c:nawS9v,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-67bdfc9f5d-jl7dq,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:vidqua_4_so_1,mtim:128,mot:0,app:0,maw:0,fm:tOQOol7+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18111%7C18112%7C181131%7C181132%7C181133%7C181134%7C181135%7C181136%7C181137%7C181138%7C18114%7C18115%7C18116%7C18117%7C18118%7C1812%7C18131%7C18132%7C1814%7C1815%7C1816%7C1817%7C1818%7C181911%7C18192%7C181a1%7C181a2%7C181b%7C181c%7C181d%7C181e%7C181f%7C181g%7C181h1%7C181h2%7C181i%7C19%7C1a%7C1b1%7C1b2%7C1c1%7C1c2%7C1c3%7C1c41%7C1c42%7C1c43%7C1c44%7C1c45%7C1c461%7C1c5%7C1c611%7C1c612%7C1c613%7C1c614%7C1c615%7C1c616%7C1c617%7C1c618%7C1c619%7C1c61a%7C1c61b%7C1c62%7C1c71%7C1c8%7C1c9%7C1ca%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1j11%7C1j12%7C1j131%7C1j14%7C1k1%7C1k2%7C1l%7C1m1%7C1m2%7C1m31%7C1m41%7C1m42%7C1m43%7C1m51%7C1m521%7C1m6111%7C1m612%7C1m613%7C1m62%7C1m63%7C1m64%7C1m65%7C1m66%7C1m7%7C1m8%7C1m9%7C1n%7C1o%7C1p1%7C1q1%7C1q21%7C1q3%7C1q4%7C1q51%7C1q521%7C1q6%7C1r%7C1s1%7C1t*.1463401-71225013%7C1t1%7C1u,idMap:1t*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,tt:rjss,et:184,oid:34a3b61e-4ac9-11ee-aac4-d2f7a0dc89b6,v:19.8.439,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 1111
  • https://ad.doubleclick.net/ddm/trackimp/N1026613.3562758SHEMEDIA/B29841104.366248166;dc_trk_aid=556964966;dc_trk_cid=191251502;ord=624582475;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1026613.3562758SHEMEDIA/B29841104.366248166;dc_pre=CJC_0ufxj4EDFeEXiAkdDpMHgg;dc_trk_aid=556964966;dc_trk_cid=191251502;ord=624582475;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1

1117 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.shefinds.com/
Redirect Chain
  • http://shefinds.com/
  • https://shefinds.com/
  • https://www.shefinds.com/
60 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.28 PleskLin
Resource Hash
8f8c90f6ab1351ea62aa2811d8662e81ad7e018891aa3ce280ea46143490cd98

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=796, public
cf-cache-status
DYNAMIC
cf-ray
8012bc41186367c6-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:17:18 GMT
expires
Mon, 04 Sep 2023 02:30:32 GMT
last-modified
Mon, 04 Sep 2023 01:30:32 GMT
link
<https://www.shefinds.com/wp-json/>; rel="https://api.w.org/"
pragma
public
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.28 PleskLin

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8012bc409f7a67c6-MIA
content-type
text/html
date
Mon, 04 Sep 2023 02:17:18 GMT
location
https://www.shefinds.com/
server
cloudflare
gardac-sync.js
bc.marfeelcache.com/statics/marfeel/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bc.marfeelcache.com/statics/marfeel/gardac-sync.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f5428d1ef9d83754dce94a68d89cfd445ee439f51872b5c6d687b646e40c6f58

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
via
1.1 fdced9a893123e4285bf6f674dce492c.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-b3-traceid
b5549a551086471980864d5be6bf3fe4
x-amz-cf-pop
YUL62-C2
x-mrs-cache
HIT
x-cache
Miss from cloudfront, HIT, HIT
mrf-cache-status
H-HH
x-mrf-rendered
1692691662240
content-disposition
inline;filename=f.txt
x-b3-traceid-primal
a1e2876539d349d99eb8fa4459fa0632
x-mrs-age
2281
content-length
3764
x-mshield-cache-status
HIT
x-served-by
mshield-b-02, haproxy1, cache-yul12834-YUL, cache-mia-kmia1760092-MIA
x-mrf-type
UNKNOWN
server
nginx
x-timer
S1693793839.572551,VS0,VE0
etag
W/"08e1729697a60cc7f930ece0a1a11fb0e"
x-mrf-shard
all
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86401
x-mrs-cache-hits
1
accept-ranges
bytes
access-control-allow-headers
x-requested-with
x-amz-cf-id
7Qn3r6by1R0kqtk5U8Oz0Z43TKvuw1DkaJlh1hbLqSz1R3j5LAKcrg==
x-cache-hits
4, 4
main.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ 		53 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/main.min.css?ver=1.0.6
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
9d484e0bc43c2fe1616f13be7286217a719cc4f38162595166ff05fe55bd08d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Aug 2019 12:44:12 GMT
server
cloudflare
age
2273
etag
W/"5d691a1c-d43e"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc429b4b67c6-MIA
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
57829
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3279
last-modified
Thu, 22 Jun 2023 10:45:16 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"6494263c-ccf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jAjFmxOPqMyqikhJX0GGKSFs8OGYFByLdClKG3bTOEhCntcwNVdK23H6GZoIqAJnzKHzy6ez2FJzrF2jD1tP1d93%2BoG4CsxxA6BvaBlz2w92Bh2ONmiuKmdW0sO5dxkbKf4hLZOnS3kKxNtsj%2BFilMfS"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8012bc431e888db8-MIA
expires
Sat, 24 Aug 2024 02:17:18 GMT
/
cloud.typenetwork.com/projects/2101/fontface.css/ 		730 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud.typenetwork.com/projects/2101/fontface.css/
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c73375eb59df657ad502e98ba1d00c19cff4db28839900fc20b2b2d54bc79c5d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
date
Mon, 04 Sep 2023 02:17:18 GMT
via
1.1 varnish
x-amz-request-id
tx00000000000002a6e29ce-0064f48a71-76276b52-nyc3c
age
576
x-envoy-upstream-healthchecked-cluster
x-cache
HIT
content-length
730
x-served-by
cache-mia-kmia1760072-MIA
last-modified
Sat, 24 Dec 2022 16:17:08 GMT
x-timer
S1693793839.573764,VS0,VE1
etag
"228cb88d245a31343060024e93e4d9ad"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1693747825.cdn4-pxy056-mia02.mi1.evs,1693747825.cds223.mi1.pr
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=600
x-rgw-object-type
Normal
accept-ranges
bytes
x-cache-hits
1
style.min.css
www.shefinds.com/wp-content/themes/shefinds_14/ 		115 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
1c46829c0fdbb5a474b233d1b95b4058205430a12b8b5479ec947ce0aa42f3dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Nov 2022 09:05:45 GMT
server
cloudflare
age
2273
etag
W/"63871ce9-1ca0c"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc429b5267c6-MIA
mobile.min.css
www.shefinds.com/wp-content/themes/shefinds_14/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/mobile.min.css?ver=1.1.46
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
172e82fb9c69d0838aff5ecc6ccf73b4dd42372045993942b56a6e2885144377

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 04 May 2018 07:13:47 GMT
server
cloudflare
age
2439
etag
W/"5aec082b-4a96"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc429b5767c6-MIA
home-new.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/home-new.min.css?ver=1.0.32
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
22798a3b8634170635f6cdaf547679b85ada677ff4f1aca1aca8bb1d0ff780c2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 06:15:28 GMT
server
cloudflare
age
2439
etag
W/"63e1ec80-496c"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc429b5a67c6-MIA
single-new.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/single-new.min.css?ver=1.0.35
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
fdbfddeacca164c72809d65be2542f9f24f541d226871af20ae1b11681c1ab49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 06:15:28 GMT
server
cloudflare
age
2192
etag
W/"63e1ec80-8143"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc429b5d67c6-MIA
sbi-styles.min.css
www.shefinds.com/wp-content/plugins/instagram-feed/css/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.3.1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
86bd9f21bb4a8221fad8dd07771e0ae79c80c4b58e833f9386281040ac64c32d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 03 Sep 2021 09:13:18 GMT
server
cloudflare
age
1346
etag
W/"6131e72e-41b7"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc429b6167c6-MIA
style.min.css
www.shefinds.com/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-includes/css/dist/block-library/style.min.css?ver=debd74e6c3054f5f7592e78bb546766f
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Aug 2023 15:21:24 GMT
server
cloudflare
age
4969
etag
W/"64e4d274-19824"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc429b6567c6-MIA
ccb-frontend.min.css
www.shefinds.com/wp-content/themes/shefinds_14/custom-content-builder/styles/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/custom-content-builder/styles/ccb-frontend.min.css?ver=1.0.7
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
f41cb22f351b579a92ce50fa657167533a58bf918469869e71092fdba2ae2b95

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 06:15:28 GMT
server
cloudflare
age
2439
etag
W/"63e1ec80-42d0"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc429b6a67c6-MIA
home.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ 		2 KB
535 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/home.min.css?ver=1.0.8
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
0919010befa0b531da092173532edec8241e5facac1fe25ae626fc2bf2bfa372

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Mar 2018 08:01:58 GMT
server
cloudflare
etag
W/"5abc9d76-638"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc429b6e67c6-MIA
home-new.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/home-new.min.css?ver=1.0.9
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
22798a3b8634170635f6cdaf547679b85ada677ff4f1aca1aca8bb1d0ff780c2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 06:15:28 GMT
server
cloudflare
age
4998
etag
W/"63e1ec80-496c"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc429b7167c6-MIA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 09:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
580065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Aug 2024 09:09:33 GMT
global_combined.min.js
www.shefinds.com/wp-content/themes/shefinds_14/js/min/ 		31 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/js/min/global_combined.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
efa4025d1f80af52b3bde5aa3427b3080f231ca54e50315b386833bd58f4d5b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 11:41:53 GMT
server
cloudflare
age
6946
etag
W/"6239b601-7c40"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
8012bc42cbe567c6-MIA
analyticstrain.min.js
cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-43.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e69bbb9d255e0800f75b87ed45302ff6dce75e08aa1223ec1e59ed6058cc3839

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Via
1.1 ce0d380336eb1f624e574285078b47f6.cloudfront.net (CloudFront)
Date
Mon, 04 Sep 2023 01:52:26 GMT
X-Amz-Cf-Pop
EWR50-C1
Age
1493
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 22 Jul 2020 23:39:36 GMT
Server
AmazonS3
ETag
W/"0e107974c7663dc3d598a29c1079881d"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
X-Amz-Cf-Id
-cdSCigF1gBhtsVrKvZcySuJbqd4iXH1ITa36Bt9A1W2hoBks_V5_g==
js
www.googletagmanager.com/gtag/ 		236 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SPS2TCRBW2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
70548009be0dcf9324b1f1e3b128f50a22f1a27988968e69fcf10e44d0d2a0b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82956
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 04 Sep 2023 02:17:18 GMT
blogherads.js
ads.blogherads.com/static/ 		583 KB
254 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/blogherads.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b52c4e22ceba834273a23ce791d48072acd76f715530c0db5830623eb5d7132b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
92468KGCQMT89QWT
age
1015
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
j8p/ki9W2t8xXbkC/TS66BLisIA6fWEpZ4C/+wLF7Lm7SqfXDzoY+Yf2UCoVl7SccfYpg352dTM=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:29 GMT
x-timer
S1693793839.857616,VS0,VE0
etag
W/"5dcb5d63d8589078f11c0428a5a57cd1"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
2
header.js
ads.blogherads.com/bh/41/412/412983/2498530/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/bh/41/412/412983/2498530/header.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c8bf555039a25ddd0b8db4e0e409887bbfdd4e3b34aa13421fec724b0b9beb00

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
H1HQ96PWM4A8M2CM
age
793
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
uBTtw3UX2m6ef53NU2/0lSg6lIQW4K2OsZq6Gch+LCnxFpI8iVIEZ8oRHM+6/m+bZ9UvL7/bptY=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Mon, 04 Sep 2023 02:01:10 GMT
x-timer
S1693793839.857588,VS0,VE1
etag
W/"fc6bd3e221b17a146d498d9bc8bc92f7"
vary
accept-encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
1
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
871
age
8322012
cdn-cachedat
03/12/2022 18:02:15
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"5869c96cc8f19086aee625d670d741f9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
d29955e88c31f99d00a69293254d6853
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
8012bc431db667b1-MIA
cdn-requestpullsuccess
True
menu-ico-new.png
www.shefinds.com/wp-content/themes/shefinds_14/img/ 		124 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/menu-ico-new.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
ba381e54279a07776f1bf69131b32f3958acdff2e2b37334dced95c4e0dedc50

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
cf-cache-status
HIT
age
3163
cf-polished
origFmt=png, origSize=214
x-powered-by
PleskLin
content-disposition
inline; filename="menu-ico-new.webp"
content-length
124
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
etag
"5a6e6d28-d6"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc447f3a67c6-MIA
new-logo-mob.png
www.shefinds.com/wp-content/themes/shefinds_14/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/new-logo-mob.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
563c2828b96e60d471d369d0f12dabe89e209931b7f1486dec16ab7a19c87930

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
cf-cache-status
HIT
age
3163
cf-polished
origFmt=png, origSize=3557
x-powered-by
PleskLin
content-disposition
inline; filename="new-logo-mob.webp"
content-length
2364
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
etag
"5a6e6d28-de5"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc447f3f67c6-MIA
sub-new-img.png
www.shefinds.com/wp-content/themes/shefinds_14/img/ 		216 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/sub-new-img.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a9daaba14208d4a11facc1c74d4fac2717864aedd04b68d1f3076ffee8863c41

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
cf-cache-status
HIT
age
3163
cf-polished
origFmt=png, origSize=380
x-powered-by
PleskLin
content-disposition
inline; filename="sub-new-img.webp"
content-length
216
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
etag
"5a6e6d28-17c"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc447f4367c6-MIA
woman-taking-a-pill-with-glass-of-water.jpg
www.shefinds.com/files/2023/08/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/08/woman-taking-a-pill-with-glass-of-water.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
86f469e31208c8995270acc9ada2cd30b3e2863639219fa035049473e68c3d59

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 01 Sep 2023 00:57:47 GMT
server
cloudflare
age
4450
x-powered-by
PleskLin
cf-polished
origSize=119838
vary
Accept-Encoding
etag
"64f1370b-1d41e"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc449f9967c6-MIA
content-length
107235
jar-of-yogurt-topped-with-green-tea-matcha-powder.jpg
www.shefinds.com/files/2023/09/ 		214 KB
214 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/jar-of-yogurt-topped-with-green-tea-matcha-powder.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
4a8cafc6e7996f3238078c513d852564d8e07759ecb594726e9b556e2eaa882d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Tue, 29 Aug 2023 22:47:42 GMT
server
cloudflare
age
1467
x-powered-by
PleskLin
cf-polished
origSize=231066
vary
Accept-Encoding
etag
"64ee758e-3869a"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc449fae67c6-MIA
content-length
219120
young-woman-with-light-makeup-applyin-eye-cream.jpg
www.shefinds.com/files/2023/08/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/08/young-woman-with-light-makeup-applyin-eye-cream.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
38b41faed58291eb888f22d8ce2d1a6b58bd52fe72c13c8ffa444d10a632da3b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Thu, 31 Aug 2023 10:35:36 GMT
server
cloudflare
age
1267
x-powered-by
PleskLin
cf-polished
origSize=195717
vary
Accept-Encoding
etag
"64f06cf8-2fc85"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc449faa67c6-MIA
content-length
184534
woman-eating-salmon-sushi-rolls.jpg
www.shefinds.com/files/2023/08/ 		167 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/08/woman-eating-salmon-sushi-rolls.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
49727c6d1651bc546bce0a8edc49bf60906b7154d1f766657aa6a9fc9f2164c0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Mon, 28 Aug 2023 22:22:17 GMT
server
cloudflare
age
1466
x-powered-by
PleskLin
cf-polished
origSize=186058
vary
Accept-Encoding
etag
"64ed1e19-2d6ca"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc449fa867c6-MIA
content-length
170501
gwen-stefani-attends-Glamour-Women-of-the-Year-Awards-2016.jpg
www.shefinds.com/files/2023/09/ 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/gwen-stefani-attends-Glamour-Women-of-the-Year-Awards-2016.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
8afb7b16db12143090af897471534a4798ff7e1977711c8b631eaa9b87197418

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sat, 02 Sep 2023 09:47:18 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=167952
vary
Accept-Encoding
etag
"64f304a6-29010"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc44f86267c6-MIA
content-length
155737
Prince-Harry-attends-Queen-Elizabeths-funeral.jpg
www.shefinds.com/files/2023/09/ 		422 KB
423 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/Prince-Harry-attends-Queen-Elizabeths-funeral.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
557c7242da6967c57875ea939198caaa3bc37cfee87a9652ecb57a4152e7654b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sun, 03 Sep 2023 22:58:19 GMT
server
cloudflare
age
1741
x-powered-by
PleskLin
cf-polished
origSize=449245
vary
Accept-Encoding
etag
"64f50f8b-6dadd"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc45189067c6-MIA
content-length
432463
Angelina-Jolie-And-Salma-Hayek.jpg
www.shefinds.com/files/2023/09/ 		291 KB
292 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/Angelina-Jolie-And-Salma-Hayek.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
2c1640e3e54c335f18e92d56af8ea22052c5d3317670807c87bfd584fdff9808

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sun, 03 Sep 2023 22:25:02 GMT
server
cloudflare
age
5529
x-powered-by
PleskLin
cf-polished
origSize=310386
vary
Accept-Encoding
etag
"64f507be-4bc72"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc45693367c6-MIA
content-length
298252
grocery-stora-aisle-endcaps.jpg
www.shefinds.com/files/2023/09/ 		599 KB
600 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/grocery-stora-aisle-endcaps.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
530fdb04fba9d9ae16315c51c1f87482f690392c5b971b03465f7302bccf51e2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sun, 03 Sep 2023 19:32:35 GMT
server
cloudflare
age
5649
x-powered-by
PleskLin
cf-polished
origSize=633231
vary
Accept-Encoding
etag
"64f4df53-9a98f"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc45998967c6-MIA
content-length
613849
Kirkland-organic-apple-sauce.jpg
www.shefinds.com/files/2023/09/ 		248 KB
249 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/Kirkland-organic-apple-sauce.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
e2c8dd889642487e976b8f78f3640dbe7ced0ad48112b972c21dd41f3617f09a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sun, 03 Sep 2023 20:56:59 GMT
server
cloudflare
age
3054
x-powered-by
PleskLin
cf-polished
origSize=265598
vary
Accept-Encoding
etag
"64f4f31b-40d7e"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc45998a67c6-MIA
content-length
254319
Meghan-Markle-looks-at-the-floral-tributes-left-at-Windsor-Castle.jpg
www.shefinds.com/files/2023/09/ 		244 KB
244 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/Meghan-Markle-looks-at-the-floral-tributes-left-at-Windsor-Castle.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
c32d1929b26bd7d736ea97b24d06b86c96a77a0158160f46bfd2cf95ecaa0c3f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sat, 02 Sep 2023 09:38:30 GMT
server
cloudflare
age
5529
x-powered-by
PleskLin
cf-polished
origSize=264161
vary
Accept-Encoding
etag
"64f30296-407e1"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc45998c67c6-MIA
content-length
249924
older-woman-with-wrinkle-cream-on-her-cheek.jpg
www.shefinds.com/files/2022/10/ 		177 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2022/10/older-woman-with-wrinkle-cream-on-her-cheek.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
362afdb7f49f842619ac1de7bb636ea64897c88c304fa81931b6f40e4b963494

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Thu, 20 Oct 2022 11:00:24 GMT
server
cloudflare
age
1458
x-powered-by
PleskLin
cf-polished
origSize=195719
vary
Accept-Encoding
etag
"63512a48-2fc87"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc45a9a567c6-MIA
content-length
181366
Kris-Jenner-27th-Annual-ACE-Awards-2023.jpg
www.shefinds.com/files/2023/09/ 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/Kris-Jenner-27th-Annual-ACE-Awards-2023.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
041639ca2ca4c1ac138d86d2beeed135b2bc0e0024240c313dfa17cebaf3815c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sun, 03 Sep 2023 23:15:30 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=240289
vary
Accept-Encoding
etag
"64f51392-3aaa1"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc45a9aa67c6-MIA
content-length
227224
Kate-Middleton-and-Prince-Harry-watch-sail-boat-race.jpg
www.shefinds.com/files/2023/09/ 		168 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/Kate-Middleton-and-Prince-Harry-watch-sail-boat-race.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
8b4d701920988ac424209a3d0a821ff0064b11d2119843eb4ec8d6ff6cde6096

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sat, 02 Sep 2023 08:44:53 GMT
server
cloudflare
age
2742
x-powered-by
PleskLin
cf-polished
origSize=184200
vary
Accept-Encoding
etag
"64f2f605-2cf88"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc45b9cc67c6-MIA
content-length
171535
Ivanka-Trump-Donald-Trump-Tiffany-Trump.jpg
www.shefinds.com/files/2023/09/ 		271 KB
272 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/Ivanka-Trump-Donald-Trump-Tiffany-Trump.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
6272c92a7b737f583b957b66da0613f8d5a32b9a11c8e267f66b0d668b9174df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sat, 02 Sep 2023 09:28:15 GMT
server
cloudflare
age
2742
x-powered-by
PleskLin
cf-polished
origSize=292114
vary
Accept-Encoding
etag
"64f3002f-47512"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc460a5767c6-MIA
content-length
277783
lightbox_inline.js
www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/lightbox_inline.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bea9774a7c2714797d8f83a8f4381ec099fc8a09464aa91c7568507c0d15e65

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Mon, 14 Mar 2022 22:03:24 GMT
content-md5
wPc9Z2CqzUpAOBQXevQ37w==
server
cloudflare
cf-polished
origSize=2379
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
43d1d08b-a01e-0004-6cc3-6dedb2000000
x-ms-version
2009-09-19
cf-ray
8012bc443b4e3dd7-MIA
basket.min.js
www.shefinds.com/wp-content/themes/shefinds_14/js/min/ 		188 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/js/min/basket.min.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
96ef0a27fb2a76f331f10aee91d770a435b441bf158aa4f97d37e5dfc8c684ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Aug 2019 12:44:12 GMT
server
cloudflare
age
2439
etag
W/"5d691a1c-bc"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
8012bc442ead67c6-MIA
home.min.js
www.shefinds.com/wp-content/themes/shefinds_14/js/min/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/js/min/home.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
7f99ccc181f7410ffa22bd5032bc00dc72fd7baa90ed8bea13dda0fef07f39d1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Jul 2018 14:05:26 GMT
server
cloudflare
etag
W/"5b55e0a6-138e"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
8012bc446f2867c6-MIA
p.js
cdn.parsely.com/keys/shefinds.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/shefinds.com/p.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-101-60.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
d9020a9e8ca290ab222d60df4b49824ea317eeea5fbe020caea10fbc9f682edb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
public
date
Sun, 03 Sep 2023 10:43:40 GMT
content-encoding
gzip
via
1.1 48fa2d8b9525abe889eff7ccc8591f7e.cloudfront.net (CloudFront)
last-modified
Thu, 02 Apr 2020 00:30:13 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
56022
etag
W/"5e853215-c07b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
TXXSNqDkk61hwG9oB6koXTfQl3oXfO5fgsn769vaabFge04FBNqN2A==
expires
Mon, 04 Sep 2023 10:43:36 GMT
onejs
z-na.amazon-adsystem.com/widgets/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=fbf22f81-b8a4-4c31-8f5a-0666feac8e37
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.161.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-161-188.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
c9066107ae3bca7d986d94311fc534c472a7aae6f7f53eeff674454fac46a958

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
Public
date
Mon, 04 Sep 2023 02:14:11 GMT
content-encoding
gzip
via
1.1 41ef018c4b3646a152209c05c1b3adf8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
age
187
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
content-length
7388
x-amz-cf-id
8xfwh2GgvjriR2Nu4t8TURtTZLY8UxjlAYGDQqt_wV001g4nljXRQQ==
expires
Mon, 04 Sep 2023 02:19:11 GMT
shefinds-shefinds.js
widget.sellwild.com/shefinds/ 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.sellwild.com/shefinds/shefinds-shefinds.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-108.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01dfcfe991ac2e4dffd53173f4668c3fb3df791900c35c633c06ed1f73f1ce44

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 22:09:05 GMT
content-encoding
gzip
via
1.1 335df4b8ee16f1aabffbb7f53461c35c.cloudfront.net (CloudFront)
last-modified
Tue, 21 Mar 2023 06:21:24 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
14894
etag
W/"9a3ac0f83e15e5f11c7e9ee7cfba83a6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1209600,public
x-amz-cf-id
1g_ICnTqYBIF50bgwKXI9AlAtT8fXtjxdMxl87SQ0KxAj9AkPw2Fjg==
main.d.js
bc.marfeelcache.com/www.shefinds.com/ 		13 B
443 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bc.marfeelcache.com/www.shefinds.com/main.d.js
Requested by
Host: bc.marfeelcache.com
URL: https://bc.marfeelcache.com/statics/marfeel/gardac-sync.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
94f59a48294d99f8d9b7632cd5a1742670c7735fe37ec7c555aab939b635fdde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
via
1.1 0cf68108b8820db4a096a661da0108ba.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-b3-traceid
9d9d7f1d0b4846e0961b2b56a2e324ee
x-amz-cf-pop
YUL62-C2
x-mrs-cache
HIT
x-cache
Miss from cloudfront, HIT, HIT
mrf-cache-status
H-HH
x-mrf-rendered
1692775350867
x-mrs-age
4
x-b3-traceid-primal
8de5c08e3cbc47ffa5e4a40f89594c18
content-length
13
x-mshield-cache-status
HIT
x-served-by
mshield-b-01, haproxy1, cache-yul12833-YUL, cache-mia-kmia1760092-MIA
x-mrf-type
UNKNOWN
server
nginx
x-timer
S1693793839.794207,VS0,VE2
etag
"067e866c735744ec6037b77b623ee022d"
x-mrf-shard
0
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin, Date
cache-control
public, max-age=61
x-mrs-cache-hits
1
accept-ranges
bytes
access-control-allow-headers
x-requested-with
x-amz-cf-id
Q6wSOH9_i9C9UnOUGkU_N7h7IQo8KFedLmKDyo6RolmdhC5Xouthxg==
x-cache-hits
335, 1
resolve
people.api.boomtrain.com/identify/ 		81 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.159.80 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-159-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0dbb4c54621ddbe5ae056b06a3aee8b41d8cb9f27d927db1716e6d0f134f0870

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:18 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
81
resolve
people.api.boomtrain.com/identify/ 		81 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.159.80 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-159-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0dbb4c54621ddbe5ae056b06a3aee8b41d8cb9f27d927db1716e6d0f134f0870

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:18 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
81
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f66993c077f1c11da8528e4cfcc3457376059c789260fa56b5e7d101652f87ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 04 Sep 2023 02:17:18 GMT
content-md5
802L3GFhkBaPjc6jJDhCFg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-debug
aTcfM7m880Pm4eObc2WpFBkP68Vz6+iOhTe6RWG5+DKSNQ8rJ6ZnB5d3Fl0W7p1I1A9OiJJw3MknxTrlcnlSCQ==
x-fb-content-md5
82d9ef616fdccb709a74c88d05a128a7
cross-origin-opener-policy
same-origin-allow-popups
etag
"b2e44014d2988b956b4afe87506f098a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:23:35 GMT
fbevents.js
connect.facebook.net/en_US/ 		193 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 04 Sep 2023 02:17:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52127
x-xss-protection
0
pragma
public
x-fb-debug
MBkcaOT2Lqm1IjKFdjZhr8M+5JcJdAkaOFXlvNKLdzeZcVPra0bM/DWQEgsq7bYTXNF0mrll8DV+zcE/RydsOg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
shefindsmedia-lifestyle_tag.js
d3ezl4ajpp2zy8.cloudfront.net/ 		0
0
shefinds.js
static.bam-x.com/tags/ 		152 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.bam-x.com/tags/shefinds.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-73.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d4dd9dbc6099790b3a3807c15f4ef9b8e71cab2a4a646e256b47248a8c430d09

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 01:57:09 GMT
Content-Encoding
gzip
Via
1.1 00266a01055b9f1e1ad959f077c1d96a.cloudfront.net (CloudFront)
Last-Modified
Thu, 01 Sep 2022 16:42:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P6
Age
1210
ETag
W/"eb4fce974f8ba34fb9a68d7736fa02d6"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=3600
Connection
keep-alive
X-Amz-Cf-Id
HZncVCXq34lg4tgoqwplyvN89PpoV7gMrsta0cGMDWz3DOJtXsBr0w==
hotjar-368258.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-368258.js?sv=5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-124.jfk50.r.cloudfront.net
Software
/
Resource Hash
79bdbc5eec1a17fcf72f932f52818982c559bc1387a5dfbf7d714b5d6f5ebe62
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Mon, 04 Sep 2023 02:16:49 GMT
via
1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
40
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/45475b8b07c325eab6454e5142fc831f
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
ROqkxT-DkTcrDpF_uxCzBDhoITRCzIe8JFg4EEMvzpmuoWVBMg-khQ==
116504.ct.js
intljs.rmtag.com/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intljs.rmtag.com/116504.ct.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.147.102.34.bc.googleusercontent.com
Software
/
Resource Hash
edec3ea3c17d9fb266993c5c5088d3c4b1a13a7d54d745b4b36d8134cf6697f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 04 Sep 2023 02:17:19 GMT
x-cache
hit
x-samesite
secure
content-type
text/javascript
cache-control
max-age=86400
x-dyn
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
analytics-1.5.12.min.js
cdn.keywee.co/dist/
Redirect Chain
  • https://cdn.keywee.co/dist/analytics.min.js
  • https://cdn.keywee.co/dist/analytics-1.5.12.min.js
22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Server
2600:9000:2209:7200:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 05:22:21 GMT
content-encoding
gzip
via
1.1 35c803afef083002d824403342d4c62e.cloudfront.net (CloudFront)
last-modified
Mon, 28 Dec 2020 09:55:56 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
254413
etag
W/"13a05c433850fad0455e2ee1a1707eb0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=259200,public
x-amz-cf-id
rPaHqZ8jYnzXVQ_2wkPle1oEIFusDPmkiDQxg7tzgeQ8af-mXKuiKw==

Redirect headers

date
Mon, 04 Sep 2023 02:16:01 GMT
via
1.1 35c803afef083002d824403342d4c62e.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
79
x-cache
Hit from cloudfront
location
/dist/analytics-1.5.12.min.js
content-length
0
x-amz-cf-id
R4nDCNedxtderDRL3BSOd1OVP2mIT-oPzw3YakxDIpm9AAYnzqpOsA==
/
www.shefinds.com/iframe-modal/ Frame B3CF 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/iframe-modal/
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.28 PleskLin
Resource Hash
3bfc733aad4edd0f1eab235dac99bf8d8b4edb54465d830ae8f94b0b4c0e6569

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=799, public
cf-cache-status
DYNAMIC
cf-ray
8012bc447f2f67c6-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:17:18 GMT
expires
Mon, 04 Sep 2023 02:30:36 GMT
last-modified
Mon, 04 Sep 2023 01:30:36 GMT
link
<https://www.shefinds.com/wp-json/>; rel="https://api.w.org/" <https://www.shefinds.com/wp-json/wp/v2/pages/710110>; rel="alternate"; type="application/json" <https://www.shefinds.com/?p=710110>; rel=shortlink
pragma
public
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.28 PleskLin
/
www.shefinds.com/iframe-modal-homepage/ Frame 9C3D 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/iframe-modal-homepage/
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.28 PleskLin
Resource Hash
a2e772df48664b17e0007d15a00b973f070c0106769fc4aa30b78f89d3455fd5

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=1211, public
cf-cache-status
DYNAMIC
cf-ray
8012bc447f3267c6-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:17:18 GMT
expires
Mon, 04 Sep 2023 02:37:28 GMT
last-modified
Mon, 04 Sep 2023 01:37:28 GMT
link
<https://www.shefinds.com/wp-json/>; rel="https://api.w.org/" <https://www.shefinds.com/wp-json/wp/v2/pages/710112>; rel="alternate"; type="application/json" <https://www.shefinds.com/?p=710112>; rel=shortlink
pragma
public
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.28 PleskLin
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 11 Sep 2023 02:17:19 GMT
shefinds_blackhorizontal.png
www.shefinds.com/wp-content/themes/shefinds_14/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/shefinds_blackhorizontal.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
42d3eb7d373afb36dd72a7e4aefba98de82fc8706fccc34f42810c2c0760ea2b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
cf-cache-status
HIT
age
3602
cf-polished
origFmt=png, origSize=34331
x-powered-by
PleskLin
content-disposition
inline; filename="shefinds_blackhorizontal.webp"
content-length
9764
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
etag
"5a6e6d28-861b"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc449f9e67c6-MIA
new-search.png
www.shefinds.com/wp-content/themes/shefinds_14/img/ 		270 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/new-search.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a5dabed54019cdc6c9853772ab679ba81d4e1d4e560d7dbe585d0cb5d77b2548

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
cf-cache-status
HIT
age
3613
cf-polished
origFmt=png, origSize=442
x-powered-by
PleskLin
content-disposition
inline; filename="new-search.webp"
content-length
270
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
etag
"5a6e6d28-1ba"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc449fa267c6-MIA
blank.gif
www.shefinds.com/wp-content/themes/shefinds_14/img/ 		43 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/blank.gif
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
age
3613
x-powered-by
PleskLin
cf-polished
origSize=49, status=webp_bigger
vary
Accept-Encoding
etag
"5a6e6d28-31"
content-type
image/gif
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc449fa567c6-MIA
content-length
43
socail-sprite-2.png
www.shefinds.com/wp-content/themes/shefinds_14/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/socail-sprite-2.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/css/home-new.min.css?ver=1.0.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
6dacad7a02574323e64231bdb477b99dbac3bfafe28be370fb3d2e9fb2650b9c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/wp-content/themes/shefinds_14/css/home-new.min.css?ver=1.0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
cf-cache-status
HIT
age
3614
cf-polished
origFmt=png, origSize=7177
x-powered-by
PleskLin
content-disposition
inline; filename="socail-sprite-2.webp"
content-length
4754
cf-bgj
imgq:100,h2pri
last-modified
Wed, 06 May 2020 07:07:53 GMT
server
cloudflare
etag
"5eb26249-1c09"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc462a8667c6-MIA
footer-btn-img.png
www.shefinds.com/wp-content/themes/shefinds_14/img/ 		258 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/footer-btn-img.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
037873e3bde7304011cab230abd95899bc51a3936e70d756bcd8bc8dfa72268d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
cf-cache-status
HIT
age
6913
cf-polished
origFmt=png, origSize=713
x-powered-by
PleskLin
content-disposition
inline; filename="footer-btn-img.webp"
content-length
258
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
etag
"5a6e6d28-2c9"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc463ab167c6-MIA
HelveticaNeue-Medium.woff2
www.shefinds.com/wp-content/themes/shefinds_14/fonts/helvetica_medium/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/fonts/helvetica_medium/HelveticaNeue-Medium.woff2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
343a6c2bc4231fcde5a83ef906379d2317391d648ac2c9cfe441bc8bfc7c9bed

Request headers

Referer
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Origin
https://www.shefinds.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
age
3598
etag
"5a6e6d28-50b0"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc447f3467c6-MIA
content-length
20656
HelveticaNeue.woff2
www.shefinds.com/wp-content/themes/shefinds_14/fonts/helvetica_neue/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/fonts/helvetica_neue/HelveticaNeue.woff2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
696b7b641d993b2664d20d1fc0a7d81e1dfe55db60535b8b946159e3e7aadb28

Request headers

Referer
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Origin
https://www.shefinds.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
age
3598
etag
"5a6e6d28-47e8"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc447f3667c6-MIA
content-length
18408
c4d_vdef_emp_28e5.woff2
fastly-cloud.typenetwork.com/projects/2101/ 		69 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fastly-cloud.typenetwork.com/projects/2101/c4d_vdef_emp_28e5.woff2?ddc0ee1b29f22d0bf691ca97fc73962a4cad3c8e
Requested by
Host: cloud.typenetwork.com
URL: https://cloud.typenetwork.com/projects/2101/fontface.css/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ecdfa400855d3a2942065b7b7036b020e66d61547a26465637598a2078d46612
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://cloud.typenetwork.com/
Origin
https://www.shefinds.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
date
Mon, 04 Sep 2023 02:17:18 GMT
via
1.1 varnish
x-amz-request-id
tx00000000000002492367f-0064f23914-7612cb7b-nyc3c
age
24
x-cache
HIT
x-amz-meta-surrogate-control
max-age=604800
content-length
70756
x-served-by
cache-mia-kmia1760085-MIA
last-modified
Thu, 06 Apr 2023 15:46:23 GMT
x-timer
S1693793839.853029,VS0,VE2
x-amz-meta-tn-allowed-domains
http://shefinds.ctpusdev.com
etag
"fea67774edcbfec9e421db7375ae16ab"
x-amz-meta-surrogate-keys
style-3149 family-371 project-2101 projectlicense-10469
access-control-allow-methods
GET
content-type
font/woff2
access-control-max-age
0
x-hw
1693595924.cdn4-pxy057-mia02.mi1.evs,1693595924.cds062.mi1.pr
cache-control
max-age=600
x-rgw-object-type
Normal
x-amz-meta-tn-plw-id
10469
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Origin
accept-ranges
bytes
access-control-allow-origin
*
x-cache-hits
1
lightbox.js
www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/ Frame FDDE 		510 B
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/lightbox.js?mb=1693793838896&lv=1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a2a266e9cfe3f048c6f45f4a90e799657c2f814e34de1e898d3b689f7f68e02b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 04 Sep 2023 02:02:32 GMT
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cf-ray
8012bc456da43dd7-MIA
gardac-sync.js
bc.marfeelcache.com/statics/marfeel/ Frame 9C3D 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bc.marfeelcache.com/statics/marfeel/gardac-sync.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f5428d1ef9d83754dce94a68d89cfd445ee439f51872b5c6d687b646e40c6f58

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
via
1.1 fdced9a893123e4285bf6f674dce492c.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-b3-traceid
770a9d348fd54e748c809b4a73397dbc
x-amz-cf-pop
YUL62-C2
x-mrs-cache
HIT
x-cache
Miss from cloudfront, HIT, HIT
mrf-cache-status
H-HH
x-mrf-rendered
1692691662240
content-disposition
inline;filename=f.txt
x-b3-traceid-primal
a1e2876539d349d99eb8fa4459fa0632
x-mrs-age
2281
content-length
3764
x-mshield-cache-status
HIT
x-served-by
mshield-b-02, haproxy1, cache-yul12834-YUL, cache-mia-kmia1760092-MIA
x-mrf-type
UNKNOWN
server
nginx
x-timer
S1693793839.974771,VS0,VE0
etag
W/"08e1729697a60cc7f930ece0a1a11fb0e"
x-mrf-shard
all
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86401
x-mrs-cache-hits
1
accept-ranges
bytes
access-control-allow-headers
x-requested-with
x-amz-cf-id
7Qn3r6by1R0kqtk5U8Oz0Z43TKvuw1DkaJlh1hbLqSz1R3j5LAKcrg==
x-cache-hits
4, 5
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ Frame 9C3D 		52 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
57829
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3279
last-modified
Thu, 22 Jun 2023 10:45:16 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"6494263c-ccf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aC7hqSUkbKAOn63Ba8ymzG%2BoWTYLiZ4TvqkRpWstanxp3idclAJXIua2ZKyThe0Yzahu5InBh4hOGU517tmVSnT9Tn78TxuFWAyDXrQunap%2F4vY232wg2gYhjplFu6KVIaK0Cp3XTA8GR2t8H9FxXNd5"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8012bc459a4d8db8-MIA
expires
Sat, 24 Aug 2024 02:17:18 GMT
/
cloud.typenetwork.com/projects/2101/fontface.css/ Frame 9C3D 		730 B
800 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud.typenetwork.com/projects/2101/fontface.css/
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c73375eb59df657ad502e98ba1d00c19cff4db28839900fc20b2b2d54bc79c5d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
date
Mon, 04 Sep 2023 02:17:18 GMT
via
1.1 varnish
x-amz-request-id
tx00000000000002a6e29ce-0064f48a71-76276b52-nyc3c
age
576
x-envoy-upstream-healthchecked-cluster
x-cache
HIT
content-length
730
x-served-by
cache-mia-kmia1760072-MIA
last-modified
Sat, 24 Dec 2022 16:17:08 GMT
x-timer
S1693793839.972875,VS0,VE0
etag
"228cb88d245a31343060024e93e4d9ad"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1693747825.cdn4-pxy056-mia02.mi1.evs,1693747825.cds223.mi1.pr
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=600
x-rgw-object-type
Normal
accept-ranges
bytes
x-cache-hits
2
style.min.css
www.shefinds.com/wp-content/themes/shefinds_14/ Frame 9C3D 		115 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
1c46829c0fdbb5a474b233d1b95b4058205430a12b8b5479ec947ce0aa42f3dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal-homepage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Nov 2022 09:05:45 GMT
server
cloudflare
age
2273
etag
W/"63871ce9-1ca0c"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc45996b67c6-MIA
mobile.min.css
www.shefinds.com/wp-content/themes/shefinds_14/ Frame 9C3D 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/mobile.min.css?ver=1.1.46
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
172e82fb9c69d0838aff5ecc6ccf73b4dd42372045993942b56a6e2885144377

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal-homepage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 04 May 2018 07:13:47 GMT
server
cloudflare
age
2439
etag
W/"5aec082b-4a96"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc45996c67c6-MIA
home-new.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ Frame 9C3D 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/home-new.min.css?ver=1.0.32
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
22798a3b8634170635f6cdaf547679b85ada677ff4f1aca1aca8bb1d0ff780c2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal-homepage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 06:15:28 GMT
server
cloudflare
age
2439
etag
W/"63e1ec80-496c"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc45996d67c6-MIA
single-new.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ Frame 9C3D 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/single-new.min.css?ver=1.0.35
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
fdbfddeacca164c72809d65be2542f9f24f541d226871af20ae1b11681c1ab49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal-homepage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 06:15:28 GMT
server
cloudflare
age
2192
etag
W/"63e1ec80-8143"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc45996e67c6-MIA
sbi-styles.min.css
www.shefinds.com/wp-content/plugins/instagram-feed/css/ Frame 9C3D 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.3.1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
86bd9f21bb4a8221fad8dd07771e0ae79c80c4b58e833f9386281040ac64c32d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal-homepage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 03 Sep 2021 09:13:18 GMT
server
cloudflare
age
1346
etag
W/"6131e72e-41b7"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc45997067c6-MIA
style.min.css
www.shefinds.com/wp-includes/css/dist/block-library/ Frame 9C3D 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-includes/css/dist/block-library/style.min.css?ver=debd74e6c3054f5f7592e78bb546766f
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal-homepage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Aug 2023 15:21:24 GMT
server
cloudflare
age
4969
etag
W/"64e4d274-19824"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc45997167c6-MIA
ccb-frontend.min.css
www.shefinds.com/wp-content/themes/shefinds_14/custom-content-builder/styles/ Frame 9C3D 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/custom-content-builder/styles/ccb-frontend.min.css?ver=1.0.7
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
f41cb22f351b579a92ce50fa657167533a58bf918469869e71092fdba2ae2b95

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal-homepage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 06:15:28 GMT
server
cloudflare
age
2439
etag
W/"63e1ec80-42d0"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc45997267c6-MIA
page.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ Frame 9C3D 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/page.min.css?ver=debd74e6c3054f5f7592e78bb546766f
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
0d91e8b78f9d50f6dca25fdc4ef9d7cb2a5e0c102ad56ede94e74294de384682

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal-homepage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Feb 2019 07:25:45 GMT
server
cloudflare
age
6781
etag
W/"5c6274f9-14fc"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc45997467c6-MIA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame 9C3D 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 09:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
580065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Aug 2024 09:09:33 GMT
global_combined.min.js
www.shefinds.com/wp-content/themes/shefinds_14/js/min/ Frame 9C3D 		31 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/js/min/global_combined.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
efa4025d1f80af52b3bde5aa3427b3080f231ca54e50315b386833bd58f4d5b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal-homepage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 11:41:53 GMT
server
cloudflare
age
6946
etag
W/"6239b601-7c40"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
8012bc45997867c6-MIA
analyticstrain.min.js
cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/ Frame 9C3D 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-43.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e69bbb9d255e0800f75b87ed45302ff6dce75e08aa1223ec1e59ed6058cc3839

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Via
1.1 ce0d380336eb1f624e574285078b47f6.cloudfront.net (CloudFront)
Date
Mon, 04 Sep 2023 01:52:26 GMT
X-Amz-Cf-Pop
EWR50-C1
Age
1493
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 22 Jul 2020 23:39:36 GMT
Server
AmazonS3
ETag
W/"0e107974c7663dc3d598a29c1079881d"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
X-Amz-Cf-Id
BCknH2D0UDHazxb6obSjzF9YMdFeex8RvccfGhcQoYg8nE90lytLpQ==
main.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ Frame 9C3D 		53 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/main.min.css?ver=1.0.1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
9d484e0bc43c2fe1616f13be7286217a719cc4f38162595166ff05fe55bd08d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal-homepage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Aug 2019 12:44:12 GMT
server
cloudflare
age
6939
etag
W/"5d691a1c-d43e"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc45997667c6-MIA
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ Frame 9C3D 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
871
age
8322012
cdn-cachedat
03/12/2022 18:02:15
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"5869c96cc8f19086aee625d670d741f9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
d29955e88c31f99d00a69293254d6853
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
8012bc45997d67b1-MIA
cdn-requestpullsuccess
True
new-subscribe-img-mid.png
www.shefinds.com/wp-content/themes/shefinds_14/img/ Frame 9C3D 		686 B
818 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/new-subscribe-img-mid.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
330e25c0558ee1f21b86897d71f3f38a45eb47cc3ca3e71e4117f55367cdde5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal-homepage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
cf-polished
origFmt=png, origSize=1202
etag
"5a6e6d28-4b2"
vary
Accept
x-powered-by
PleskLin
content-type
image/webp
cache-control
max-age=5356800
content-disposition
inline; filename="new-subscribe-img-mid.webp"
accept-ranges
bytes
cf-ray
8012bc47fd9e67c6-MIA
content-length
686
page.min.js
www.shefinds.com/wp-content/themes/shefinds_14/js/min/ Frame 9C3D 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/js/min/page.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
0912420957e1349dea4b9d6467adc71c30de0c1f9b2e09d84003b3eae03971f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal-homepage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 11 May 2018 12:37:25 GMT
server
cloudflare
age
6918
etag
W/"5af58e85-1285"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
8012bc46bb8e67c6-MIA
lightbox.min.js
www.shefinds.com/wp-content/themes/shefinds_14/js/min/ Frame 9C3D 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/js/min/lightbox.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a2dd9aedcd7ec64cdbeea19974bc3740698aeaae2d0652ea72ac0cfd190cb8d6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal-homepage/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Jul 2018 14:05:26 GMT
server
cloudflare
age
2273
etag
W/"5b55e0a6-13aa"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
8012bc46bb9367c6-MIA
p.js
cdn.parsely.com/keys/shefinds.com/ Frame 9C3D 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/shefinds.com/p.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-101-60.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
d9020a9e8ca290ab222d60df4b49824ea317eeea5fbe020caea10fbc9f682edb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
public
date
Sun, 03 Sep 2023 10:43:40 GMT
content-encoding
gzip
via
1.1 48fa2d8b9525abe889eff7ccc8591f7e.cloudfront.net (CloudFront)
last-modified
Thu, 02 Apr 2020 00:30:13 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
56023
etag
W/"5e853215-c07b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
6D1ywKn3p5xGQny4dtc1lZF3PCH6s7KzuN29EG7-Egw-60aCqX8zAA==
expires
Mon, 04 Sep 2023 10:43:36 GMT
onejs
z-na.amazon-adsystem.com/widgets/ Frame 9C3D 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=fbf22f81-b8a4-4c31-8f5a-0666feac8e37
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.161.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-161-188.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
c9066107ae3bca7d986d94311fc534c472a7aae6f7f53eeff674454fac46a958

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
Public
date
Mon, 04 Sep 2023 02:14:11 GMT
content-encoding
gzip
via
1.1 41ef018c4b3646a152209c05c1b3adf8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
age
188
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
content-length
7388
x-amz-cf-id
evcN7NOlC1iojkhiGjXcDO9o2-squ_TfnZwHBQFO-SeZAKiIja2ikQ==
expires
Mon, 04 Sep 2023 02:19:11 GMT
gardac-sync.js
bc.marfeelcache.com/statics/marfeel/ Frame B3CF 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bc.marfeelcache.com/statics/marfeel/gardac-sync.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f5428d1ef9d83754dce94a68d89cfd445ee439f51872b5c6d687b646e40c6f58

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
via
1.1 fdced9a893123e4285bf6f674dce492c.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-b3-traceid
b513fa1103a245ffa5243c427d187c99
x-amz-cf-pop
YUL62-C2
x-mrs-cache
HIT
x-cache
Miss from cloudfront, HIT, HIT
mrf-cache-status
H-HH
x-mrf-rendered
1692691662240
content-disposition
inline;filename=f.txt
x-b3-traceid-primal
a1e2876539d349d99eb8fa4459fa0632
x-mrs-age
2281
content-length
3764
x-mshield-cache-status
HIT
x-served-by
mshield-b-02, haproxy1, cache-yul12834-YUL, cache-mia-kmia1760092-MIA
x-mrf-type
UNKNOWN
server
nginx
x-timer
S1693793839.978149,VS0,VE0
etag
W/"08e1729697a60cc7f930ece0a1a11fb0e"
x-mrf-shard
all
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86401
x-mrs-cache-hits
1
accept-ranges
bytes
access-control-allow-headers
x-requested-with
x-amz-cf-id
7Qn3r6by1R0kqtk5U8Oz0Z43TKvuw1DkaJlh1hbLqSz1R3j5LAKcrg==
x-cache-hits
4, 6
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ Frame B3CF 		52 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
57829
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3279
last-modified
Thu, 22 Jun 2023 10:45:16 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"6494263c-ccf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8UyW3g7dy6z0wVu4BSRDFSmk3gtUzGk%2BLJ3kgqCuqDpZCSnAd6WV9Uw71Y4rQSVHgWdO3LQdIPq94n7%2BPQQkZ75AzKwkZDkNHst8RIoK6gxbcngHWeu20Bo%2BFTNFt4v%2Fogz3pT0EcsNPO4%2Bdwv0%2BqH5"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8012bc459a5a8db8-MIA
expires
Sat, 24 Aug 2024 02:17:18 GMT
/
cloud.typenetwork.com/projects/2101/fontface.css/ Frame B3CF 		730 B
799 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud.typenetwork.com/projects/2101/fontface.css/
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c73375eb59df657ad502e98ba1d00c19cff4db28839900fc20b2b2d54bc79c5d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
date
Mon, 04 Sep 2023 02:17:18 GMT
via
1.1 varnish
x-amz-request-id
tx00000000000002a6e29ce-0064f48a71-76276b52-nyc3c
age
576
x-envoy-upstream-healthchecked-cluster
x-cache
HIT
content-length
730
x-served-by
cache-mia-kmia1760072-MIA
last-modified
Sat, 24 Dec 2022 16:17:08 GMT
x-timer
S1693793839.976400,VS0,VE0
etag
"228cb88d245a31343060024e93e4d9ad"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1693747825.cdn4-pxy056-mia02.mi1.evs,1693747825.cds223.mi1.pr
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=600
x-rgw-object-type
Normal
accept-ranges
bytes
x-cache-hits
3
style.min.css
www.shefinds.com/wp-content/themes/shefinds_14/ Frame B3CF 		115 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
1c46829c0fdbb5a474b233d1b95b4058205430a12b8b5479ec947ce0aa42f3dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Nov 2022 09:05:45 GMT
server
cloudflare
age
2273
etag
W/"63871ce9-1ca0c"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc45997b67c6-MIA
mobile.min.css
www.shefinds.com/wp-content/themes/shefinds_14/ Frame B3CF 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/mobile.min.css?ver=1.1.46
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
172e82fb9c69d0838aff5ecc6ccf73b4dd42372045993942b56a6e2885144377

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 04 May 2018 07:13:47 GMT
server
cloudflare
age
2439
etag
W/"5aec082b-4a96"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc45997c67c6-MIA
home-new.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ Frame B3CF 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/home-new.min.css?ver=1.0.32
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
22798a3b8634170635f6cdaf547679b85ada677ff4f1aca1aca8bb1d0ff780c2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 06:15:28 GMT
server
cloudflare
age
2439
etag
W/"63e1ec80-496c"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc45997d67c6-MIA
single-new.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ Frame B3CF 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/single-new.min.css?ver=1.0.35
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
fdbfddeacca164c72809d65be2542f9f24f541d226871af20ae1b11681c1ab49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 06:15:28 GMT
server
cloudflare
age
2192
etag
W/"63e1ec80-8143"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc45997f67c6-MIA
sbi-styles.min.css
www.shefinds.com/wp-content/plugins/instagram-feed/css/ Frame B3CF 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.3.1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
86bd9f21bb4a8221fad8dd07771e0ae79c80c4b58e833f9386281040ac64c32d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 03 Sep 2021 09:13:18 GMT
server
cloudflare
age
1346
etag
W/"6131e72e-41b7"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc45998067c6-MIA
style.min.css
www.shefinds.com/wp-includes/css/dist/block-library/ Frame B3CF 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-includes/css/dist/block-library/style.min.css?ver=debd74e6c3054f5f7592e78bb546766f
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Aug 2023 15:21:24 GMT
server
cloudflare
age
4969
etag
W/"64e4d274-19824"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc45998267c6-MIA
ccb-frontend.min.css
www.shefinds.com/wp-content/themes/shefinds_14/custom-content-builder/styles/ Frame B3CF 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/custom-content-builder/styles/ccb-frontend.min.css?ver=1.0.7
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
f41cb22f351b579a92ce50fa657167533a58bf918469869e71092fdba2ae2b95

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 06:15:28 GMT
server
cloudflare
age
2439
etag
W/"63e1ec80-42d0"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc45998367c6-MIA
page.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ Frame B3CF 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/page.min.css?ver=debd74e6c3054f5f7592e78bb546766f
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
0d91e8b78f9d50f6dca25fdc4ef9d7cb2a5e0c102ad56ede94e74294de384682

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Feb 2019 07:25:45 GMT
server
cloudflare
age
6781
etag
W/"5c6274f9-14fc"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc45998467c6-MIA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame B3CF 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 09:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
580065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Aug 2024 09:09:33 GMT
global_combined.min.js
www.shefinds.com/wp-content/themes/shefinds_14/js/min/ Frame B3CF 		31 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/js/min/global_combined.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
efa4025d1f80af52b3bde5aa3427b3080f231ca54e50315b386833bd58f4d5b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 11:41:53 GMT
server
cloudflare
age
6946
etag
W/"6239b601-7c40"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
8012bc45998767c6-MIA
analyticstrain.min.js
cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/ Frame B3CF 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-43.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e69bbb9d255e0800f75b87ed45302ff6dce75e08aa1223ec1e59ed6058cc3839

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Via
1.1 ce0d380336eb1f624e574285078b47f6.cloudfront.net (CloudFront)
Date
Mon, 04 Sep 2023 01:52:26 GMT
X-Amz-Cf-Pop
EWR50-C1
Age
1494
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 22 Jul 2020 23:39:36 GMT
Server
AmazonS3
ETag
W/"0e107974c7663dc3d598a29c1079881d"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
X-Amz-Cf-Id
rlIhhtEYryiln5Q8ep-Du4oEYQRg7MzmowHKbE0boKZxIGFA38hjjw==
main.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ Frame B3CF 		53 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/main.min.css?ver=1.0.1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
9d484e0bc43c2fe1616f13be7286217a719cc4f38162595166ff05fe55bd08d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Aug 2019 12:44:12 GMT
server
cloudflare
age
6939
etag
W/"5d691a1c-d43e"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012bc45998567c6-MIA
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ Frame B3CF 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
871
age
8322012
cdn-cachedat
03/12/2022 18:02:15
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"5869c96cc8f19086aee625d670d741f9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
d29955e88c31f99d00a69293254d6853
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
8012bc45997e67b1-MIA
cdn-requestpullsuccess
True
mail-ic-modal.png
www.shefinds.com/wp-content/themes/shefinds_14/img/ Frame B3CF 		426 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/mail-ic-modal.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
2e7df51881edd22359b6e09b60d052c2216ce4e44b62889b49eff28f84004176

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
cf-cache-status
HIT
age
6940
cf-polished
origFmt=png, origSize=1067
x-powered-by
PleskLin
content-disposition
inline; filename="mail-ic-modal.webp"
content-length
426
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
etag
"5a6e6d28-42b"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc47fdb067c6-MIA
page.min.js
www.shefinds.com/wp-content/themes/shefinds_14/js/min/ Frame B3CF 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/js/min/page.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
0912420957e1349dea4b9d6467adc71c30de0c1f9b2e09d84003b3eae03971f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 11 May 2018 12:37:25 GMT
server
cloudflare
age
6918
etag
W/"5af58e85-1285"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
8012bc46dbc567c6-MIA
lightbox.min.js
www.shefinds.com/wp-content/themes/shefinds_14/js/min/ Frame B3CF 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/js/min/lightbox.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a2dd9aedcd7ec64cdbeea19974bc3740698aeaae2d0652ea72ac0cfd190cb8d6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Jul 2018 14:05:26 GMT
server
cloudflare
age
2273
etag
W/"5b55e0a6-13aa"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
8012bc47fda267c6-MIA
p.js
cdn.parsely.com/keys/shefinds.com/ Frame B3CF 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/shefinds.com/p.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-101-60.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
d9020a9e8ca290ab222d60df4b49824ea317eeea5fbe020caea10fbc9f682edb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
public
date
Sun, 03 Sep 2023 10:43:40 GMT
content-encoding
gzip
via
1.1 48fa2d8b9525abe889eff7ccc8591f7e.cloudfront.net (CloudFront)
last-modified
Thu, 02 Apr 2020 00:30:13 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
56023
etag
W/"5e853215-c07b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
VMYKzK8p4zPCnz4NJuj-Dc6M-R3bXMhENk197VyEh4O6ypD1gTyNYA==
expires
Mon, 04 Sep 2023 10:43:36 GMT
onejs
z-na.amazon-adsystem.com/widgets/ Frame B3CF 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=fbf22f81-b8a4-4c31-8f5a-0666feac8e37
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.161.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-161-188.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
c9066107ae3bca7d986d94311fc534c472a7aae6f7f53eeff674454fac46a958

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
Public
date
Mon, 04 Sep 2023 02:14:11 GMT
content-encoding
gzip
via
1.1 41ef018c4b3646a152209c05c1b3adf8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
age
188
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
content-length
7388
x-amz-cf-id
hjqQA26TgFsJpzROBhEHKLpSu7FH9uSQEOC7MXfSUg_in027WXkmXQ==
expires
Mon, 04 Sep 2023 02:19:11 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.164.131.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-131-14.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 23:59:55 GMT
Via
1.1 ad2d59fb6f7c4118dea14b5b7a9a1658.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK50-P7
Age
8244
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
as04ow0Jy_CSD-eO13p-UA4gftQYkPEouVHAc0uTi8Oj33hOp5-urw==
Expires
Mon, 04 Sep 2023 23:59:55 GMT
active_selectors
onsite.boomtrain.net/ 		0
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onsite.boomtrain.net/active_selectors?site_id=339c4cee6051c3aea99d9d91e3b71ab2&bt_onsite_test=false&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.15.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-15-216.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=31536000;
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
1378a580-1d5b-4376-97c8-63d8549ade8b
X-Runtime
0.003007
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Request-Methods
POST, GET, OPTIONS
Access-Control-Allow-Headers
origin, x-requested-with, content-type, accept, authorization, x-prototype-version
/
srv-2023-09-04-02.pixel.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv-2023-09-04-02.pixel.parsely.com/plogger/?rand=1693793839037&plid=16527806&idsite=shefinds.com&url=https%3A%2F%2Fwww.shefinds.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.shefinds.com%2F&sref=&sts=1693793839031&slts=0&title=Women%E2%80%99s+Fashion%2C+Beauty+%26+Lifestyle+%E2%80%93+SHEfinds&date=Sun+Sep+03+2023+16%3A17%3A19+GMT-1000+(Hawaii-Aleutian+Standard+Time)&action=pageview&pvid=90290389&u=pid%3D239153f5d357777b9edc030cbb4bfaaf
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.25.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-25-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:19 GMT
Cache-Control
no-cache
Last-Modified
Monday, 04-Sep-2023 02:17:19 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
35.ffa44917a77d7f8b045a.js
ads.blogherads.com/static/chunks/ 		1 KB
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/35.ffa44917a77d7f8b045a.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80285dfd3fe73b3736d5c9f1565b45e47543dddddce2d54c47093db9dbae0a43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26ASC13V739QXNC3
age
1016
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
F0Wppb1l28d6EBkrpkpGjqzRDHDhYeTknm2FuZ6XfN7/76PRcmSqbHe8t+jeRSEOu24MPqicXmg=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693793839.060355,VS0,VE0
etag
W/"9a805af25f2863ad614644ba47504a2b"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
91
optoutstatus.html
ads.shemedia.com/static/ Frame 4997 		748 B
780 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.shemedia.com/static/optoutstatus.html
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
79fd83bcdd3db7cac0a11b39c2878c0aaadbe136cffccc39c99793ee6a428675

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
age
1016
cache-control
max-age=14400, stale-while-revalidate=3600
content-encoding
br
content-type
text/html
date
Mon, 04 Sep 2023 02:17:19 GMT
etag
W/"d3adb9510fa96393f723a02c4cb16432"
last-modified
Fri, 01 Sep 2023 00:04:31 GMT
vary
accept-encoding
via
1.1 varnish
x-amz-id-2
mbYDVR5J3Mg4JZ2ORVj00FtGdAhbNEo1efuqk46Nv0BRINPXQQC8/WmTUO1HIrZwO4+uUXqsw1k=
x-amz-request-id
924FXCPFQ92D9CXG
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
120
x-served-by
cache-mia-kmia1760037-MIA
x-timer
S1693793839.162633,VS0,VE0
main.d.js
bc.marfeelcache.com/www.shefinds.com/ Frame 9C3D 		13 B
468 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bc.marfeelcache.com/www.shefinds.com/main.d.js
Requested by
Host: bc.marfeelcache.com
URL: https://bc.marfeelcache.com/statics/marfeel/gardac-sync.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
94f59a48294d99f8d9b7632cd5a1742670c7735fe37ec7c555aab939b635fdde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
via
1.1 0cf68108b8820db4a096a661da0108ba.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-b3-traceid
95b6e33161744035b9329463dfb47373
x-amz-cf-pop
YUL62-C2
x-mrs-cache
HIT
x-cache
Miss from cloudfront, HIT, HIT
mrf-cache-status
H-HH
x-mrf-rendered
1692775350867
x-mrs-age
4
x-b3-traceid-primal
8de5c08e3cbc47ffa5e4a40f89594c18
content-length
13
x-mshield-cache-status
HIT
x-served-by
mshield-b-01, haproxy1, cache-yul12833-YUL, cache-mia-kmia1760092-MIA
x-mrf-type
UNKNOWN
server
nginx
x-timer
S1693793839.354508,VS0,VE0
etag
"067e866c735744ec6037b77b623ee022d"
x-mrf-shard
0
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin, Date
cache-control
public, max-age=61
x-mrs-cache-hits
1
accept-ranges
bytes
access-control-allow-headers
x-requested-with
x-amz-cf-id
Q6wSOH9_i9C9UnOUGkU_N7h7IQo8KFedLmKDyo6RolmdhC5Xouthxg==
x-cache-hits
335, 2
main.d.js
bc.marfeelcache.com/www.shefinds.com/ Frame B3CF 		13 B
278 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bc.marfeelcache.com/www.shefinds.com/main.d.js
Requested by
Host: bc.marfeelcache.com
URL: https://bc.marfeelcache.com/statics/marfeel/gardac-sync.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
94f59a48294d99f8d9b7632cd5a1742670c7735fe37ec7c555aab939b635fdde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
via
1.1 0cf68108b8820db4a096a661da0108ba.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-b3-traceid
d0635bc20f87420b913ec0a3b23bca66
x-amz-cf-pop
YUL62-C2
x-mrs-cache
HIT
x-cache
Miss from cloudfront, HIT, HIT
mrf-cache-status
H-HH
x-mrf-rendered
1692775350867
x-mrs-age
4
x-b3-traceid-primal
8de5c08e3cbc47ffa5e4a40f89594c18
content-length
13
x-mshield-cache-status
HIT
x-served-by
mshield-b-01, haproxy1, cache-yul12833-YUL, cache-mia-kmia1760092-MIA
x-mrf-type
UNKNOWN
server
nginx
x-timer
S1693793839.354761,VS0,VE0
etag
"067e866c735744ec6037b77b623ee022d"
x-mrf-shard
0
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin, Date
cache-control
public, max-age=61
x-mrs-cache-hits
1
accept-ranges
bytes
access-control-allow-headers
x-requested-with
x-amz-cf-id
Q6wSOH9_i9C9UnOUGkU_N7h7IQo8KFedLmKDyo6RolmdhC5Xouthxg==
x-cache-hits
335, 3
sdk.js
connect.facebook.net/en_US/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=ffcd0a67f0f556282c3379bdeca44174
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d15403cb1add839b53b85cac2f696f3f2f4c5e71716fa1ac3fd4c7c8f19dd6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.shefinds.com/
Origin
https://www.shefinds.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 04 Sep 2023 02:17:19 GMT
content-md5
jcQX1h38AWNcbz3UgswOUg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88938
x-fb-debug
Bvvww07FAvU8SRSOI1y+cYCsPzKH8IthXVZ/4RmJJXBaoHRXU+SobnaMr0lqyOc45qIOa+NxqpYDYlS93WrFWg==
x-fb-content-md5
dabb0f102742dc3b8b5219cccb2ac0f2
cross-origin-opener-policy
same-origin-allow-popups
etag
"1b69dbf14629f7f89b8341e5feca98dc"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Tue, 03 Sep 2024 01:17:57 GMT
getad
aax-us-east.amazon-adsystem.com/x/ 		50 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22div_name%22%3A%22amzn-assoc-ad-fbf22f81-b8a4-4c31-8f5a-0666feac8e37%22%2C%22tracking_id%22%3A%22shefinds-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22US%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22shefinds-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Fwww.shefinds.com%2F&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by
Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=fbf22f81-b8a4-4c31-8f5a-0666feac8e37
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.154.149 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3885bbf73299c785780e33c59fba6cce695374dfa2db19466649c00cb227108c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HH9T7MSKRM3ASXRYKKQG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Content-Length
50
resolve
people.api.boomtrain.com/identify/ Frame 9C3D 		81 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.159.80 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-159-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0dbb4c54621ddbe5ae056b06a3aee8b41d8cb9f27d927db1716e6d0f134f0870

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:19 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
81
resolve
people.api.boomtrain.com/identify/ Frame 9C3D 		81 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.159.80 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-159-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0dbb4c54621ddbe5ae056b06a3aee8b41d8cb9f27d927db1716e6d0f134f0870

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:19 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
81
p.js
d1z2jf7jlzjs58.cloudfront.net/ Frame 9C3D 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.164.131.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-131-14.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 23:59:55 GMT
Via
1.1 ad2d59fb6f7c4118dea14b5b7a9a1658.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK50-P7
Age
8244
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
qbpJSnuVW2iTM-3f-9IE5rlPzEC7iSlKYrB1UW-Bv8cJmfkDhwomlg==
Expires
Mon, 04 Sep 2023 23:59:55 GMT
resolve
people.api.boomtrain.com/identify/ Frame B3CF 		81 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.159.80 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-159-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0dbb4c54621ddbe5ae056b06a3aee8b41d8cb9f27d927db1716e6d0f134f0870

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:19 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
81
user.js
www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/ Frame FDDE 		685 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/user.js?cb=638255840286354546
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/lightbox.js?mb=1693793838896&lv=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3afa29609b287f240f3f088c61fca96d33d832fafac704937026907d364fa42b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 04 Sep 2023 02:17:19 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
jzf/Fndh304iwtGvmDt7HA==
age
176839
cf-polished
origSize=1155627
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Mon, 14 Mar 2022 22:03:25 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
2537926a-e01e-0008-0638-bc0343000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
cf-ray
8012bc47f91a3dd7-MIA
expires
Tue, 03 Sep 2024 02:17:19 GMT
session.html
events.release.narrativ.com/api/v0/ Frame FA46 		713 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://events.release.narrativ.com/api/v0/session.html
Requested by
Host: static.bam-x.com
URL: https://static.bam-x.com/tags/shefinds.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.5.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-5-153.compute-1.amazonaws.com
Software
openresty/1.21.4.1 /
Resource Hash
943582e8101110fc486573c3383e7c0f0a3ed4cb21f8a8257341e59bb4243d9d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
private, max-age=7776000, must-revalidate, proxy-revalidate
content-length
713
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:17:19 GMT
server
openresty/1.21.4.1
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-bam-build-version
4cdbef3200b691159d37a8c127a9d49eb8708120
x-bam-env
release
x-robots-tag
none
footer-btn-img.png
www.shefinds.com/wp-content/themes/shefinds_14/img/ Frame 9C3D 		258 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/footer-btn-img.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
037873e3bde7304011cab230abd95899bc51a3936e70d756bcd8bc8dfa72268d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
cf-cache-status
HIT
age
6913
cf-polished
origFmt=png, origSize=713
x-powered-by
PleskLin
content-disposition
inline; filename="footer-btn-img.webp"
content-length
258
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
etag
"5a6e6d28-2c9"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc47fda467c6-MIA
HelveticaNeue-Medium.woff2
www.shefinds.com/wp-content/themes/shefinds_14/fonts/helvetica_medium/ Frame 9C3D 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/fonts/helvetica_medium/HelveticaNeue-Medium.woff2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
343a6c2bc4231fcde5a83ef906379d2317391d648ac2c9cfe441bc8bfc7c9bed

Request headers

Referer
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Origin
https://www.shefinds.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
age
3599
etag
"5a6e6d28-50b0"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc47fda867c6-MIA
content-length
20656
HelveticaNeue.woff2
www.shefinds.com/wp-content/themes/shefinds_14/fonts/helvetica_neue/ Frame 9C3D 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/fonts/helvetica_neue/HelveticaNeue.woff2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
696b7b641d993b2664d20d1fc0a7d81e1dfe55db60535b8b946159e3e7aadb28

Request headers

Referer
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Origin
https://www.shefinds.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
age
3599
etag
"5a6e6d28-47e8"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012bc47fdac67c6-MIA
content-length
18408
collect
www.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-SPS2TCRBW2&gtm=45je38u0&_p=258654665&cid=1910143410.1693793839&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693793839&sct=1&seg=0&dl=https%3A%2F%2Fwww.shefinds.com%2F&dt=Women%E2%80%99s%20Fashion%2C%20Beauty%20%26%20Lifestyle%20%E2%80%93%20SHEfinds&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SPS2TCRBW2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1230911863589528
connect.facebook.net/signals/config/ 		136 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1230911863589528?v=2.9.125&r=stable&domain=www.shefinds.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
441dde5d96e5a37321d12aa21210935637f2203b34bbf6e67cf1646bf7154d91
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 04 Sep 2023 02:17:19 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35898
x-xss-protection
0
pragma
public
x-fb-debug
Xt/0GwuULGJ5+mV+F01w7kNzJMZxprZzz9OZ5hu3MDRJ/KLad2QAAj8P4e/Yik2mGERU5Ze+KH4qgsJT28fdZw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
resolve
people.api.boomtrain.com/identify/ Frame B3CF 		81 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.159.80 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-159-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0dbb4c54621ddbe5ae056b06a3aee8b41d8cb9f27d927db1716e6d0f134f0870

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:19 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
81
p.js
d1z2jf7jlzjs58.cloudfront.net/ Frame B3CF 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.164.131.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-131-14.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 23:59:55 GMT
Via
1.1 62c27224785ce0e5201a4eab3d49262e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK50-P7
Age
8244
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
OIduM4njIcIs8ClnwpsMwMpYK9YCNwkDJz5AnOZSeR_cdnb0S9k_YQ==
Expires
Mon, 04 Sep 2023 23:59:55 GMT
oPS.js
d15kdpgjg3unno.cloudfront.net/ 		113 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=21
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:246d:b000:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81913b559dbc7f44bbc3f0ec1a8cfffeab10d3cda1b4cd1557cb13d9e10caa8b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
qPXcNmivasAFz6LSWE9bjZI38RuLgKul
content-encoding
gzip
via
1.1 60c955805a89382f30a637c25bb3cb48.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 17:15:57 GMT
last-modified
Thu, 31 Aug 2023 18:45:51 GMT
server
AmazonS3
x-amz-cf-pop
PIT50-P2
age
32483
x-amz-server-side-encryption
AES256
etag
W/"3ffc3b294fddf6c75b65dea6f791dda8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=84600
x-amz-cf-id
bGWvdu8nM2zg0_1W7JXz-_tuG1DxVlaeAYoJZFCl4bOEPQjnCGfkMw==
modules.12f766d4ceff5d28bd1f.js
script.hotjar.com/ 		223 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.12f766d4ceff5d28bd1f.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-368258.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-46.jfk50.r.cloudfront.net
Software
/
Resource Hash
a1749f37e3d13616a0d9b346b2da534229874292fa2e480d7c52bb3082c8fe0d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 09:39:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 9750f5ee94b45ad0faba87b3fac2aad6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
232693
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55615
last-modified
Fri, 01 Sep 2023 09:38:54 GMT
etag
"9c7c85ff616e3c227ecc94b2ccd24ad1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
8DS57t-vMFgZ7u4UwAGh6SNdRMJd7_fk-HnHdtCn0cl3-R4e-1Ea-g==
op.js
tagan.adlightning.com/sheknows/ 		63 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/op.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-71.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd9f1e240cea795fe86e179300d6d718de0370f0137c3e69250bb2ecb0bcdeee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:08:38 GMT
content-encoding
gzip
via
1.1 9dcf1f784090d97aac2d38aa49e628e2.cloudfront.net (CloudFront)
x-amz-version-id
6f0g93mpOxekkHH0Wk_FTaXmVPc8Tmap
x-amz-cf-pop
EWR53-C3
age
522
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25809
x-amz-meta-git_commit
e09f10f
last-modified
Fri, 01 Sep 2023 17:32:13 GMT
server
AmazonS3
etag
"ec7c63dd32f134f36cd216b60779ae74"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
oC5thMZSWkE57OGedrAaWq74Cy9AZLmQ958-QXpkuEfeaDhv2xcbqg==
vendors~ads-injector~selector-helper.79748963afc38bc65c66.js
ads.blogherads.com/static/chunks/ 		20 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/vendors~ads-injector~selector-helper.79748963afc38bc65c66.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
26fead6d02f439d69fe920268e7ece8f64a2be8d2b3fb63b918ed113ff45f53f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26AZAEZ7VH7794NT
age
1016
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
uewp2x4aMDa1xKEsaupAeEaXGDIt08FVLyIgGGWxCog06+OT5aG8VqGEdXPtyeyF40l070ztQ3o=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693793839.354449,VS0,VE0
etag
W/"251e72743a1b9a653810187ebb707f06"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
52
ads-injector.dbcf91f7702754857573.js
ads.blogherads.com/static/chunks/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/ads-injector.dbcf91f7702754857573.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
64348713a5cbbbb38447fa1ad62017595c6f63af8e23921ab5d60d51fd776fd2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26AVPPASADSETK0N
age
1016
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
gOJczTuBtjJDVdajoBIUAhHcSjY99Wo5gA3iBUMqBcuH0gYqRoPVssjcH9riy75HWVP50ZJonBo=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693793839.354505,VS0,VE0
etag
W/"2d1a5b0ef20b24289aded218fe8683c1"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
52
apstag.js
ads.blogherads.com/static/cached/ 		248 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/cached/apstag.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2636d239c265a5656677b6ed3f842f55edaf2040281669bcf3d173c8fbf4e3f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26AMB7Z4WVTBY1EF
age
1016
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
OUsiYzAOwoT7q7XUU70TXlnBTxO/ovmbC8pgJ5x4ddNSI56DhnQo3ct+BLzAhTWficMW0t1EF4A=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Wed, 30 Aug 2023 18:07:16 GMT
x-timer
S1693793839.368942,VS0,VE0
etag
W/"761fb227b5d9333f86d2e976465cc3f4"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
3
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-71.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 00:15:55 GMT
Via
1.1 4c1a2d98b0820f90f630f0721b0b6538.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P8
Age
7285
ETag
"51636de3ce868a2172f9e6996c2934e0"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22521
X-Amz-Cf-Id
WUwtCMniP7muHgqZA95h5ItscOjYIam0f10HNTPPOGEh3pr1oKGWYA==
183734-166492037162020.js
js-sec.indexww.com/ht/p/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/183734-166492037162020.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93333b694a5fd2636ee7cef4db9507f215b598af30400008adcf36a348e76d31

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Sep 2023 02:10:16 GMT
server
cloudflare
age
284
etag
W/"9022fc-9fd2-6047f02ed659c"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
8012bc489b36336d-MIA
expires
Mon, 04 Sep 2023 06:17:19 GMT
vendors~amp-prebid-integration~boomerang-prebid-integration~postbid-prebid-integration~waterfall-pre~ee04b93a.fbba40a6dc57384702c5.js
ads.blogherads.com/static/chunks/ 		76 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/vendors~amp-prebid-integration~boomerang-prebid-integration~postbid-prebid-integration~waterfall-pre~ee04b93a.fbba40a6dc57384702c5.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
928d1c50f77d48e64b3461df0c194a81711c6528588849fc99710f96541cc51d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26ASVNYP5AGXHG2E
age
1015
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
/RbjmAkJufUB8USqFiIS9dHwROmJ5c6EN2l1gN5T6PJnASW0IFcbHyZ5Rvc4eE8TMlF11EiedeQ=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693793839.368851,VS0,VE0
etag
W/"8a4de88af87f2e76e0a9e1e1306ccdf3"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
87
vendors~boomerang-prebid-integration.f5db4c18f4e75ee55e59.js
ads.blogherads.com/static/chunks/ 		69 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/vendors~boomerang-prebid-integration.f5db4c18f4e75ee55e59.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
06cb254f45f6bbe566d606cb45e0d8e1b6fa09dd2d9683a4e4bb4fda973fb91a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26APCD1XVHNNW80A
age
1016
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
/vYvHaZBSffoP+wd59AHBiBrabY5aXOxd7LnhoaAFzNdmL96bnuWVALqbBAJ2K9Ix2nRF3GJR+E=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693793839.371747,VS0,VE0
etag
W/"667087ce8ad9a23103428e1f4add3eb0"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
74
boomerang-prebid-integration.26a1f9556d07016fd9a2.js
ads.blogherads.com/static/chunks/ 		31 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/boomerang-prebid-integration.26a1f9556d07016fd9a2.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7c00c6942c532aecc86522db81f50d1f97eec1effa481e2517090f6f34627038

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26AQ2BTTY3006CH7
age
1016
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
NJRgpjG/MAP8bNNs0OSZSkE9FbtqBnLpxdM2GJghbkgdzUlCRrl9AzXtBH/mMYKKfNmx1DPbBGE=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693793839.371743,VS0,VE0
etag
W/"2d547b37c260763e113cbc769f9ff4e8"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
74
rh.min.js
cdn.rhombusads.com/js/ 		287 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rhombusads.com/js/rh.min.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:f200:1b:9b08:7f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e682cb3815f258c7b53e5d8a70696c3c6296db1b37a04a9718052195063bfa16

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:10:11 GMT
content-encoding
gzip
via
1.1 bc5fa17d3a05da358cc5e2a45aac35c8.cloudfront.net (CloudFront)
last-modified
Thu, 31 Aug 2023 22:29:50 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
429
x-amz-server-side-encryption
AES256
etag
W/"3035b95971cbcf97b7643a872796db1f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
hlxzZootIkNy1p1neU-wMuMSx1ojMvSv_5WcOjb5IfW0Wxb_CjIe7w==
SMC_comScore_175x32_2x_Lifestyle.png
ads.blogherads.com/static/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.blogherads.com/static/SMC_comScore_175x32_2x_Lifestyle.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8465cbf5bc8b82a9666d40a357bab3a016290618bba93e588929d884b3ae832a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26AK8R7G92GN3WR3
age
1015
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
dB4fZivjGBt//Uf1T/1A/INQaEADh1Q1HGCikoDZLYYAcW40QMjc0mVi3Lia4nKz3jXN2KSyQY8=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:31 GMT
x-timer
S1693793839.376031,VS0,VE0
etag
W/"79765df773014426e6c0eb540bc3f74b"
vary
accept-encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
10
YAC_AdMarker_Icon_Only_19x15.png
ads.blogherads.com/static/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.blogherads.com/static/YAC_AdMarker_Icon_Only_19x15.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26AV1BWMWGB17KYA
age
1016
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
tpK2CZksNqw2tVuLa6d0nmDMSiKV6dATxOzZfdW/RZDlr6n64dREaxiCYXJjcCFHdRKw7mJrw78=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:31 GMT
x-timer
S1693793839.376009,VS0,VE0
etag
W/"06500e222cb4c36f129c357ffef7ad59"
vary
accept-encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
38
YAC_AdMarker_Icon_Text_77x15.png
ads.blogherads.com/static/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.blogherads.com/static/YAC_AdMarker_Icon_Text_77x15.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
21bc65f86e0cd8dfbe47d505c85430a1356b7285e09f10a5fe1eff893dd27314

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26AKNGVKEZQG7XEG
age
1016
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
+r55Q8SVSM794p7ARezYlc8le7x4Uhfk2U4NFTa4ApZ+1/JduFe8+xovecKiE29xyoiunwLg3zw=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:31 GMT
x-timer
S1693793839.375992,VS0,VE0
etag
W/"8827e02454b5cd2f3032bb6b5f6a61d8"
vary
accept-encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
22
3d2fb0bd-52fc-4b75-aaf5-2d436c172540-web.js
cdn.permutive.com/ 		1 MB
307 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/3d2fb0bd-52fc-4b75-aaf5-2d436c172540-web.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75e68f6bd9e6a22cef0e97aa7cf61dca6b9afa6572d91517fdf799e11d4f9073

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
3d2fb0bd-52fc-4b75-aaf5-2d436c172540
age
0
x-guploader-uploadid
ADPycdsVJiDRfjpkxKoPoMd31mhvxZ-15vH2PBS08EQy1cjIO8yrXwvxcCSXamsr2t7QPZh67aSt5B1uWC-g7wwxWVsQ9MLRhgMk
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Fri, 01 Sep 2023 17:40:32 GMT
server
cloudflare
etag
W/"9b1a3d1d833e3c88f6b7cf9be6917478"
vary
Accept-Encoding
x-goog-generation
1693590032423470
content-type
application/javascript
x-goog-hash
crc32c=Adn+8g==, md5=mxo9HYM+PIj2t8+b5pF0eA==
cache-control
public, max-age=900
x-goog-stored-content-length
336567
timing-allow-origin
*
cf-ray
8012bc490a5067c3-MIA
expires
Mon, 04 Sep 2023 02:32:19 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90f31404d7be81252fe796c64884d0f8a842e8cd5048594ce698f5b92d6688ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29083
x-xss-protection
0
server
cafe
etag
410 / 19604 / m202308290101 / config-hash: 15830000896466728742
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:17:19 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 04 Sep 2023 00:26:16 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6663
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 04 Sep 2023 02:26:16 GMT
js
www.googletagmanager.com/gtag/ 		213 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CGRZHQ8KQD&l=pmc_atlasmg_ga4_datalayer
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3a62eb29c9d1820c3cc7d3710fa753e3544f87337f11bce180c573a5d73eb709
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77572
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 04 Sep 2023 02:17:19 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-40.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 23:38:47 GMT
content-encoding
gzip
via
1.1 7bd20765fb335de036eff4682be365d4.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
9513
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
y3eZCs_f-LhWtXSTywlKW3o6NiAaqja1LBtdYtrLTir5dm0VzIBsOA==
active_selectors
onsite.boomtrain.net/ Frame 9C3D 		0
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onsite.boomtrain.net/active_selectors?site_id=339c4cee6051c3aea99d9d91e3b71ab2&bt_onsite_test=false&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.15.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-15-216.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=31536000;
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
13774f4b-2f6f-45d3-b170-ae87c0d60f4d
X-Runtime
0.050400
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Request-Methods
POST, GET, OPTIONS
Access-Control-Allow-Headers
origin, x-requested-with, content-type, accept, authorization, x-prototype-version
rules-p-d6OYghvsxJNAU.js
rules.quantcount.com/ 		160 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-d6OYghvsxJNAU.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:4e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a8cce7bd28f740b0ec159c5c8f5ccfa25cec1350e0791ce5af5f364208952ed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:17:52 GMT
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
3591
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 23:53:17 GMT
server
AmazonS3
etag
"9896c63d081f1a368fe67c5d43d246eb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
pgI1urQNJj2bjE7LSkBH9Y-ykwWbu0YmPFmWagzAimWvyRfDEhEHKQ==
p.js
cdn.parsely.com/keys/shefinds.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/shefinds.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-101-60.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
d9020a9e8ca290ab222d60df4b49824ea317eeea5fbe020caea10fbc9f682edb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
public
date
Sun, 03 Sep 2023 10:43:40 GMT
content-encoding
gzip
via
1.1 48fa2d8b9525abe889eff7ccc8591f7e.cloudfront.net (CloudFront)
last-modified
Thu, 02 Apr 2020 00:30:13 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
56023
etag
W/"5e853215-c07b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
ePWnJm3H0qC-75n2sMnwHpDYcZG2co69-YORse57Me7D4Qh3Q7Wo9Q==
expires
Mon, 04 Sep 2023 10:43:36 GMT
0.6c6348ebc294aacf1fc2.js
ads.blogherads.com/static/chunks/ 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/0.6c6348ebc294aacf1fc2.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
34781a83f4c9966ba06d7bb47e5fc57fe8e7dc68767171a4b509e0a5e7864669

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26AKRVEDS5CP3HRH
age
1015
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
SzVOPiSNQA5ObWhg11UcVZGO3Bez1SkUT1bwcOqhNQJn5zNClBLULev/lC8KJSW5MbE/dIfpNvI=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693793839.425104,VS0,VE0
etag
W/"adbbea4ed0d19fcf33cae37dd9ad4855"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
75
32.a6a01847c6b16a78e211.js
ads.blogherads.com/static/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/32.a6a01847c6b16a78e211.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3aa2c009711c2e611ac48a34fc42b5b5019d3237c2406edde73d219f19b9c445

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26AG2N6YZZB89C82
age
1015
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
kMeybHROVDs7OUXPyPdIuneTYRgYxQFnUijd5Di2hWg15DRBUGJhSAXJtM/eddzg+mM4J7mGLf4=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693793839.425858,VS0,VE0
etag
W/"13ed30ad504e2a7518684da4ce89215e"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
62
28.a1406fce8b53e68c2115.js
ads.blogherads.com/static/chunks/ 		1 KB
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/28.a1406fce8b53e68c2115.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7ecb84239efee9e3a2b1aeb935c714f19074d8c5cc36eca3cff464bb9ffc7539

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26ANB5SE5A2QE7J6
age
1015
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
ugN6rhXCnp0aYcUGxM+vAq7dYPRJcSA/wIJmIIXbHopPLO0fzSC5pKIRP576q+lEgr5EbHaHm9A=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693793839.426101,VS0,VE0
etag
W/"a043d1da70dbb046bbdd808e31aaa817"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
62
26.aa4425f9b6a5146744c9.js
ads.blogherads.com/static/chunks/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/26.aa4425f9b6a5146744c9.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
07441c0650539d317a2b7f53c93d1ae9103478b35e9184f1a12a318d9f69361a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26AQFCTR1Z6P8Q9N
age
1015
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
9Jw+bJcssS7MKfkcnbdiCfp9Biw8Zy3DgnrX/GbyRAv7dMGgPcku0eVDRpMXjj0F/IXgLegVNHg=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693793839.426092,VS0,VE0
etag
W/"016e7d5a98ad1d8c082646c88c89f083"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
50
29.537c0e9d37d86dbae61a.js
ads.blogherads.com/static/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/29.537c0e9d37d86dbae61a.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e6626ea6ce5d5211599e4c7c98959a18c840cf95f78c5e42bfb1ec92c9dad6b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26AQPN7N1TD6NBH6
age
1015
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
5K4ZWnEBbL4YcFhd9pm9QksxRYlMV5AYheCBClgPbi02mhUrTdDCvD+qr7tliz93SCF6KXGOLzA=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693793839.427059,VS0,VE0
etag
W/"29a8a4dc6599638ad0f358080fb4d8a3"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
46
33.2fc7b18224b5a7dd8391.js
ads.blogherads.com/static/chunks/ 		604 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/33.2fc7b18224b5a7dd8391.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9cbe332b08eba53d8ebc2ba291bd763b74cd6eef267bfa81d74a1a6ce89afd71

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26AVD8J8ZZEHSR3D
age
1015
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
CA+ntObG+1VA2ML2n/Bx1XkGDm1XfJPBa/Qly81lqQqp21R15jIBLJCHG/yGESIp8U3yDQOX5sc=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693793839.427059,VS0,VE0
etag
W/"734beb17b989273ae178a8090cf4fb2c"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
73
27.3ff2a2181f5cf2d300b5.js
ads.blogherads.com/static/chunks/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/27.3ff2a2181f5cf2d300b5.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
291093e0a6fb10eed36fa3d930b918718d48f48aa7d94127a0804bf3982069e7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26AY07SDEASYZ84T
age
1015
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
+i2FponeNgcEFVabOJbCinvj1ngHZ1AIpy62iUN3jJtmrFfZ54eZ8Qq6OTdiJvLwvWuuTA8qMKY=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693793839.427026,VS0,VE0
etag
W/"39b0db990c460eac26161d824108832b"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
44
31.241f0944092217078fdf.js
ads.blogherads.com/static/chunks/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/31.241f0944092217078fdf.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1b0c18659c885963e4f6615a60e438ff27a296aa3134156ffe782d44d38d2253

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26AY8WPXZEVRTTM2
age
1015
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
w/OBMkqB1VVglkOBfo3gwLaCzs0Zptu2vFwaJXNw3PZ9j2G0RD2DSf0DxNcnL6BjgoQs3UY4pho=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693793839.427006,VS0,VE0
etag
W/"8dca322268d18b146ce42d9a0d83712a"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
46
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/cached/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 877f105eccbc5cf798a3a34d16fc0c74.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 09:23:19 GMT
x-amz-cf-pop
JFK50-P3
age
60841
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
banBsn68E8PnqGyriEUI7rcwRtxtPh9LKMLqyyX7KLZ2ILOWNEvIGw==
/
srv-2023-09-04-02.pixel.parsely.com/plogger/ Frame 9C3D 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv-2023-09-04-02.pixel.parsely.com/plogger/?rand=1693793839427&plid=97212706&idsite=shefinds.com&url=https%3A%2F%2Fwww.shefinds.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.shefinds.com%2F&sref=&sts=1693793839031&slts=0&title=Women%E2%80%99s+Fashion%2C+Beauty+%26+Lifestyle+%E2%80%93+SHEfinds&date=Sun+Sep+03+2023+16%3A17%3A19+GMT-1000+(Hawaii-Aleutian+Standard+Time)&action=pageview&pvid=25296702&u=pid%3D239153f5d357777b9edc030cbb4bfaaf
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.25.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-25-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:19 GMT
Cache-Control
no-cache
Last-Modified
Monday, 04-Sep-2023 02:17:19 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1230911863589528&ev=PageView&dl=https%3A%2F%2Fwww.shefinds.com%2F&rl=&if=false&ts=1693793839436&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1693793839435.1043375870&it=1693793839304&coo=false&rqm=GET
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 04 Sep 2023 02:17:19 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
getad
aax-us-east.amazon-adsystem.com/x/ Frame 9C3D 		50 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22div_name%22%3A%22amzn-assoc-ad-fbf22f81-b8a4-4c31-8f5a-0666feac8e37%22%2C%22tracking_id%22%3A%22shefinds-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22US%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22shefinds-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Fwww.shefinds.com%2Fiframe-modal-homepage%2F&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by
Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=fbf22f81-b8a4-4c31-8f5a-0666feac8e37
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.154.149 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3885bbf73299c785780e33c59fba6cce695374dfa2db19466649c00cb227108c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5YDTDZJPA2J5EQY8R9KY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Content-Length
50
/
srv-2023-09-04-02.pixel.parsely.com/plogger/ Frame B3CF 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv-2023-09-04-02.pixel.parsely.com/plogger/?rand=1693793839446&plid=66939670&idsite=shefinds.com&url=https%3A%2F%2Fwww.shefinds.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.shefinds.com%2F&sref=&sts=1693793839031&slts=0&title=Women%E2%80%99s+Fashion%2C+Beauty+%26+Lifestyle+%E2%80%93+SHEfinds&date=Sun+Sep+03+2023+16%3A17%3A19+GMT-1000+(Hawaii-Aleutian+Standard+Time)&action=pageview&pvid=72487423&u=pid%3D239153f5d357777b9edc030cbb4bfaaf
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.25.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-25-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:19 GMT
Cache-Control
no-cache
Last-Modified
Monday, 04-Sep-2023 02:17:19 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
active_selectors
onsite.boomtrain.net/ Frame B3CF 		0
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onsite.boomtrain.net/active_selectors?site_id=339c4cee6051c3aea99d9d91e3b71ab2&bt_onsite_test=false&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.15.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-15-216.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=31536000;
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
46cf1510-c75c-4bd1-ba40-5f8964abc180
X-Runtime
0.048928
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Request-Methods
POST, GET, OPTIONS
Access-Control-Allow-Headers
origin, x-requested-with, content-type, accept, authorization, x-prototype-version
getad
aax-us-east.amazon-adsystem.com/x/ Frame B3CF 		50 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22div_name%22%3A%22amzn-assoc-ad-fbf22f81-b8a4-4c31-8f5a-0666feac8e37%22%2C%22tracking_id%22%3A%22shefinds-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22US%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22shefinds-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Fwww.shefinds.com%2Fiframe-modal%2F&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by
Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=fbf22f81-b8a4-4c31-8f5a-0666feac8e37
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.154.149 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3885bbf73299c785780e33c59fba6cce695374dfa2db19466649c00cb227108c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QZXE8BREG04EN36MXD3E
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Content-Length
50
fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637828922049286464
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/user.js?cb=638255840286354546
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 04 Sep 2023 02:17:19 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
q4B4xYJoZwx9ikt94o1nCA==
age
514792
cf-polished
origSize=6016
x-ms-meta-cbmodifiedtime
Wed, 10 Apr 2019 18:50:43 GMT
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 10 Apr 2019 19:06:17 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
x-ms-request-id
f34cbdce-501e-0038-40ef-375969000000
cache-control
public, max-age=2678400
x-ms-version
2009-09-19
cf-ray
8012bc48ba473dd7-MIA
expires
Thu, 05 Oct 2023 02:17:19 GMT
z
lightboxapi.azurewebsites.net/z9gd/41449/www.shefinds.com/jsonp/ 		682 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lightboxapi.azurewebsites.net/z9gd/41449/www.shefinds.com/jsonp/z?cb=1693793839471&callback=jQuery171010820857658037153_1693793839458&_=1693793839472
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/user.js?cb=638255840286354546
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7baa58dcef7e0915ca5b95703b519923ccf902c567c6c4ae58fb9a5b516e3567

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:19 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
t.gif
www.lightboxcdn.com/z9g/ 		35 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lightboxcdn.com/z9g/t.gif?c=1693793839464&h=www.shefinds.com&e=p&u=41449
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 04 Sep 2023 02:17:19 GMT
cf-cache-status
HIT
content-md5
KNaBTzCeoon4R8ac+RGUxg==
age
1049968
cf-polished
status=not_needed
x-ms-meta-cbmodifiedtime
Tue, 26 Feb 2019 00:59:40 GMT
content-length
35
x-ms-lease-status
unlocked
cf-bgj
imgq:85,h2pri
last-modified
Tue, 26 Feb 2019 01:15:02 GMT
server
cloudflare
etag
0x8D69B87D5A1B25F
vary
Accept-Encoding
content-type
image/gif
x-ms-request-id
8ac80baa-b01e-0010-7247-a92ed6000000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8012bc48ca593dd7-MIA
920.js
cdn.keywee.co/config/ 		205 B
537 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.keywee.co/config/920.js
Requested by
Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:7200:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
343bb230819cb92e0ecacf1196f49eb120912089d2d1693ea62f1ced40b8f6ad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 06:19:43 GMT
via
1.1 35c803afef083002d824403342d4c62e.cloudfront.net (CloudFront)
last-modified
Fri, 16 Aug 2019 05:50:34 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
71857
etag
"46e1317d68d5cb379c9bd1f3cf91c85a"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
content-length
205
x-amz-cf-id
dHRJrEcqTVn_LmhnY2WdkJi1j5Set42tkPHrCqYrJ8_xHWUEnQzWCQ==
p.js
cdn.parsely.com/keys/shefinds.com/ Frame 9C3D 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/shefinds.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-101-60.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
d9020a9e8ca290ab222d60df4b49824ea317eeea5fbe020caea10fbc9f682edb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
public
date
Sun, 03 Sep 2023 10:43:40 GMT
content-encoding
gzip
via
1.1 48fa2d8b9525abe889eff7ccc8591f7e.cloudfront.net (CloudFront)
last-modified
Thu, 02 Apr 2020 00:30:13 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
56023
etag
W/"5e853215-c07b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
kow5YrsTWvkxZpel_YCk7DAHc4NXCm06H3drXpHkjOZWrzaDJslraw==
expires
Mon, 04 Sep 2023 10:43:36 GMT
/
srv-2023-09-04-02.pixel.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv-2023-09-04-02.pixel.parsely.com/plogger/?rand=1693793839488&plid=16527806&idsite=shefinds.com&url=https%3A%2F%2Fwww.shefinds.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.shefinds.com%2F&sref=&sts=1693793839031&slts=0&title=Women%E2%80%99s+Fashion%2C+Beauty+%26+Lifestyle+%E2%80%93+SHEfinds&date=Sun+Sep+03+2023+16%3A17%3A19+GMT-1000+(Hawaii-Aleutian+Standard+Time)&action=pageview&pvid=12042840&u=pid%3D239153f5d357777b9edc030cbb4bfaaf
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.25.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-25-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:19 GMT
Cache-Control
no-cache
Last-Modified
Monday, 04-Sep-2023 02:17:19 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
rid
match.adsrvr.org/track/ 		109 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183734
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183734-166492037162020.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
d6984c1810bcb9d05f07fdee0cbb8b874b3e9c93c77d6af9d56db8d73454bc58

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Wed, 04 Oct 2023 02:17:19 GMT
/
id.sv.rkdms.com/identity/ 		66 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SHEMEDIA&sv_domain=www.shefinds.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183734-166492037162020.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.63.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-63-94.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
4ecec47e9085209334bb389ec734b521931a6d668563b19f91510cacfb01cd99

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:17:19 GMT
access-control-allow-credentials
true
server
nginx/1.22.0
content-length
66
vary
Origin
content-type
application/json
identity
api.rlcdn.com/api/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183734-166492037162020.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
any
idx.liadm.com/idex/ie/ 		54 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/ie/any
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183734-166492037162020.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.63.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-63-111.compute-1.amazonaws.com
Software
/
Resource Hash
a779f8e26b6638a5795fdee676e5d66238e3f8aae52a5aed5748b29c7672d39a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
3
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
trace-id
0767c5c1029b0f5b
content-length
54
expires
Tue, 05 Sep 2023 02:17:19 GMT
session.gif
events.release.narrativ.com/api/v0/ 		0
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.release.narrativ.com/api/v0/session.gif?uid_bam=1818697286878933585
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.5.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-5-153.compute-1.amazonaws.com
Software
openresty/1.21.4.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
x-bam-build-version
4cdbef3200b691159d37a8c127a9d49eb8708120
date
Mon, 04 Sep 2023 02:17:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
openresty/1.21.4.1
x-robots-tag
none
x-bam-env
release
p.js
cdn.parsely.com/keys/shefinds.com/ Frame B3CF 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/shefinds.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-101-60.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
d9020a9e8ca290ab222d60df4b49824ea317eeea5fbe020caea10fbc9f682edb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
public
date
Sun, 03 Sep 2023 10:43:40 GMT
content-encoding
gzip
via
1.1 48fa2d8b9525abe889eff7ccc8591f7e.cloudfront.net (CloudFront)
last-modified
Thu, 02 Apr 2020 00:30:13 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
56023
etag
W/"5e853215-c07b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
FTuNCIROUFf21iJZtGKDWicqtNO5lZ3SSxr577RtSNPEO1jj3qaOZw==
expires
Mon, 04 Sep 2023 10:43:36 GMT
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-71.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 9dcf1f784090d97aac2d38aa49e628e2.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1403230
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
-44CztuusvG5-tHyCEfi7UjlJkEuJ3xoeHU-kI-pGEfyQi1odd0zfg==
bl-c25b203-3a0438bc.js
tagan.adlightning.com/sheknows/ 		70 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/bl-c25b203-3a0438bc.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-71.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bcfbab9fd00258a8a7a78fb08e87e31df1108c7db3947dee810a8116d2559ce4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 17:43:37 GMT
content-encoding
gzip
via
1.1 9dcf1f784090d97aac2d38aa49e628e2.cloudfront.net (CloudFront)
x-amz-version-id
fDygbOvffZhNFEakwARu.NBUEeg3nXOk
x-amz-cf-pop
EWR53-C3
age
203623
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29383
x-amz-meta-git_commit
c25b203
last-modified
Fri, 01 Sep 2023 17:31:30 GMT
server
AmazonS3
etag
"72accb99e27883f839a54d3c92c2899d"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
HCZkUEHsVjtix1NZZHxJyAfPJP-f_4-Yuk8ONAHE3XF9fMNY9g85TA==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/webp
/
events.release.narrativ.com/api/v0/publishers/1081/impressions/page_impression/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.release.narrativ.com/api/v0/publishers/1081/impressions/page_impression/?uid_bam=1818697286878933585
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.5.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-5-153.compute-1.amazonaws.com
Software
openresty/1.21.4.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
accept,content-type,x-bam-params,x-howl-pixel-version
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
accept, content-type, x-bam-params, x-howl-pixel-version
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://www.shefinds.com
allow
OPTIONS, POST
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:17:19 GMT
server
openresty/1.21.4.1
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
x-bam-build-version
4cdbef3200b691159d37a8c127a9d49eb8708120
x-bam-env
release
x-robots-tag
none
/
events.release.narrativ.com/api/v0/publishers/1081/impressions/page_impression/ 		2 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.release.narrativ.com/api/v0/publishers/1081/impressions/page_impression/?uid_bam=1818697286878933585
Requested by
Host: static.bam-x.com
URL: https://static.bam-x.com/tags/shefinds.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.5.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-5-153.compute-1.amazonaws.com
Software
openresty/1.21.4.1 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
{"uid_bam":"1818697286878933585","BAMX_Opt_Out":""}
Referer
https://www.shefinds.com/
X-Howl-Pixel-Version
shefinds
X-BAM-Params
{"uid_bam":"1818697286878933585","BAMX_Opt_Out":""}
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

x-bam-build-version
4cdbef3200b691159d37a8c127a9d49eb8708120
date
Mon, 04 Sep 2023 02:17:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
openresty/1.21.4.1
x-bam-env
release
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
x-robots-tag
none
content-length
2
sp-2.9.1.js
cdn.keywee.co/dist/ 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.keywee.co/dist/sp-2.9.1.js
Requested by
Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:7200:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 03:26:35 GMT
content-encoding
gzip
via
1.1 35c803afef083002d824403342d4c62e.cloudfront.net (CloudFront)
last-modified
Sun, 14 Oct 2018 12:37:03 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
1464645
etag
W/"e0e6c30dc2f18c8cee12448a4cbb07eb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=315360000
x-amz-cf-id
ukxGL9LXynu1BkCRdWB6JDesGaYuX2-bZcJQk8M2u-LvyzBVo1rajQ==
340247040194248
connect.facebook.net/signals/config/ 		136 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/340247040194248?v=2.9.125&r=stable&domain=www.shefinds.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8ea1003e256bc3963a0bed50a6f83993ef867fde2294e1a8020e886327319a9f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 04 Sep 2023 02:17:19 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35907
x-xss-protection
0
pragma
public
x-fb-debug
ImWsycUc/4JXyGEQlTi4ftuSaIopY5idDE38G9x7XigfhR/6A0t4VfVYzPJoBRE0bIgz9uvIw/jgnNtYBag2ZQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
368258
vc.hotjar.io/sessions/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/368258?s=0.25&r=0.1663563394177996
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.12f766d4ceff5d28bd1f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-54.jfk50.r.cloudfront.net
Software
Python/3.8 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
via
1.1 8a9cdb228e33f8d52a4b42c56ca26590.cloudfront.net (CloudFront)
server
Python/3.8 aiohttp/3.8.4
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
Koxqazu0ioHhawHLNcW1BZ56XedGBUNHTqnfQMitbe9TKluymOVbqw==
collect
www.google-analytics.com/j/ 		4 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=0&a=258654665&t=pageview&_s=1&dl=https%3A%2F%2Fwww.shefinds.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Women%E2%80%99s%20Fashion%2C%20Beauty%20%26%20Lifestyle%20%E2%80%93%20SHEfinds&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABEAAAACAAI~&jid=881138837&gjid=1419325462&cid=1910143410.1693793839&tid=UA-72491114-4&_gid=1769427027.1693793840&_r=1&_slc=1&cd35=8352%2C1017293&cd36=a.shefinds&cd37=fashion&cd38=_na_&cd39=_na_&cd103=f7b45e1c-6f9f-4680-aa2b-17488febc95b&z=1164559661
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
srv-2023-09-04-02.pixel.parsely.com/plogger/ Frame 9C3D 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv-2023-09-04-02.pixel.parsely.com/plogger/?rand=1693793839670&plid=97212706&idsite=shefinds.com&url=https%3A%2F%2Fwww.shefinds.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.shefinds.com%2F&sref=&sts=1693793839031&slts=0&title=Women%E2%80%99s+Fashion%2C+Beauty+%26+Lifestyle+%E2%80%93+SHEfinds&date=Sun+Sep+03+2023+16%3A17%3A19+GMT-1000+(Hawaii-Aleutian+Standard+Time)&action=pageview&pvid=90042349&u=pid%3D239153f5d357777b9edc030cbb4bfaaf
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.25.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-25-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:19 GMT
Cache-Control
no-cache
Last-Modified
Monday, 04-Sep-2023 02:17:19 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
srv-2023-09-04-02.pixel.parsely.com/plogger/ Frame B3CF 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv-2023-09-04-02.pixel.parsely.com/plogger/?rand=1693793839679&plid=66939670&idsite=shefinds.com&url=https%3A%2F%2Fwww.shefinds.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.shefinds.com%2F&sref=&sts=1693793839031&slts=0&title=Women%E2%80%99s+Fashion%2C+Beauty+%26+Lifestyle+%E2%80%93+SHEfinds&date=Sun+Sep+03+2023+16%3A17%3A19+GMT-1000+(Hawaii-Aleutian+Standard+Time)&action=pageview&pvid=79253200&u=pid%3D239153f5d357777b9edc030cbb4bfaaf
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.25.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-25-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:19 GMT
Cache-Control
no-cache
Last-Modified
Monday, 04-Sep-2023 02:17:19 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cm_:onejs_load_evt@v=1153,onejs_exec_time@v=3,aax_load_time@v=531,aax_load_time_one_tag@v=531,aax_punt@v=1,aax_punt_one_tag@v=1
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ 		0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=1153,onejs_exec_time@v=3,aax_load_time@v=531,aax_load_time_one_tag@v=531,aax_punt@v=1,aax_punt_one_tag@v=1?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=cbb80f28-c989-4ae0-93f6-ed76b1483c65&session=d6ef5d25-2dc5-45a0-ba27-228d0311bea4
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.94.225.95 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:19 GMT
x-amzn-RequestId
d7baacde-27eb-40b3-8131-38afe858eaeb
Content-Type
text/plain
ats.js
ats.rlcdn.com/ 		236 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-23.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
L2Uqg18UIi_4fqt_LD1.VZwHoDyvOGyd
content-encoding
gzip
via
1.1 67d3f8867c3d6540e7495f9026c9c57a.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 16:32:46 GMT
last-modified
Thu, 08 Jun 2023 08:56:13 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P8
age
35074
x-amz-server-side-encryption
AES256
etag
W/"a23e5e8674928ef24c6825d63b8d2927"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
9wu7hBMCHJ2S5N6DHXlfpmEggMZO7DoQ7yYwqhIw9QZFrKiseKX__g==
service
async01.admantx.com/admantx/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://async01.admantx.com/admantx/service?request=%7B%22key%22%3A%22dcde31e32d21f5432ab192ee50f9e0a8ef294bab4778ada95dfabeb949b2b9ce%22%2C%22filter%22%3A%5B%22default%22%5D%2C%22method%22%3A%22descriptor%22%2C%22mode%22%3A%22async%22%2C%22type%22%3A%22url%22%2C%22body%22%3A%22https%253A%252F%252Fwww.shefinds.com%252F%22%7D
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.128.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-128-118.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4c6af410bfcd72db7d0afbc9dc5b37dc6f44118f164453dc7c9b553bdfd1132f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:19 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
nginx
content-type
text/plain; charset=UTF-8
pub
pixel.adsafeprotected.com/services/ 		912 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=930203&slot=%7Bid:skm-ad-flexbanner,ss:%5B728.90,970.250,970.90%5D,p:/83521017293/a.shefinds/fashion,t:display%7D&slot=%7Bid:skm-ad-frame2,ss:%5B728.90%5D,p:/83521017293/a.shefinds/fashion,t:display%7D&slot=%7Bid:skm-ad-flexrec-1,ss:%5B300.250,300.600%5D,p:/83521017293/a.shefinds/fashion,t:display%7D&slot=%7Bid:skm-ad-outstream-test,ss:%5B1.1%5D,p:/83521017293/a.shefinds/fashion,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=35911185-803f-3203-f2ba-728a7f079c7a&url=https%253A%252F%252Fwww.shefinds.com%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.46.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-46-70.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8aef8315d84690999651613abd0bf0365f36ad1f8659afc708fea1632ab5d51f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
server
nginx
x-server-name
app07.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
.js
dyv1bugovvq1g.cloudfront.net/21/www.shefinds.com/ 		251 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dyv1bugovvq1g.cloudfront.net/21/www.shefinds.com/.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:246d:7a00:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6d63f57873a8f1641f2fdf04519a3d12c119253d83415f4af9e37c7985af309

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
via
1.1 60c955805a89382f30a637c25bb3cb48.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Sat, 04 Nov 2023 00:00:00 GMT", rule-id="cleanup"
last-modified
Mon, 04 Sep 2023 02:17:09 GMT
server
AmazonS3
x-amz-cf-pop
PIT50-P2
etag
"a75b200a772befc96d386b70b714c792"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
content-length
24852
x-amz-cf-id
Ys0g7dc9Y9m5SUZblfcPIsjDIx0xp6K5EMt8CsumE0AK3-z2OKYgDw==
pxid
3d2fb0bd-52fc-4b75-aaf5-2d436c172540.prmutv.co/v2.0/ 		46 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://3d2fb0bd-52fc-4b75-aaf5-2d436c172540.prmutv.co/v2.0/pxid?k=2aed5ae2-5875-450b-9e5e-34ac932123da
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/3d2fb0bd-52fc-4b75-aaf5-2d436c172540-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
37597749138fa42a69781979c9c7e2775b1b214f6be63ba2b970c7381cceb6ab

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:17:19 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/3d2fb0bd-52fc-4b75-aaf5-2d436c172540-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:19 GMT
an-x-request-uuid
037a16aa-16f2-4b49-af13-3499d711a142
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cm_:onejs_load_evt@v=673,onejs_exec_time@v=1,aax_load_time@v=308,aax_load_time_one_tag@v=308,aax_punt@v=1,aax_punt_one_tag@v=1
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ Frame 9C3D 		0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=673,onejs_exec_time@v=1,aax_load_time@v=308,aax_load_time_one_tag@v=308,aax_punt@v=1,aax_punt_one_tag@v=1?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=39d37714-949d-43ec-a099-55a91e4bc43b&session=424d9a90-9e8a-47ae-8af8-3d61bddfcd8a
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal-homepage/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.94.225.95 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:19 GMT
x-amzn-RequestId
00f576fb-f1e5-4a03-88f1-a69faf8cf229
Content-Type
text/plain
cm_:onejs_load_evt@v=689,onejs_exec_time@v=0,aax_load_time@v=295,aax_load_time_one_tag@v=295,aax_punt@v=1,aax_punt_one_tag@v=1
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ Frame B3CF 		0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=689,onejs_exec_time@v=0,aax_load_time@v=295,aax_load_time_one_tag@v=295,aax_punt@v=1,aax_punt_one_tag@v=1?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=73717aa0-752d-4852-9c17-5b84d2749253&session=2515384d-25d8-4199-851e-883797a39d9b
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.94.225.95 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:19 GMT
x-amzn-RequestId
4e5031b6-9fc0-4592-82bb-82a4a6d732fe
Content-Type
text/plain
request
socialcanvas-api.kargo.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://socialcanvas-api.kargo.com/v2/request
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.16.120.123 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-120-123.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Mon, 04 Sep 2023 02:17:19 GMT
Server
nginx/1.22.1
Vary
Access-Control-Request-Headers
X-Powered-By
Express
request
socialcanvas-api.kargo.com/v2/ 		0
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://socialcanvas-api.kargo.com/v2/request
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.16.120.123 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-120-123.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/json

Response headers

Date
Mon, 04 Sep 2023 02:17:20 GMT
Server
nginx/1.22.1
X-Powered-By
Express
ETag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
Vary
Origin
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
Content-Length
0
scpb.js
socialcanvas-cdn.kargo.com/js/ 		271 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://socialcanvas-cdn.kargo.com/js/scpb.js
Requested by
Host: cdn.rhombusads.com
URL: https://cdn.rhombusads.com/js/rh.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:f400:13:6a46:aa00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6cf3bf775d68a1ca2cf2017fab25029316f54d60457afad1afcc3f38bb98d41

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 22:29:55 GMT
content-encoding
gzip
via
1.1 7bd20765fb335de036eff4682be365d4.cloudfront.net (CloudFront)
last-modified
Mon, 24 Apr 2023 19:27:24 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
13645
x-amz-server-side-encryption
AES256
etag
W/"4102c8de7c45dc9353378b8f31a06708"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
bOfkP2mDCyoOQd4zJSRMbbR04O4C2gAYzZt2Cm8I-DNLAMNgHYDZzQ==
collect
stats.g.doubleclick.net/j/ 		2 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-72491114-4&cid=1910143410.1693793839&jid=881138837&gjid=1419325462&_gid=1769427027.1693793840&_u=aADAAEAAEAAAACAAI~&z=1084814913
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 04 Sep 2023 02:17:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
3f2dda74-a95f-4a1d-864e-f03edcdcc039
https://www.shefinds.com/ 		673 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.shefinds.com/3f2dda74-a95f-4a1d-864e-f03edcdcc039
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
323e3ae0e8c8ea495ddda1de99eecfd486bf3ed5cf6daf912e2dbe3e64be6e57

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length
689324
Content-Type
b8c6a8a7-3696-43d2-87dd-6aba6bd616e8
https://www.shefinds.com/ 		673 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.shefinds.com/b8c6a8a7-3696-43d2-87dd-6aba6bd616e8
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
323e3ae0e8c8ea495ddda1de99eecfd486bf3ed5cf6daf912e2dbe3e64be6e57

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length
689324
Content-Type
Test_oPS_Script_Loads
sqs.us-east-1.amazonaws.com/397719490216/ 		378 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D21%26bt%3Dnull
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.236.169.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-236-169-110.compute-1.amazonaws.com
Software
/
Resource Hash
ea457821c5f3286e405d0a1a2e22070d8f0b07c9f86e7299ebb94edda524f900

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date
Mon, 04 Sep 2023 02:17:20 GMT
connection
keep-alive
x-amzn-RequestId
4d6aa70c-2bfa-5780-83de-fa636b8a7246
Content-Length
378
Content-Type
text/xml
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=15476338&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1693793840153&ns_c=UTF-8&c7=https%3A%2F%2Fwww.shefinds.com%2F&c8=Women%E2%80%99s%20Fashion%2C%20Beauty%20%26...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=15476338&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1693793840153&ns_c=UTF-8&c7=https%3A%2F%2Fwww.shefinds.com%2F&c8=Women%E2%80%99s%20Fashion%2C%20Beauty%20%2...
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=15476338&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1693793840153&ns_c=UTF-8&c7=https%3A%2F%2Fwww.shefinds.com%2F&c8=Women%E2%80%99s%20Fashion%2C%20Beauty%20%26%20Lifestyle%20%E2%80%93%20SHEfinds&c9=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Server
18.173.219.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-40.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:20 GMT
via
1.1 7bd20765fb335de036eff4682be365d4.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK52-P1
x-amz-cf-id
TMrG4mAWc_TGmKcXJ9d83cRBiRHY0wWDBhDH4OIjZzPdo2XoC0zY9w==
x-cache
Miss from cloudfront

Redirect headers

date
Mon, 04 Sep 2023 02:17:20 GMT
via
1.1 7bd20765fb335de036eff4682be365d4.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=15476338&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1693793840153&ns_c=UTF-8&c7=https%3A%2F%2Fwww.shefinds.com%2F&c8=Women%E2%80%99s%20Fashion%2C%20Beauty%20%26%20Lifestyle%20%E2%80%93%20SHEfinds&c9=
content-length
0
x-amz-cf-id
Xf4IxpT9QvEMVxhpO1UD9c9iovghsVNCoQsr1dx6kFc00KXPItaNng==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/ 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2394d12e4577671d6d8a98826b3712c6c321b2d3fdc67d335ee329415631cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 22:58:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
11902
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129682
x-xss-protection
0
server
cafe
etag
12917394590533080382
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 02 Sep 2024 22:58:58 GMT
headerstats
as-sec.casalemedia.com/ 		0
0
geoip
api.permutive.com/v2.0/ 		285 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=2aed5ae2-5875-450b-9e5e-34ac932123da
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
f826f59070a141c3599d0b89ee2683cb7bf9527dd350a227096f62f45f9144fa

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201
watson
api.permutive.com/v2.0/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=2aed5ae2-5875-450b-9e5e-34ac932123da
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
8c868b6331566666986f143b143caefa9f86ff0870e7c26d267f888a6357ecfd

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1182
pixel;r=622025651;rf=0;a=p-d6OYghvsxJNAU;url=https%3A%2F%2Fwww.shefinds.com%2F;uht=2;fpan=1;fpa=P0-621095924-1693793839382;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;us_privacy=1---...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=622025651;rf=0;a=p-d6OYghvsxJNAU;url=https%3A%2F%2Fwww.shefinds.com%2F;uht=2;fpan=1;fpa=P0-621095924-1693793839382;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;us_privacy=1---;ref=;d=shefinds.com;dst=0;et=1693793840192;tzo=600;ogl=title.Women%E2%80%99s%20Fashion%252C%20Beauty%20%26%20Lifestyle%20%E2%80%93%20SHEfinds%2Curl.https%3A%2F%2Fshefinds%252Ecom%2Cdescription.We%20help%20busy%20women%20find%20the%20things%20they%20need%20to%20enjoy%20their%20life%252C%20from%20sales%20and%2Ctype.article%2Csite_name.SheFinds%2Cimage.https%3A%2F%2Fwww%252Eshefinds%252Ecom%2Ffiles%2F2023%2F08%2FSF_Affiliate_She-Finds_Labor-Day-Sale%252Ejpg%2Clocale.en_US;ses=3b977ee0-77df-4d39-bf69-ebf947297c92;mdl=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
i
pixel.keywee.co/ 		43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.keywee.co/i?stm=1693793840206&e=pv&url=https%3A%2F%2Fwww.shefinds.com%2F&page=Women%E2%80%99s%20Fashion%2C%20Beauty%20%26%20Lifestyle%20%E2%80%93%20SHEfinds&tv=js-2.9.1&tna=cf&aid=920&p=web&tz=Pacific%2FHonolulu&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&f_passive=1&f_wheel=wheel&eid=08276bc6-64bb-4ddc-af3c-e586a1ee9c19&dtm=1693793840205&vp=1600x1200&ds=1600x6608&vid=1&sid=4a3fc116-1f39-4540-b348-a3f0d0efa5b3&duid=9470e18d-8523-4c94-abc8-3dcc77d09e3e&fp=306957071
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.23.220.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-220-154.compute-1.amazonaws.com
Software
nginx/1.21.3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

status
200 OK
date
Mon, 04 Sep 2023 02:17:20 GMT
x-content-type-options
nosniff
content-type
image/gif
server
nginx/1.21.3
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=340247040194248&ev=KWCEPV&dl=https%3A%2F%2Fwww.shefinds.com%2F&rl=&if=false&ts=1693793840208&cd[noad30]=1&cd[noadcm]=1&cd[nokart]=0&cd[pvps]=1&cd[slensec]=0&cd[ar30d]=1&cd[arcm]=1&cd[kar30d]=0&cd[karcm]=0&cd[ts30d]=0&cd[tscm]=0&cd[kru]=0&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1693793839435.1043375870&it=1693793839304&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=2&rqm=GET
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 04 Sep 2023 02:17:20 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=340247040194248&ev=PageView&dl=https%3A%2F%2Fwww.shefinds.com%2F&rl=&if=false&ts=1693793840208&sw=1600&sh=1200&v=2.9.125&r=stable&ec=1&o=30&fbp=fb.1.1693793839435.1043375870&it=1693793839304&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 04 Sep 2023 02:17:20 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1230911863589528&ev=Microdata&dl=https%3A%2F%2Fwww.shefinds.com%2F&rl=&if=false&ts=1693793840209&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Women%E2%80%99s%20Fashion%2C%20Beauty%20%26%20Lifestyle%20%E2%80%93%20SHEfinds%22%2C%22meta%3Adescription%22%3A%22We%20help%20busy%20women%20find%20the%20things%20they%20need%20to%20enjoy%20their%20life.%22%2C%22meta%3Akeywords%22%3A%22lifestyle%2Cshop%2Cskinnyfit%2Csponsored-2%2Csupplements%2Cvitamins%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Women%E2%80%99s%20Fashion%2C%20Beauty%20%26%20Lifestyle%20%E2%80%93%20SHEfinds%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fshefinds.com%22%2C%22og%3Adescription%22%3A%22We%20help%20busy%20women%20find%20the%20things%20they%20need%20to%20enjoy%20their%20life%2C%20from%20sales%20and%20deals%20to%20shopping%20tips%2C%20beauty%20reviews%2C%20life%20hacks%20and%20health%20advice.%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Asite_name%22%3A%22SheFinds%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.shefinds.com%2Ffiles%2F2023%2F08%2FSF_Affiliate_She-Finds_Labor-Day-Sale.jpg%22%2C%22og%3Alocale%22%3A%22en_US%22%2C%22article%3Apublished_time%22%3A%222023-09-01T09%3A00%3A18-04%3A00%22%2C%22article%3Aauthor%22%3A%22victoria%20garcia%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22SHEfinds%22%2C%22url%22%3A%22https%3A%2F%2Fwww.shefinds.com%22%7D%5D&sw=1600&sh=1200&v=2.9.125&r=stable&ec=1&o=30&fbp=fb.1.1693793839435.1043375870&it=1693793839304&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 04 Sep 2023 02:17:20 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
3d2fb0bd-52fc-4b75-aaf5-2d436c172540-models.bin
cdn.permutive.com/models/v2/ 		254 KB
177 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/3d2fb0bd-52fc-4b75-aaf5-2d436c172540-models.bin
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d44a787447f80b8126054428bbbb849a8197c6b38815ceb5c6ff3c354434dd5

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
3d2fb0bd-52fc-4b75-aaf5-2d436c172540
age
0
x-guploader-uploadid
ADPycdsjEeyubE43gg0N35Z4wy_6XuNYJgi7_of0Df4IqFd8ipdZQkbjzKzZhQA-lzJJE4vu_-J7VYHOggIWrwNR13EXHg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
180217
last-modified
Mon, 28 Aug 2023 06:01:42 GMT
server
cloudflare
etag
"1ccb1aaa48d86895d1fe3ba987247763"
vary
Accept-Encoding
x-goog-generation
1693202502286805
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=8qgsrw==, md5=HMsaqkjYaJXR/juphyR3Yw==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
180217
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8012bc4ddf87d9f5-MIA
expires
Mon, 04 Sep 2023 02:06:39 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3161&u=https%3A%2F%2Fwww.shefinds.com
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
1e9566328ed695496ddcfab7d78dffb01b62ec2e7fe0b2f09d95e8301ce698a1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:09:58 GMT
via
1.1 f07e3fd03d3423bceb1c6083ab62cf8a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
age
441
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2336
x-amz-cf-id
dkkZxxsx1S75g3PA_4j3CH9LYawiP8YfrSW78WuSm1PYExZJwmfsIA==
bid
aax.amazon-adsystem.com/e/dtb/ 		751 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3161&u=https%3A%2F%2Fwww.shefinds.com%2F&pid=uU4M6mWo7ciM9&cb=0&ws=1600x1200&v=23.821.1806&t=950&slots=%5B%7B%22sd%22%3A%22skm-ad-flexbanner%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Ffashion%22%7D%2C%7B%22sd%22%3A%22skm-ad-frame2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Ffashion%22%7D%2C%7B%22sd%22%3A%22skm-ad-flexrec-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Ffashion%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.107.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-107-227.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
5b9cb3a70f1e5baa6b5a0bb57c5e86b1765ce3b74a8308a768e054951ed621f9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:20 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 c7f059cae2da7d584bee2041395eabe8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P6
x-amz-rid
7GJ33MW1SP7Z7271Q5MP
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
751
x-amz-cf-id
k0EOxFsU0j6pQWHDRp1M5MwrXn4ow1lkDx1j41HwyhA8_Hsoir5siw==
envelope
api.rlcdn.com/api/identity/ 		0
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13252
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:17:20 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
identify
api.permutive.com/v2.0/ 		50 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=2aed5ae2-5875-450b-9e5e-34ac932123da
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
871ca36fbdb08ee5eb9fb51a75d21425169a3b149ac1f85656049511e414c15e

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
/
geo.privacymanager.io/ 		30 B
610 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.9.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-9-13.pit50.r.cloudfront.net
Software
/
Resource Hash
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 08:30:50 GMT
via
1.1 0af050b863ec46156a524df4e5d86692.cloudfront.net (CloudFront), 1.1 34f6524976843e87cebde49c2c137d6e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P4, PIT50-P1
age
63990
x-amzn-requestid
8b43012e-fb19-4409-87bc-3398b35dcc64
x-amzn-trace-id
Root=1-64f4443a-1b82722d20a00135085af7b4;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
Kq-ZJF2EjoEFozg=
content-length
30
x-amz-cf-id
WQ1-jFMTlkxdLbxY3oShgIKXKi-mSAgwCwCvX2MOX1VrhLfduOuvlw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
collect
analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-CGRZHQ8KQD&gtm=45je38u0&_p=258654665&_gaz=1&cid=1910143410.1693793839&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.shefinds.com%2F&sid=1693793840&sct=1&seg=0&dt=Women%E2%80%99s%20Fashion%2C%20Beauty%20%26%20Lifestyle%20%E2%80%93%20SHEfinds&en=page_view&_fv=1&_ss=1&_ee=1&ep.adunitname_lvl1=8352%2C1017293&ep.adunitname_lvl2=a.shefinds&ep.adunitname_lvl3=fashion&ep.adunitname_lvl4=_na_&ep.adunitname_lvl5=_na_&ep.pvuuid=f7b45e1c-6f9f-4680-aa2b-17488febc95b
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CGRZHQ8KQD&l=pmc_atlasmg_ga4_datalayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CGRZHQ8KQD&cid=1910143410.1693793839&gtm=45je38u0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CGRZHQ8KQD&l=pmc_atlasmg_ga4_datalayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-72491114-4&cid=1910143410.1693793839&jid=881138837&_u=aADAAEAAEAAAACAAI~&z=1087769001
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::6a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_sync
prebid-server.rubiconproject.com/ 		3 KB
977 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/cookie_sync
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
5e917e91e761080350fd2a00d12b45519a36434ed4fd15624d17dbd5e94374a3

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json
access-control-allow-origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
704
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		218 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
f9b33c7f847a906acdd8fab2a2f992a5517bf1ee3e705910af98b4d76bb77c03

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.127.0
Content-Type
application/json
access-control-allow-origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
195
Expires
0
xhr
pre.ads.justpremium.com/v/2.0/t/ 		53 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1693793840383
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.217.4.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-217-4-96.compute-1.amazonaws.com
Software
/
Resource Hash
7cde5122b3c8307bdb041016e68226472014181eeabc4346d859d8dd58388732

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:17:20 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
fastlane.json
fastlane.rubiconproject.com/a/api/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10278&site_id=84040&zone_id=587220&size_id=2&alt_size_ids=55%2C57&us_privacy=1---&rp_schain=1.0,1!pmc.com,1179161,1,,,&tpid_tdid=7928e066-76a9-463e-af89-7ce88bea635d&eid_adserver.org=7928e066-76a9-463e-af89-7ce88bea635d&rf=https%3A%2F%2Fwww.shefinds.com%2F&kw=beauty%2Ccontests%2Ccoupons%2Cdeals%2Cfashion%2Cgiveaways%2Cnails%2Csales%2Cshopping%2Cweddings&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2F&tg_i.domain=shefinds.com%2Cshefinds.com&tg_i.pvuuid=f7b45e1c-6f9f-4680-aa2b-17488febc95b&tg_i.addir=bh%2F41%2F412%2F412983%2F2498530&tg_i.site=shefinds&tg_i.urlhash=177546&tg_i.ci=front&tg_i.plat=desk&tg_i.pt=-&tg_i.schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&tg_i.browser=Chrome&tg_i.pageview=1&tg_i.refresh=n&tg_i.admants=S_11586%2CS_12972%2CS_12973%2CS_4282%2CS_4283%2CS_4289%2CS_4305%2CS_4307%2CS_4700%2CS_6554%2CS_6555%2CS_6651%2CS_6655%2CS_7003%2CS_7075%2CS_8275&tg_i.adt=veryLow&tg_i.alc=veryLow&tg_i.dlm=veryLow&tg_i.drg=veryLow&tg_i.hat=veryLow&tg_i.off=veryLow&tg_i.vio=veryLow&tg_i.ias-kw=IAS_3005184_PG%2CIAS_3005161_PG%2CIAS_3005111_PG%2CIAS_3008366_PG%2CIAS_3007987_PG%2CIAS_3005069_PG%2CIAS_3006637_PG%2CIAS_3005151_PG%2CIAS_3005175_PG%2CIAS_3008596_PG%2CIAS_3005146_PG%2CIAS_1508023_PG&tg_i.fr=true&tg_i.batch=1&tg_i.divid=skm-ad-flexbanner%2Cskm-ad-flexbanner&tg_i.st=flxban%2Cflxban&tg_i.inview=false%2Cfalse&tg_i.loc=3%2C3&tg_i.impuuid=3c0b96ad-4457-4003-87dd-a17c02305757%2C3c0b96ad-4457-4003-87dd-a17c02305757&tg_i.inst=1%2C1&tg_i.stinst=1%2C1&tg_i.optimera=NULL%2CNULL&tg_i.id=2cf79975-4ac9-11ee-bef5-0ac9557753d3%2C2cf79975-4ac9-11ee-bef5-0ac9557753d3&tg_i.vw=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.grm=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.pub=40%2C40&tg_i.vertical=fashion%2Cfashion&tg_i.vertical1=fashion%2Cfashion&tg_i.bidtype=pre&tg_i.pbadslot=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fflexbanner%2Fskm-ad-flexbanner&tk_flint=pbjs_lite_v7.40.0&x_source.tid=8abd9c88-ca8a-46d0-b5e3-6c043e403c29&l_pb_bid_id=867169a1231d45&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fflexbanner%2Fskm-ad-flexbanner&slots=1&rand=0.3177830809840816
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1246031db44c592308d471d3a30a42b9a949f7890d70730027ec844d8854c4d7

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10278&site_id=84040&zone_id=587220&size_id=2&p_pos=atf&us_privacy=1---&rp_schain=1.0,1!pmc.com,1179161,1,,,&tpid_tdid=7928e066-76a9-463e-af89-7ce88bea635d&eid_adserver.org=7928e066-76a9-463e-af89-7ce88bea635d&rf=https%3A%2F%2Fwww.shefinds.com%2F&kw=beauty%2Ccontests%2Ccoupons%2Cdeals%2Cfashion%2Cgiveaways%2Cnails%2Csales%2Cshopping%2Cweddings&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2F&tg_i.domain=shefinds.com%2Cshefinds.com&tg_i.pvuuid=f7b45e1c-6f9f-4680-aa2b-17488febc95b&tg_i.addir=bh%2F41%2F412%2F412983%2F2498530&tg_i.site=shefinds&tg_i.urlhash=177546&tg_i.ci=front&tg_i.plat=desk&tg_i.pt=-&tg_i.schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&tg_i.browser=Chrome&tg_i.pageview=1&tg_i.refresh=n&tg_i.admants=S_11586%2CS_12972%2CS_12973%2CS_4282%2CS_4283%2CS_4289%2CS_4305%2CS_4307%2CS_4700%2CS_6554%2CS_6555%2CS_6651%2CS_6655%2CS_7003%2CS_7075%2CS_8275&tg_i.adt=veryLow&tg_i.alc=veryLow&tg_i.dlm=veryLow&tg_i.drg=veryLow&tg_i.hat=veryLow&tg_i.off=veryLow&tg_i.vio=veryLow&tg_i.ias-kw=IAS_3005184_PG%2CIAS_3005161_PG%2CIAS_3005111_PG%2CIAS_3008366_PG%2CIAS_3007987_PG%2CIAS_3005069_PG%2CIAS_3006637_PG%2CIAS_3005151_PG%2CIAS_3005175_PG%2CIAS_3008596_PG%2CIAS_3005146_PG%2CIAS_1508023_PG&tg_i.fr=true&tg_i.batch=1&tg_i.divid=skm-ad-frame2%2Cskm-ad-frame2&tg_i.st=frame2%2Cframe2&tg_i.inview=true%2Ctrue&tg_i.close_control=enabled%2Cenabled&tg_i.loc=sticky%2Csticky&tg_i.impuuid=3fb27712-35ee-40e5-ad79-4390fe227434%2C3fb27712-35ee-40e5-ad79-4390fe227434&tg_i.inst=s1%2Cs1&tg_i.stinst=s1%2Cs1&tg_i.optimera=NULL%2CNULL&tg_i.id=2cf79976-4ac9-11ee-bef5-0ac9557753d3%2C2cf79976-4ac9-11ee-bef5-0ac9557753d3&tg_i.vw=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.grm=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.pub=40%2C40&tg_i.vertical=fashion%2Cfashion&tg_i.vertical1=fashion%2Cfashion&tg_i.bidtype=pre&tg_i.pbadslot=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fframe2%2Fskm-ad-frame2&tk_flint=pbjs_lite_v7.40.0&x_source.tid=c4b84281-9003-470a-820e-a25f71731c9f&l_pb_bid_id=9ffe5e2193c749&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fframe2%2Fskm-ad-frame2&slots=1&rand=0.4922887633476425
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c4aa4fa2ccc0d3a4efcae63c95f5343d5e0841e86711fcc4bc48506fa89732a1

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10278&site_id=84040&zone_id=587220&size_id=15&alt_size_ids=10&us_privacy=1---&rp_schain=1.0,1!pmc.com,1179161,1,,,&tpid_tdid=7928e066-76a9-463e-af89-7ce88bea635d&eid_adserver.org=7928e066-76a9-463e-af89-7ce88bea635d&rf=https%3A%2F%2Fwww.shefinds.com%2F&kw=beauty%2Ccontests%2Ccoupons%2Cdeals%2Cfashion%2Cgiveaways%2Cnails%2Csales%2Cshopping%2Cweddings&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2F&tg_i.domain=shefinds.com%2Cshefinds.com&tg_i.pvuuid=f7b45e1c-6f9f-4680-aa2b-17488febc95b&tg_i.addir=bh%2F41%2F412%2F412983%2F2498530&tg_i.site=shefinds&tg_i.urlhash=177546&tg_i.ci=front&tg_i.plat=desk&tg_i.pt=-&tg_i.schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&tg_i.browser=Chrome&tg_i.pageview=1&tg_i.refresh=n&tg_i.admants=S_11586%2CS_12972%2CS_12973%2CS_4282%2CS_4283%2CS_4289%2CS_4305%2CS_4307%2CS_4700%2CS_6554%2CS_6555%2CS_6651%2CS_6655%2CS_7003%2CS_7075%2CS_8275&tg_i.adt=veryLow&tg_i.alc=veryLow&tg_i.dlm=veryLow&tg_i.drg=veryLow&tg_i.hat=veryLow&tg_i.off=veryLow&tg_i.vio=veryLow&tg_i.ias-kw=IAS_3005184_PG%2CIAS_3005161_PG%2CIAS_3005111_PG%2CIAS_3008366_PG%2CIAS_3007987_PG%2CIAS_3005069_PG%2CIAS_3006637_PG%2CIAS_3005151_PG%2CIAS_3005175_PG%2CIAS_3008596_PG%2CIAS_3005146_PG%2CIAS_1508023_PG&tg_i.fr=true&tg_i.batch=1&tg_i.divid=skm-ad-flexrec-1%2Cskm-ad-flexrec-1&tg_i.st=flxrec%2Cflxrec&tg_i.inview=false%2Cfalse&tg_i.loc=4%2C4&tg_i.impuuid=8c1b31ce-430d-4229-9622-f7106767b482%2C8c1b31ce-430d-4229-9622-f7106767b482&tg_i.inst=2%2C2&tg_i.stinst=1%2C1&tg_i.optimera=NULL%2CNULL&tg_i.id=2cf79977-4ac9-11ee-bef5-0ac9557753d3%2C2cf79977-4ac9-11ee-bef5-0ac9557753d3&tg_i.vw=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.grm=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.pub=40%2C40&tg_i.vertical=fashion%2Cfashion&tg_i.vertical1=fashion%2Cfashion&tg_i.bidtype=pre&tg_i.pbadslot=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fflexrec%2Fskm-ad-flexrec-1&tk_flint=pbjs_lite_v7.40.0&x_source.tid=003bc67e-d008-468c-9e8f-a5dbd6140f86&l_pb_bid_id=1001e94b3234fef&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fflexrec%2Fskm-ad-flexrec-1&slots=1&rand=0.8015757398752588
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
881b22fde3e0c3463368405dc47ef75452941e393a238792b6594d357881749e

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
imp
g2.gumgum.com/hbid/ 		921 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1693793840389&to=600&aun=skm-ad-flexbanner&tdid=7928e066-76a9-463e-af89-7ce88bea635d&gpid=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fflexbanner%2Fskm-ad-flexbanner&fp=0.05&fpc=USD&maxw=970&maxh=250&si=55609&pi=3&bf=728x90%2C970x250%2C970x90&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.shefinds.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.40.0%22%7D&ogu=https%3A%2F%2Fshefinds.com&ns=10240
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.12.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-12-53.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2cd6734d1b711e88870ae312c46cd370f548a188eeceed18e64e0aa395a86871

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		921 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1693793840390&to=600&aun=skm-ad-flexbanner&tdid=7928e066-76a9-463e-af89-7ce88bea635d&gpid=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fflexbanner%2Fskm-ad-flexbanner&fp=0.05&fpc=USD&maxw=970&maxh=250&si=55610&pi=3&bf=728x90%2C970x250%2C970x90&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.shefinds.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.40.0%22%7D&ogu=https%3A%2F%2Fshefinds.com&ns=10240
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.12.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-12-53.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b8d8491b99fad80d013575d765ac083fff34650d565af6d87e6e698232323c95

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		921 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1693793840390&to=600&aun=skm-ad-frame2&tdid=7928e066-76a9-463e-af89-7ce88bea635d&gpid=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fframe2%2Fskm-ad-frame2&fp=0.05&fpc=USD&t=rdkhbc4i&pi=2&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.shefinds.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.40.0%22%7D&ogu=https%3A%2F%2Fshefinds.com&ns=10240
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.12.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-12-53.compute-1.amazonaws.com
Software
nginx /
Resource Hash
71a3413564e3b7f97e48ee246da8d44f772d1e65db33310b7db628f90b1a43bb

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		921 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1693793840391&to=600&aun=skm-ad-flexrec-1&tdid=7928e066-76a9-463e-af89-7ce88bea635d&gpid=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fflexrec%2Fskm-ad-flexrec-1&fp=0.05&fpc=USD&maxw=300&maxh=600&si=55603&pi=3&bf=300x250%2C300x600&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.shefinds.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.40.0%22%7D&ogu=https%3A%2F%2Fshefinds.com&ns=10240
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.12.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-12-53.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ec1589cc7b416685717b86224f14a24c760d1f214c9849516141611c1646b6c8

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		921 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1693793840391&to=600&aun=skm-ad-flexrec-1&tdid=7928e066-76a9-463e-af89-7ce88bea635d&gpid=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fflexrec%2Fskm-ad-flexrec-1&fp=0.05&fpc=USD&maxw=300&maxh=600&si=55604&pi=3&bf=300x250%2C300x600&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.shefinds.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.40.0%22%7D&ogu=https%3A%2F%2Fshefinds.com&ns=10240
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.12.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-12-53.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f9193e6b389c5ad73f4c1711e2387ef82136b76e08c206e2dcc830e1acaf91d4

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=211441
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0f00803808e1a373712079bd65cdee2b7941c5b3d6f59a3ef2344255a790934

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4D2ljkYUTKMXo8UOIqD0gySLceLPoXOhuw%2FaH%2F68EN%2FYbMiLWw44o%2B130YIxXm3zhP5XLvv3%2BSE9Q642CCXv4bE8ag1uI3NNeXVhIty0w999Ix2QXEWyEhamkmkPcUfPY9TaMTpY"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8012bc4efbb0d9e9-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
hb
hb.undertone.com/ 		0
801 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=1322&domain=shefinds.com&ccpa=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-63.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
via
1.1 2041b05ebafba84de0e785871a4269bc.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.shefinds.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
355
x-amz-cf-id
7Ju-JyUhOsWnbbhAVumjvPWx8aAjrWLOIGSvSDBUc7NQMLl6P_-0Ag==
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
krk.kargo.com/api/v2/ 		2 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22abb126d9-18b0-4371-9481-b65a37988dcd%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A1000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1693793840398%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2229413654e3f5886%22%3A%22_v6VdRarHJG%22%2C%22300f202499ba2ab%22%3A%22_ywYyfUetzl%22%7D%2C%22bidSizes%22%3A%7B%2229413654e3f5886%22%3A%5B%5B728%2C90%5D%5D%2C%22300f202499ba2ab%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22sua%22%3A%7B%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%7D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_v6VdRarHJG%22%7D%2C%22auctionId%22%3A%22f3ece846-07ad-4e05-8d27-d029531bd4f5%22%2C%22floorData%22%3A%7B%22skipped%22%3Afalse%2C%22skipRate%22%3A0%2C%22location%22%3A%22setConfig%22%7D%2C%22userId%22%3A%7B%22tdid%22%3A%227928e066-76a9-463e-af89-7ce88bea635d%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227928e066-76a9-463e-af89-7ce88bea635d%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22divid%22%3A%5B%22skm-ad-frame2%22%5D%2C%22st%22%3A%5B%22frame2%22%5D%2C%22inview%22%3A%5B%22true%22%5D%2C%22close_control%22%3A%5B%22enabled%22%5D%2C%22loc%22%3A%5B%22sticky%22%5D%2C%22impuuid%22%3A%5B%223fb27712-35ee-40e5-ad79-4390fe227434%22%5D%2C%22inst%22%3A%5B%22s1%22%5D%2C%22stinst%22%3A%5B%22s1%22%5D%2C%22optimera%22%3A%5B%22NULL%22%5D%2C%22id%22%3A%5B%222cf79976-4ac9-11ee-bef5-0ac9557753d3%22%5D%2C%22vw%22%3A%5B%2240%22%2C%2250%22%2C%2260%22%2C%2270%22%5D%2C%22grm%22%3A%5B%2240%22%2C%2250%22%2C%2260%22%2C%2270%22%5D%2C%22pub%22%3A%5B%2240%22%5D%2C%22vertical%22%3A%5B%22fashion%22%5D%2C%22vertical1%22%3A%5B%22fashion%22%5D%2C%22pbadslot%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fframe2%2Fskm-ad-frame2%22%7D%2C%22gpid%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fframe2%2Fskm-ad-frame2%22%2C%22tid%22%3A%22c4b84281-9003-470a-820e-a25f71731c9f%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22skm-ad-frame2%22%2C%22transactionId%22%3A%22c4b84281-9003-470a-820e-a25f71731c9f%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22bidId%22%3A%2229413654e3f5886%22%2C%22bidderRequestId%22%3A%222802cb44cafb54%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0.10000002384185791%2C0%5D%2C%22userId.mod.init%22%3A%5B0.19999998807907104%2C0.2999999523162842%2C0%2C0.19999998807907104%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.19999998807907104%2C0%5D%2C%22userId.mods.identityLink.init%22%3A%5B0.2999999523162842%2C0.19999998807907104%5D%2C%22userId.init.modules%22%3A%5B2.399999976158142%2C0.9000000357627869%5D%2C%22userId.total%22%3A%5B1197.199999988079%2C75.30000001192093%5D%2C%22userId.mod.callback%22%3A%5B76.10000002384186%5D%2C%22userId.mods.identityLink.callback%22%3A%5B76.10000002384186%5D%2C%22userId.callbacks.total%22%3A%5B76.19999998807907%5D%2C%22requestBids.usp%22%3A0%2C%22requestBids.priceFloors%22%3A0.699999988079071%2C%22requestBids.userId%22%3A0.800000011920929%2C%22requestBids.rtd%22%3A19%2C%22requestBids.validate%22%3A0.5999999642372131%2C%22requestBids.makeRequests%22%3A14.800000011920929%2C%22adapter.client.validate%22%3A0.10000002384185791%2C%22adapters.client.kargo.validate%22%3A0.10000002384185791%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.shefinds.com%2F%22%2C%22domain%22%3A%22shefinds.com%22%2C%22keywords%22%3A%22beauty%2Ccontests%2Ccoupons%2Cdeals%2Cfashion%2Cgiveaways%2Cnails%2Csales%2Cshopping%2Cweddings%22%2C%22publisher%22%3A%7B%22domain%22%3A%22shefinds.com%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22pvuuid%22%3A%5B%22f7b45e1c-6f9f-4680-aa2b-17488febc95b%22%5D%2C%22addir%22%3A%5B%22bh%2F41%2F412%2F412983%2F2498530%22%5D%2C%22site%22%3A%5B%22shefinds%22%5D%2C%22domain%22%3A%5B%22shefinds.com%22%5D%2C%22urlhash%22%3A%5B%22177546%22%5D%2C%22ci%22%3A%5B%22front%22%5D%2C%22plat%22%3A%5B%22desk%22%5D%2C%22pt%22%3A%5B%22-%22%5D%2C%22schainv10%22%3A%5B%221.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C%22%5D%2C%22browser%22%3A%5B%22Chrome%22%5D%2C%22pageview%22%3A%5B%221%22%5D%2C%22refresh%22%3A%5B%22n%22%5D%2C%22admants%22%3A%5B%22S_11586%22%2C%22S_12972%22%2C%22S_12973%22%2C%22S_4282%22%2C%22S_4283%22%2C%22S_4289%22%2C%22S_4305%22%2C%22S_4307%22%2C%22S_4700%22%2C%22S_6554%22%2C%22S_6555%22%2C%22S_6651%22%2C%22S_6655%22%2C%22S_7003%22%2C%22S_7075%22%2C%22S_8275%22%5D%2C%22adt%22%3A%5B%22veryLow%22%5D%2C%22alc%22%3A%5B%22veryLow%22%5D%2C%22dlm%22%3A%5B%22veryLow%22%5D%2C%22drg%22%3A%5B%22veryLow%22%5D%2C%22hat%22%3A%5B%22veryLow%22%5D%2C%22off%22%3A%5B%22veryLow%22%5D%2C%22vio%22%3A%5B%22veryLow%22%5D%2C%22ias-kw%22%3A%5B%22IAS_3005184_PG%22%2C%22IAS_3005161_PG%22%2C%22IAS_3005111_PG%22%2C%22IAS_3008366_PG%22%2C%22IAS_3007987_PG%22%2C%22IAS_3005069_PG%22%2C%22IAS_3006637_PG%22%2C%22IAS_3005151_PG%22%2C%22IAS_3005175_PG%22%2C%22IAS_3008596_PG%22%2C%22IAS_3005146_PG%22%2C%22IAS_1508023_PG%22%5D%2C%22fr%22%3A%5B%22true%22%5D%2C%22batch%22%3A%5B%221%22%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.140%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pmc.com%22%2C%22sid%22%3A%221179161%22%2C%22hp%22%3A1%7D%5D%7D%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_ywYyfUetzl%22%7D%2C%22auctionId%22%3A%22f3ece846-07ad-4e05-8d27-d029531bd4f5%22%2C%22floorData%22%3A%7B%22skipped%22%3Afalse%2C%22skipRate%22%3A0%2C%22location%22%3A%22setConfig%22%7D%2C%22userId%22%3A%7B%22tdid%22%3A%227928e066-76a9-463e-af89-7ce88bea635d%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227928e066-76a9-463e-af89-7ce88bea635d%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22divid%22%3A%5B%22skm-ad-flexrec-1%22%5D%2C%22st%22%3A%5B%22flxrec%22%5D%2C%22inview%22%3A%5B%22false%22%5D%2C%22loc%22%3A%5B%224%22%5D%2C%22impuuid%22%3A%5B%228c1b31ce-430d-4229-9622-f7106767b482%22%5D%2C%22inst%22%3A%5B%222%22%5D%2C%22stinst%22%3A%5B%221%22%5D%2C%22optimera%22%3A%5B%22NULL%22%5D%2C%22id%22%3A%5B%222cf79977-4ac9-11ee-bef5-0ac9557753d3%22%5D%2C%22vw%22%3A%5B%2240%22%2C%2250%22%2C%2260%22%2C%2270%22%5D%2C%22grm%22%3A%5B%2240%22%2C%2250%22%2C%2260%22%2C%2270%22%5D%2C%22pub%22%3A%5B%2240%22%5D%2C%22vertical%22%3A%5B%22fashion%22%5D%2C%22vertical1%22%3A%5B%22fashion%22%5D%2C%22pbadslot%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fflexrec%2Fskm-ad-flexrec-1%22%7D%2C%22gpid%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fflexrec%2Fskm-ad-flexrec-1%22%2C%22tid%22%3A%22003bc67e-d008-468c-9e8f-a5dbd6140f86%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22skm-ad-flexrec-1%22%2C%22transactionId%22%3A%22003bc67e-d008-468c-9e8f-a5dbd6140f86%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%22300f202499ba2ab%22%2C%22bidderRequestId%22%3A%222802cb44cafb54%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0.10000002384185791%2C0%5D%2C%22userId.mod.init%22%3A%5B0.19999998807907104%2C0.2999999523162842%2C0%2C0.19999998807907104%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.19999998807907104%2C0%5D%2C%22userId.mods.identityLink.init%22%3A%5B0.2999999523162842%2C0.19999998807907104%5D%2C%22userId.init.modules%22%3A%5B2.399999976158142%2C0.9000000357627869%5D%2C%22userId.total%22%3A%5B1197.199999988079%2C75.30000001192093%5D%2C%22userId.mod.callback%22%3A%5B76.10000002384186%5D%2C%22userId.mods.identityLink.callback%22%3A%5B76.10000002384186%5D%2C%22userId.callbacks.total%22%3A%5B76.19999998807907%5D%2C%22requestBids.usp%22%3A0%2C%22requestBids.priceFloors%22%3A0.699999988079071%2C%22requestBids.userId%22%3A0.800000011920929%2C%22requestBids.rtd%22%3A19%2C%22requestBids.validate%22%3A0.5999999642372131%2C%22requestBids.makeRequests%22%3A14.800000011920929%2C%22adapter.client.validate%22%3A0.10000002384185791%2C%22adapters.client.kargo.validate%22%3A0.10000002384185791%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.shefinds.com%2F%22%2C%22domain%22%3A%22shefinds.com%22%2C%22keywords%22%3A%22beauty%2Ccontests%2Ccoupons%2Cdeals%2Cfashion%2Cgiveaways%2Cnails%2Csales%2Cshopping%2Cweddings%22%2C%22publisher%22%3A%7B%22domain%22%3A%22shefinds.com%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22pvuuid%22%3A%5B%22f7b45e1c-6f9f-4680-aa2b-17488febc95b%22%5D%2C%22addir%22%3A%5B%22bh%2F41%2F412%2F412983%2F2498530%22%5D%2C%22site%22%3A%5B%22shefinds%22%5D%2C%22domain%22%3A%5B%22shefinds.com%22%5D%2C%22urlhash%22%3A%5B%22177546%22%5D%2C%22ci%22%3A%5B%22front%22%5D%2C%22plat%22%3A%5B%22desk%22%5D%2C%22pt%22%3A%5B%22-%22%5D%2C%22schainv10%22%3A%5B%221.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C%22%5D%2C%22browser%22%3A%5B%22Chrome%22%5D%2C%22pageview%22%3A%5B%221%22%5D%2C%22refresh%22%3A%5B%22n%22%5D%2C%22admants%22%3A%5B%22S_11586%22%2C%22S_12972%22%2C%22S_12973%22%2C%22S_4282%22%2C%22S_4283%22%2C%22S_4289%22%2C%22S_4305%22%2C%22S_4307%22%2C%22S_4700%22%2C%22S_6554%22%2C%22S_6555%22%2C%22S_6651%22%2C%22S_6655%22%2C%22S_7003%22%2C%22S_7075%22%2C%22S_8275%22%5D%2C%22adt%22%3A%5B%22veryLow%22%5D%2C%22alc%22%3A%5B%22veryLow%22%5D%2C%22dlm%22%3A%5B%22veryLow%22%5D%2C%22drg%22%3A%5B%22veryLow%22%5D%2C%22hat%22%3A%5B%22veryLow%22%5D%2C%22off%22%3A%5B%22veryLow%22%5D%2C%22vio%22%3A%5B%22veryLow%22%5D%2C%22ias-kw%22%3A%5B%22IAS_3005184_PG%22%2C%22IAS_3005161_PG%22%2C%22IAS_3005111_PG%22%2C%22IAS_3008366_PG%22%2C%22IAS_3007987_PG%22%2C%22IAS_3005069_PG%22%2C%22IAS_3006637_PG%22%2C%22IAS_3005151_PG%22%2C%22IAS_3005175_PG%22%2C%22IAS_3008596_PG%22%2C%22IAS_3005146_PG%22%2C%22IAS_1508023_PG%22%5D%2C%22fr%22%3A%5B%22true%22%5D%2C%22batch%22%3A%5B%221%22%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.140%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pmc.com%22%2C%22sid%22%3A%221179161%22%2C%22hp%22%3A1%7D%5D%7D%7D%5D%2C%22prebidVersion%22%3A%227.40.0%22%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%2C%22tdID%22%3A%227928e066-76a9-463e-af89-7ce88bea635d%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.shefinds.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.112.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-112-232.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:20 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Nbr
505
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
bidRequest
c2shb.ssp.yahoo.com/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dbd0174740d3eaf131aeb360934&pos=affiliates_728x90_desktop&cmd=bid&pvuuid=f7b45e1c-6f9f-4680-aa2b-17488febc95b&addir=bh%2F41%2F412%2F412983%2F2498530&site=shefinds&domain=shefinds.com&urlhash=177546&ci=front&plat=desk&pt=-&schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&browser=Chrome&pageview=1&refresh=n&admants=S_11586%2CS_12972%2CS_12973%2CS_4282%2CS_4283%2CS_4289%2CS_4305%2CS_4307%2CS_4700%2CS_6554%2CS_6555%2CS_6651%2CS_6655%2CS_7003%2CS_7075%2CS_8275&adt=veryLow&alc=veryLow&dlm=veryLow&drg=veryLow&hat=veryLow&off=veryLow&vio=veryLow&ias-kw=IAS_3005184_PG%2CIAS_3005161_PG%2CIAS_3005111_PG%2CIAS_3008366_PG%2CIAS_3007987_PG%2CIAS_3005069_PG%2CIAS_3006637_PG%2CIAS_3005151_PG%2CIAS_3005175_PG%2CIAS_3008596_PG%2CIAS_3005146_PG%2CIAS_1508023_PG&fr=true&divid=skm-ad-flexbanner&st=flxban&inview=false&loc=3&impuuid=3c0b96ad-4457-4003-87dd-a17c02305757&inst=1&stinst=1&optimera=NULL&id=2cf79975-4ac9-11ee-bef5-0ac9557753d3&vw=40%2C50%2C60%2C70&grm=40%2C50%2C60%2C70&pub=40&vertical=fashion&vertical1=fashion&eidadserver.org=7928e066-76a9-463e-af89-7ce88bea635d&secure=1&us_privacy=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
8079aac05b64e3fceb9ed1927812b4b1883dfe0ac38f36f03ebc3fa1a609b767

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
server
ATS/9.1.10.75
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
content-length
3115
bidRequest
c2shb.ssp.yahoo.com/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dbd0174740d3eaf131aeb360934&pos=affiliates_970x250_desktop&cmd=bid&pvuuid=f7b45e1c-6f9f-4680-aa2b-17488febc95b&addir=bh%2F41%2F412%2F412983%2F2498530&site=shefinds&domain=shefinds.com&urlhash=177546&ci=front&plat=desk&pt=-&schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&browser=Chrome&pageview=1&refresh=n&admants=S_11586%2CS_12972%2CS_12973%2CS_4282%2CS_4283%2CS_4289%2CS_4305%2CS_4307%2CS_4700%2CS_6554%2CS_6555%2CS_6651%2CS_6655%2CS_7003%2CS_7075%2CS_8275&adt=veryLow&alc=veryLow&dlm=veryLow&drg=veryLow&hat=veryLow&off=veryLow&vio=veryLow&ias-kw=IAS_3005184_PG%2CIAS_3005161_PG%2CIAS_3005111_PG%2CIAS_3008366_PG%2CIAS_3007987_PG%2CIAS_3005069_PG%2CIAS_3006637_PG%2CIAS_3005151_PG%2CIAS_3005175_PG%2CIAS_3008596_PG%2CIAS_3005146_PG%2CIAS_1508023_PG&fr=true&divid=skm-ad-flexbanner&st=flxban&inview=false&loc=3&impuuid=3c0b96ad-4457-4003-87dd-a17c02305757&inst=1&stinst=1&optimera=NULL&id=2cf79975-4ac9-11ee-bef5-0ac9557753d3&vw=40%2C50%2C60%2C70&grm=40%2C50%2C60%2C70&pub=40&vertical=fashion&vertical1=fashion&eidadserver.org=7928e066-76a9-463e-af89-7ce88bea635d&secure=1&us_privacy=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
919d6302cf2d1ea3b314d0e0c8dfcbf8522d939c56386fd03d233385453016c9

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
server
ATS/9.1.10.75
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
content-length
3075
bidRequest
c2shb.ssp.yahoo.com/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dbd0174740d3eaf131aeb360934&pos=affiliates_728x90_desktop&cmd=bid&pvuuid=f7b45e1c-6f9f-4680-aa2b-17488febc95b&addir=bh%2F41%2F412%2F412983%2F2498530&site=shefinds&domain=shefinds.com&urlhash=177546&ci=front&plat=desk&pt=-&schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&browser=Chrome&pageview=1&refresh=n&admants=S_11586%2CS_12972%2CS_12973%2CS_4282%2CS_4283%2CS_4289%2CS_4305%2CS_4307%2CS_4700%2CS_6554%2CS_6555%2CS_6651%2CS_6655%2CS_7003%2CS_7075%2CS_8275&adt=veryLow&alc=veryLow&dlm=veryLow&drg=veryLow&hat=veryLow&off=veryLow&vio=veryLow&ias-kw=IAS_3005184_PG%2CIAS_3005161_PG%2CIAS_3005111_PG%2CIAS_3008366_PG%2CIAS_3007987_PG%2CIAS_3005069_PG%2CIAS_3006637_PG%2CIAS_3005151_PG%2CIAS_3005175_PG%2CIAS_3008596_PG%2CIAS_3005146_PG%2CIAS_1508023_PG&fr=true&divid=skm-ad-frame2&st=frame2&inview=true&close_control=enabled&loc=sticky&impuuid=3fb27712-35ee-40e5-ad79-4390fe227434&inst=s1&stinst=s1&optimera=NULL&id=2cf79976-4ac9-11ee-bef5-0ac9557753d3&vw=40%2C50%2C60%2C70&grm=40%2C50%2C60%2C70&pub=40&vertical=fashion&vertical1=fashion&eidadserver.org=7928e066-76a9-463e-af89-7ce88bea635d&secure=1&us_privacy=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
68d3b398ff73de089a841115251275f354fabe24d9c9750dbd7fb5e2995a5da0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
server
ATS/9.1.10.75
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
content-length
3165
bidRequest
c2shb.ssp.yahoo.com/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dbd0174740d3eaf131aeb360934&pos=affiliates_300x250_desktop&cmd=bid&pvuuid=f7b45e1c-6f9f-4680-aa2b-17488febc95b&addir=bh%2F41%2F412%2F412983%2F2498530&site=shefinds&domain=shefinds.com&urlhash=177546&ci=front&plat=desk&pt=-&schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&browser=Chrome&pageview=1&refresh=n&admants=S_11586%2CS_12972%2CS_12973%2CS_4282%2CS_4283%2CS_4289%2CS_4305%2CS_4307%2CS_4700%2CS_6554%2CS_6555%2CS_6651%2CS_6655%2CS_7003%2CS_7075%2CS_8275&adt=veryLow&alc=veryLow&dlm=veryLow&drg=veryLow&hat=veryLow&off=veryLow&vio=veryLow&ias-kw=IAS_3005184_PG%2CIAS_3005161_PG%2CIAS_3005111_PG%2CIAS_3008366_PG%2CIAS_3007987_PG%2CIAS_3005069_PG%2CIAS_3006637_PG%2CIAS_3005151_PG%2CIAS_3005175_PG%2CIAS_3008596_PG%2CIAS_3005146_PG%2CIAS_1508023_PG&fr=true&divid=skm-ad-flexrec-1&st=flxrec&inview=false&loc=4&impuuid=8c1b31ce-430d-4229-9622-f7106767b482&inst=2&stinst=1&optimera=NULL&id=2cf79977-4ac9-11ee-bef5-0ac9557753d3&vw=40%2C50%2C60%2C70&grm=40%2C50%2C60%2C70&pub=40&vertical=fashion&vertical1=fashion&eidadserver.org=7928e066-76a9-463e-af89-7ce88bea635d&secure=1&us_privacy=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
aff06b6ec4bffd9aebc190af0ce7b5398345a2cd7df2bf7772e3fdd51e2d8d1a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
server
ATS/9.1.10.75
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
content-length
3112
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dbd0174740d3eaf131aeb360934&pos=affiliates_300x600_desktop&cmd=bid&pvuuid=f7b45e1c-6f9f-4680-aa2b-17488febc95b&addir=bh%2F41%2F412%2F412983%2F2498530&site=shefinds&domain=shefinds.com&urlhash=177546&ci=front&plat=desk&pt=-&schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&browser=Chrome&pageview=1&refresh=n&admants=S_11586%2CS_12972%2CS_12973%2CS_4282%2CS_4283%2CS_4289%2CS_4305%2CS_4307%2CS_4700%2CS_6554%2CS_6555%2CS_6651%2CS_6655%2CS_7003%2CS_7075%2CS_8275&adt=veryLow&alc=veryLow&dlm=veryLow&drg=veryLow&hat=veryLow&off=veryLow&vio=veryLow&ias-kw=IAS_3005184_PG%2CIAS_3005161_PG%2CIAS_3005111_PG%2CIAS_3008366_PG%2CIAS_3007987_PG%2CIAS_3005069_PG%2CIAS_3006637_PG%2CIAS_3005151_PG%2CIAS_3005175_PG%2CIAS_3008596_PG%2CIAS_3005146_PG%2CIAS_1508023_PG&fr=true&divid=skm-ad-flexrec-1&st=flxrec&inview=false&loc=4&impuuid=8c1b31ce-430d-4229-9622-f7106767b482&inst=2&stinst=1&optimera=NULL&id=2cf79977-4ac9-11ee-bef5-0ac9557753d3&vw=40%2C50%2C60%2C70&grm=40%2C50%2C60%2C70&pub=40&vertical=fashion&vertical1=fashion&eidadserver.org=7928e066-76a9-463e-af89-7ce88bea635d&secure=1&us_privacy=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
f246699e0fe6c4060af41310ef3616b4185c8c819ba4f91588776063205ba75b

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
server
ATS/9.1.10.75
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
content-length
80
bid
s.seedtag.com/c/hb/ 		87 B
894 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
15956c0a2d4731c70792f145ac91f4e53c8012f06f67ab0bfce1cc1cbd842f6f

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
via
1.1 google
server
openresty
etag
W/"57-tKKIaF0kl0lrmhuF6yhIoncO5no"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
ib.adnxs.com/ut/v3/ 		19 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
an-x-request-uuid
31e50edc-f427-4ae8-a1c5-7a61d7dbd646
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.40.0&referrer=https%3A%2F%2Fwww.shefinds.com%2F&tmax=1000&us_privacy=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.232.59.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-59-64.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
x-auction-status
12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
c
prebid.a-mo.net/a/ 		1001 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
626f53e80c5230442daf520875519d7ee61c71726705e60e124b9e3b12006bae

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
127
content-length
486
cdb
bidder.criteo.com/ 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.40.0&cb=19934910546&lsavail=1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:17:19 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
ap.lijit.com/rtb/ 		24 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.40.0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
9f9d037794af2cbf8d8d010fd3420933bdddc45ede8028ddc13a357c074c5593

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 04 Sep 2023 02:17:20 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
shemedia
direct.adsrvr.org/bid/bidder/ 		0
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/shemedia
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:17:20 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.104.103.253 Billerica, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-104-103-253.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Mon, 04 Sep 2023 02:32:20 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-28.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 11:35:10 GMT
content-encoding
gzip
via
1.1 c7947fe0c635bc68b2cbc2a30738872c.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:15 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
52931
x-amz-server-side-encryption
AES256
etag
W/"560498a44e7d42477433425cdafd6a16"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
KZq86BNdwWsnu0rI27rfr9Uf-ThNtNPYjwVYa70aOR7Y0-5p_jHseg==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.shefinds.com%2F&ref=&_it=amazon&partner_id=458
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 22 May 2023 16:51:11 GMT
server
cloudflare
x-amz-request-id
CYR3MH29WZT1YS7G
age
553
etag
W/"82b3b53182a6a8dbe6684806275e839a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
8012bc4f9dc5288a-MIA
x-amz-id-2
pr+Q8VZpaGu8DMcuENZeqcR0lrPEBfaCAARteKZNkCZ9cp1Mx8GlJmbnFEfNaQF40cm7aA9jb9o=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		118 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d68e1b3634db2da8c394ef1754ae0bb9e0fe14e550643e0b913464ce66ba6ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 21 Aug 2023 10:48:56 GMT
server
cloudflare
x-amz-request-id
1D0GD6VQX3NVXQ48
age
187
etag
W/"7799d2904b6b2427a4713f4da8b71602"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8012bc4f7a746da7-MIA
x-amz-id-2
EqOrwWwydSqoW8uBvrxa6+GQ/qFfb9wQmiQ3ivXnYYuSGUdse2WLBfX96KrCu3Re+To946FSa2I5006tqFa2Ng==
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
395927eda8e152ba4518536930ad88d5472fdccd9323093f3998a968810d0ce7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:17:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
usermatch
ssum-sec.casalemedia.com/ Frame AFDA
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_conse...
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=1---&C=1
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
3909e7928f53c8d05698c8088d9c8a99fc7e663288698828ff7d47d827335fb8

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
2018
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:17:20 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Mon, 04 Sep 2023 02:17:20 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=1---&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
hadron.json
id.hadron.ad.gt/v1/ 		97 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=458&sync=0&domain=www.shefinds.com&url=https://www.shefinds.com/
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ced3bd2fb17d2d1f747d00f8418838e3a039f94d250e8dd7ccab5d456c2832f

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
8012bc50d8c30329-MIA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=458&sync=0&domain=www.shefinds.com&url=https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
8012bc5068270329-MIA
content-length
0
content-type
application/json
date
Mon, 04 Sep 2023 02:17:20 GMT
debug
OPTIONS block
expires
Tue, 03 Sep 2024 02:17:20 GMT
server
cloudflare
segment
api.permutive.com/adv/v2/ 		14 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=2aed5ae2-5875-450b-9e5e-34ac932123da
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:20 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
map
bcp.crwdcntrl.net/6/ 		156 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.22.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-22-13.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
bacf10be287484639ef5ecf34abfb3bebeb79dcdba797a5339d59428d2ff14be

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
x-server
10.40.40.173
access-control-allow-credentials
true
content-length
156
expires
0
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=340247040194248&ev=Microdata&dl=https%3A%2F%2Fwww.shefinds.com%2F&rl=&if=false&ts=1693793840711&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Women%E2%80%99s%20Fashion%2C%20Beauty%20%26%20Lifestyle%20%E2%80%93%20SHEfinds%22%2C%22meta%3Adescription%22%3A%22We%20help%20busy%20women%20find%20the%20things%20they%20need%20to%20enjoy%20their%20life.%22%2C%22meta%3Akeywords%22%3A%22lifestyle%2Cshop%2Cskinnyfit%2Csponsored-2%2Csupplements%2Cvitamins%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Women%E2%80%99s%20Fashion%2C%20Beauty%20%26%20Lifestyle%20%E2%80%93%20SHEfinds%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fshefinds.com%22%2C%22og%3Adescription%22%3A%22We%20help%20busy%20women%20find%20the%20things%20they%20need%20to%20enjoy%20their%20life%2C%20from%20sales%20and%20deals%20to%20shopping%20tips%2C%20beauty%20reviews%2C%20life%20hacks%20and%20health%20advice.%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Asite_name%22%3A%22SheFinds%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.shefinds.com%2Ffiles%2F2023%2F08%2FSF_Affiliate_She-Finds_Labor-Day-Sale.jpg%22%2C%22og%3Alocale%22%3A%22en_US%22%2C%22article%3Apublished_time%22%3A%222023-09-01T09%3A00%3A18-04%3A00%22%2C%22article%3Aauthor%22%3A%22victoria%20garcia%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22SHEfinds%22%2C%22url%22%3A%22https%3A%2F%2Fwww.shefinds.com%22%7D%5D&sw=1600&sh=1200&v=2.9.125&r=stable&ec=2&o=30&fbp=fb.1.1693793839435.1043375870&it=1693793839304&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 04 Sep 2023 02:17:20 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
iu3
s.amazon-adsystem.com/ Frame E687 		426 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
617b56ef335b0df162839e835c45e260ee2b129984b49f4198e3826d59ff0075
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
426
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 04 Sep 2023 02:17:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
C945GPPX67T4WDSKFQZX
458
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/458?_it=amazon
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd86068daf47b13260c5f4ff5bab4ef24d84c6f8b2ef09dce47993196e396e2c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:20 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Sep 2023 02:13:21 GMT
server
cloudflare
age
239
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
8012bc51cd5eb3c1-MIA
usermatchredir
ssum-sec.casalemedia.com/ Frame AFDA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKLiUwK6vRw2Fl8PBNwdgc0&google_cver=1
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKLiUwK6vRw2Fl8PBNwdgc0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=1---&C=1
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKLiUwK6vRw2Fl8PBNwdgc0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame AFDA 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1---&gdpr=&gdpr_consent=&id=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=1---&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GFKGJZZ2YAQE5RCWEEH7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame AFDA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?us_privacy=1---&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZPU.MAL8NXL8cEAE-8TFkQAA
  • https://cm.g.doubleclick.net/pixel?us_privacy=1---&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZPU.MAL8NXL8cEAE-8TFkQAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJqsDOAkWf1HZ96lu-Qs8CU&google_cver=1&google_hm=2
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJqsDOAkWf1HZ96lu-Qs8CU&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=1---&C=1
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJqsDOAkWf1HZ96lu-Qs8CU&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AFDA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale?us_privacy=1---
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7928e066-76a9-463e-af89-7ce88bea635d&expiration=1696385840&gdpr=0&gdpr_consent=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7928e066-76a9-463e-af89-7ce88bea635d&expiration=1696385840&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=1---&C=1
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7928e066-76a9-463e-af89-7ce88bea635d&expiration=1696385840&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum.casalemedia.com/ Frame AFDA
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e&us_privacy=1---
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b56d40b5-7773-1242-2f6aa0d4
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b56d40b5-7773-1242-2f6aa0d4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=1---&C=1
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:17:20 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b56d40b5-7773-1242-2f6aa0d4
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
user-registering
ads.stickyadstv.com/ Frame AFDA 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=1---&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.98.139.150 Chicago, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693793841013077-629
rum
dsum-sec.casalemedia.com/ Frame AFDA
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&us_privacy=1---
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=wh2QmcdMxZzZGsCVkhHbzcYRlJXZT5PNxU2SXYpG
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=wh2QmcdMxZzZGsCVkhHbzcYRlJXZT5PNxU2SXYpG
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=1---&C=1
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=wh2QmcdMxZzZGsCVkhHbzcYRlJXZT5PNxU2SXYpG
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame AFDA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29&us_privacy=1---
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3547929380008100760&expiration=1695003441
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3547929380008100760&expiration=1695003441
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=1---&C=1
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3547929380008100760&expiration=1695003441
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
setuid
prebid-server.rubiconproject.com/ Frame AFDA 		0
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?gpp=&gpp_sid=&gpp=&gpp_sid=&bidder=ix&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=ZPU.MAL8NXL8cEAE-8TFkQAA%26938
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=1---&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-aa04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 02:17:21 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:246d:ee00:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
null
Date
Sun, 03 Sep 2023 09:10:39 GMT
Via
1.1 f007258ce231469b540a52bf4714369a.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PIT50-P2
Age
61603
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
8moYP5w8ZwMLY8Dr8CsDx3F1Ci2y0J9gt8D-2EDvc4SWSwe0qivU6Q==
ads
securepubads.g.doubleclick.net/gampad/ 		334 KB
74 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1810965812199201&correlator=657112879144345&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=8352%3A1017293%2Ca.shefinds%2Cfashion&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x90%2C728x90%2C300x250%7C300x600%2C1x1&ifi=1&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1693793840972&lmt=1693827032&adxs=441%2C-12245933%2C962%2C0&adys=1654%2C-12245933%2C2381%2C6293&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C-1%7C2%7C3&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.shefinds.com%2F&vis=1&psz=960x250%7C1600x-1%7C336x600%7C1600x1200&msz=970x250%7C0x-1%7C336x600%7C1600x0&fws=0%2C640%2C512%2C0&ohw=0%2C0%2C0%2C0&ga_vid=1910143410.1693793839&ga_sid=1693793841&ga_hid=258654665&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YyN7r76UxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMje6--lMUgAUgIIZA..&dlt=1693793838472&idt=1874&ppid=df2469eb-d7dd-4959-a9af-da995344024c&prev_scp=divid%3Dskm-ad-flexbanner%26st%3Dflxban%26inview%3Dfalse%26loc%3D3%26impuuid%3D3c0b96ad-4457-4003-87dd-a17c02305757%26inst%3D1%26stinst%3D1%26optimera%3DZ%2CY.YY%26id%3D2cf79975-4ac9-11ee-bef5-0ac9557753d3%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40%26amzniid%3D%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26boom_cpm%3D0.09%26boom_winner%3Donemobile%26boom_size%3D728x90%7Cdivid%3Dskm-ad-frame2%26st%3Dframe2%26inview%3Dtrue%26close_control%3Denabled%26loc%3Dsticky%26impuuid%3D3fb27712-35ee-40e5-ad79-4390fe227434%26inst%3Ds1%26stinst%3Ds1%26optimera%3DZ%2C0.30%26id%3D2cf79976-4ac9-11ee-bef5-0ac9557753d3%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40%26amzniid%3DJAM_cW8zA9bGFtgjiLVxmjkAAAGKXfrulQEAAAxZAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICBtnGrq%26amznp%3D8iyubk%26amznsz%3D728x90%26amznbid%3Do7bwg0%26boom_cpm%3D0.09%26boom_winner%3Donemobile%26boom_size%3D728x90%7Cdivid%3Dskm-ad-flexrec-1%26st%3Dflxrec%26inview%3Dfalse%26loc%3D4%26impuuid%3D8c1b31ce-430d-4229-9622-f7106767b482%26inst%3D2%26stinst%3D1%26optimera%3DZ%2C0.26%26id%3D2cf79977-4ac9-11ee-bef5-0ac9557753d3%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40%26amzniid%3D%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26boom_cpm%3D0.09%26boom_winner%3Donemobile%26boom_size%3D300x250%7Coop%3Dcontent-belt-2%26divid%3Dskm-ad-outstream-test%26st%3Dinlineoop%26inview%3Dtrue%26loc%3D8%26impuuid%3D31de8552-016c-4a54-8ede-680a1616eba9%26inst%3D3%26stinst%3D1%26optimera%3DNULL%26id%3D2cf79978-4ac9-11ee-bef5-0ac9557753d3%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40&cust_params=permutive%3D%26puid%3De463507a-8e46-46e3-900a-c55cf86d3648%26ptime%3D1693793840355%26prmtvsdk%3Dweb%26pvuuid%3Df7b45e1c-6f9f-4680-aa2b-17488febc95b%26addir%3Dbh%252F41%252F412%252F412983%252F2498530%26site%3Dshefinds%26domain%3Dshefinds.com%26urlhash%3D177546%26ci%3Dfront%26plat%3Ddesk%26pt%3D-%26schainv10%3D1.0%252C1!pmc.com%252C1179161%252C1%252C%252C%252C%26browser%3DChrome%26pageview%3D1%26refresh%3Dn%26admants%3DS_11586%252CS_12972%252CS_12973%252CS_4282%252CS_4283%252CS_4289%252CS_4305%252CS_4307%252CS_4700%252CS_6554%252CS_6555%252CS_6651%252CS_6655%252CS_7003%252CS_7075%252CS_8275%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_3005184_PG%252CIAS_3005161_PG%252CIAS_3005111_PG%252CIAS_3008366_PG%252CIAS_3007987_PG%252CIAS_3005069_PG%252CIAS_3006637_PG%252CIAS_3005151_PG%252CIAS_3005175_PG%252CIAS_3008596_PG%252CIAS_3005146_PG%252CIAS_1508023_PG%26fr%3Dtrue%26batch%3D1%26boom_session%3D74313c62fa7876&adks=1148552461%2C2658108955%2C4254832949%2C3131419738&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5f56205efa5856e2a0ccdd5b0f989f7f12a45daf61347d5238be6ed0e2fc39e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75776
x-xss-protection
0
google-lineitem-id
-1,5064405287,-1,5075857870
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138308429211,-1,138338077981
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DD4F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:17:21 GMT
expires
Tue, 03 Sep 2024 02:17:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
458
p.ad.gt/api/v1/p/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/458
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/458?_it=amazon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
377e9d224c6589e935c30e4452bbf7b6fb63dcb3f6ef11b6aeaa60a13880be08

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Sep 2023 02:14:54 GMT
server
cloudflare
age
147
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8012bc52d8f1daa3-MIA
halo_match
ids.ad.gt/api/v1/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&halo_id=060kihgfc676faj6hbef6ekceadlebk8k98yusqoj021oew0sgmo0myimek0mgy4y
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&adnxs_id=$UID&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001693793841-FI5KD5ET-NTNO%26adnxs_id%3D%24UID%26gdpr%3D0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&adnxs_id=4011881537103642354&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&adnxs_id=4011881537103642354&gdpr=0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
an-x-request-uuid
b6a5a33b-61fd-4a39-bcc3-ec6a8d9427e1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&adnxs_id=4011881537103642354&gdpr=0
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001693793841-FI5KD5ET-NTNO&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=7928e066-76a9-463e-af89-7ce88bea635d&id=AU1D-0100-001693793841-FI5KD5ET-NTNO
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=7928e066-76a9-463e-af89-7ce88bea635d&id=AU1D-0100-001693793841-FI5KD5ET-NTNO
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ids.ad.gt/api/v1/t_match?tdid=7928e066-76a9-463e-af89-7ce88bea635d&id=AU1D-0100-001693793841-FI5KD5ET-NTNO
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001693793841-FI5KD5ET-NTNO
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001693793841-FI5KD5ET-NTNO
  • https://ids.ad.gt/api/v1/pbm_match?pbm=546B0175-D6AA-46B9-A0AD-C2A930BF5276&id=AU1D-0100-001693793841-FI5KD5ET-NTNO
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=546B0175-D6AA-46B9-A0AD-C2A930BF5276&id=AU1D-0100-001693793841-FI5KD5ET-NTNO
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=546B0175-D6AA-46B9-A0AD-C2A930BF5276&id=AU1D-0100-001693793841-FI5KD5ET-NTNO
date
Mon, 04 Sep 2023 02:17:20 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rub_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001693793841-FI5KD5ET-NTNO&gdpr=0
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&rub=LM494BTJ-1P-8OPA&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&rub=LM494BTJ-1P-8OPA&gdpr=0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

Location
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&rub=LM494BTJ-1P-8OPA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1df09169f58a071f2a391dff1b3307b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tapad_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001693793841-FI5KD5ET-NTNO&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001693793841...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001693793841-FI5KD5ET-NTNO&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001693...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7928e066-76a9-463e-af89-7ce88bea635d&ttd_puid=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&tapad_id=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&tapad_id=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&tapad_id=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001693793841-FI5KD5ET-NTNO
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001693793841-FI5KD5ET-NTNO&google_tc=
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&google_gid=CAESELLoPY9fw-eN3etguzwUmVc&google_cver=1&google_ula=450542624,0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&google_gid=CAESELLoPY9fw-eN3etguzwUmVc&google_cver=1&google_ula=450542624,0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&google_gid=CAESELLoPY9fw-eN3etguzwUmVc&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g_hosted
ids.ad.gt/api/v1/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001693793841-FI5KD5ET-NTNO
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
getuid
sync.smartadserver.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001693793841-FI5KD5ET-NTNO%26sas_uid%3D%5bsas_uid%5d&gdpr=0
  • https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&sas_uid=[sas_uid]&gdpr=0&cklb=1
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&sas_uid=[sas_uid]&gdpr=0&cklb=1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Server
216.22.16.8 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&sas_uid=[sas_uid]&gdpr=0&cklb=1
pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
amo_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001693793841-FI5KD5ET-NTNO
  • https://ids.ad.gt/api/v1/amo_match?turn_id=8528246354618352674&id=AU1D-0100-001693793841-FI5KD5ET-NTNO
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/amo_match?turn_id=8528246354618352674&id=AU1D-0100-001693793841-FI5KD5ET-NTNO
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

location
https://ids.ad.gt/api/v1/amo_match?turn_id=8528246354618352674&id=AU1D-0100-001693793841-FI5KD5ET-NTNO
pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
son_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&uid=[UID]&gdpr=0
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&uid=6275276a-1c31-4f7d-a3ea-7cf382941856&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&uid=6275276a-1c31-4f7d-a3ea-7cf382941856&gdpr=0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-192
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&uid=6275276a-1c31-4f7d-a3ea-7cf382941856&gdpr=0
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
v2
id5-sync.com/gm/ 		635 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
16c36663f97514a647d59389aac6d982fef302ff56d4d1ea9df1bda9440909f1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
pr
s.amazon-adsystem.com/v3/ Frame C8FC 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
5fc4be89c520fa1ff537e90cd96b13dcca942a99f71c0c82fdaac28019dd9d11
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
5611
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 04 Sep 2023 02:17:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
1CZRVXN82S09H191DWFT
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:21:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
3367
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 04 Sep 2023 02:21:14 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:03:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
833
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 04 Sep 2023 03:03:28 GMT
collect
a.ad.gt/api/v1/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
cf-ray
8012bc538a29030a-MIA
getpixels
pixels.ad.gt/api/v1/ 		0
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=d94938ac49dd7484ea18491fd211d7e8&url=https%3A%2F%2Fwww.shefinds.com%2F&code=%27none%27
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012bc53db21336a-MIA
content-type
text/html; charset=utf-8
sync
ads.yieldmo.com/v000/ Frame C8FC
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1693793841383
  • https://ad.turn.com/r/cs?pid=45&rndcb=2435467036
  • https://sync.1rx.io/usersync/turn/7671167391070426394?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-a8ae4ae0-6744-40a6-89da-320e02e0e33f-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-a8ae4ae0-6744-40a6-89da-320e02e0e3...
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-a8ae4ae0-6744-40a6-89da-320e02e0e33f-005
43 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-a8ae4ae0-6744-40a6-89da-320e02e0e33f-005
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
34.197.26.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-26-74.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:22 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Location
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-a8ae4ae0-6744-40a6-89da-320e02e0e33f-005
Date
Mon, 04 Sep 2023 02:17:21 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RXa8ae4ae0674440a689da320e02e0e33f005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
ecm3
s.amazon-adsystem.com/ Frame C8FC
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3367954411524422000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3367954411524422000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
A79DSMN6FHXM2772SZMF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3367954411524422000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Mon, 04 Sep 2023 02:17:21 GMT
ecm3
s.amazon-adsystem.com/ Frame C8FC
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=818970230e
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=818970230e
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1DNVGMDWV5YA53QMZV9X
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 04 Sep 2023 02:17:02 GMT
via
1.1 957a0e737a088bdc07cb5cc9dcc9e826.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
age
19
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=818970230e
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
hrAYe80Q7VeWjBmN_bA62oRi1958KXxcfJ7sTxM-tFlWR-bTKnyqpQ==
/
onetag-sys.com/match/ Frame C8FC 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame C8FC
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=141417E546E040B6AD3962250CFD9CC1&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=141417E546E040B6AD3962250CFD9CC1&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NBW37FARV63WF4WDK6TS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=141417E546E040B6AD3962250CFD9CC1&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 03 Sep 2023 02:17:21 GMT
amzns2s
rtb.gumgum.com/usync/ Frame A00E 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.203.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-203-164.compute-1.amazonaws.com
Software
nginx /
Resource Hash
30be9e5b31be3e8d8511202f60a2f6114125e1e1f5df605f06ddb2c0f2ede699

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 04 Sep 2023 02:17:21 GMT
etag
W/"015893c506bc69b23f012906199e7a2fa"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame E6EF 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
5d6d6e361ea298783bf73674c04fc4031157940eec9e8033e784810dcd310327

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1650
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:17:21 GMT
Expires
0
Keep-Alive
timeout=1, max=497
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
sync-iframe
cs-tam.minutemedia-prebid.com/ Frame 8E9F 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:3600:17:c484:6380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
857232916c342d27e46f6f6ef2c5094ebbec6f78ea57f416a803557cecf360be

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cs-tam.minutemedia-prebid.com
content-type
text/html
date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
via
1.1 f2d96237236476e7356cfe5344feb776.cloudfront.net (CloudFront)
x-amz-cf-id
l2erKbZnjbBRUfS962iQOSOlthnn5Dy5U1h03v54MxCwgq1j5t1y2g==
x-amz-cf-pop
JFK50-P8
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
3
syncb
sync.bfmio.com/ Frame BEC1 		955 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/syncb?pid=137
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.99.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-99-201.compute-1.amazonaws.com
Software
/
Resource Hash
0622a6091ea7ba42d0c58b9c704410c1eab10052e8c818e2e62a6cedeb00fe67

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
955
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:17:21 GMT
e1edfb9aa2a9066a203a7fce17c3a388.gif
cs.admanmedia.com/ Frame 99F2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/e1edfb9aa2a9066a203a7fce17c3a388.gif?puid=[UID]&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dacuity.com%26id%3D%5BUID%5D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
cm
u.openx.net/w/1.0/ Frame DDE4
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
693 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
bc9fc5baf2288fa612673bdbb57268f705d5e3d2dedb0509089e6858fc10b136

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
398
content-type
text/html
date
Mon, 04 Sep 2023 02:17:21 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 04 Sep 2023 02:17:21 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame D796
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1869577055167662355&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1869577055167662355&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
34CD35J1GC2C4BEYN8EE

Redirect headers

content-length
0
date
Mon, 04 Sep 2023 02:17:20 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1869577055167662355&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 73E1
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=5f5dbf9f869d04a9&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAACeGicS2fGjQN2YiKtAAAAAAA&expiration=1693880241&is_secure=true
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAACeGicS2fGjQN2YiKtAAAAAAA&expiration=1693880241&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
9JX1JS5ZGSN6BBAPSCYT

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Mon, 04 Sep 2023 02:17:21 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAACeGicS2fGjQN2YiKtAAAAAAA&expiration=1693880241&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
usersync.html
cdn.undertone.com/js/ Frame F05C 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:ee00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
68109
content-encoding
gzip
content-type
text/html
date
Sun, 03 Sep 2023 07:22:13 GMT
etag
W/"9f69f355a69e650f4a86354e76e60d40"
last-modified
Tue, 18 Jul 2023 10:31:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
x-amz-cf-id
X608nnF4s_zk1XQjqfZqzIsaWezasI3QNpNHssKcvSisFKN3Ed9KWA==
x-amz-cf-pop
JFK50-P6
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
5cDzvCPt5iTw_HTWM8q.kHMVnUk7Smec
x-cache
Hit from cloudfront
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8F0F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.25.11 Dallas, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-25-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=102122
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:17:21 GMT
expires
Tue, 05 Sep 2023 06:39:23 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame 87F4 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.45.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-45-118.compute-1.amazonaws.com
Software
/
Resource Hash
94085fa1f31e00d176236ebadfa2858f58fd104fbb32aa43e252347511c47641

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Mon, 04 Sep 2023 02:17:21 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame D89D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:17:21 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame FE86
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
828 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
aee504b4792486b45560f2797f6dca35dd3ccde72ab406bcf564766b07fb4bd9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
content-length
828
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-cdb79dd64-xr7bc
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
cw-server
bh-deployment-cdb79dd64-xr7bc
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame AA26
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1oWUVranJCRTJ1SmZraVJYUm9Cb05mb3dOVFB3U1hwSH5B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1oWUVranJCRTJ1SmZraVJYUm9Cb05mb3dOVFB3U1hwSH5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
8XWCZ4B86QN2C94K8ZNC

Redirect headers

age
0
content-length
0
date
Mon, 04 Sep 2023 02:17:21 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1oWUVranJCRTJ1SmZraVJYUm9Cb05mb3dOVFB3U1hwSH5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.75
strict-transport-security
max-age=31536000
ecm3
s.amazon-adsystem.com/ Frame 4BB6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=4011881537103642354&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=4011881537103642354&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
71WWHNPQ6PJ220CV61NG

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
11a59213-2275-4e65-a616-82fd27cae579
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:17:21 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=4011881537103642354&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
amazon
ce.lijit.com/beacon/ Frame AB25
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
2e00b4f33ea4732cd0544a947768442d96c23d6cad0d20b26a0c3d7c7359d845

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
498
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:17:21 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap1ewr1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 259D 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
f2aecf20364a85727f8f54a277dd85b07da86dfe3e138fd8474181acf2a10c35

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cs-server-s2s.yellowblue.io
content-type
text/html
date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
x-envoy-upstream-service-time
4
ecm3
s.amazon-adsystem.com/ Frame F01C
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3934349205523529802736
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3934349205523529802736
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
MWXZ1CH5W4JWYXY57JF2

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 04 Sep 2023 02:17:21 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3934349205523529802736
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
syncframe
gum.criteo.com/ Frame 41FB 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.shefinds.com&us_privacy=1---
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:17:21 GMT
server
Kestrel
server-processing-duration-in-ticks
294133
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usermatchredir
ssum-sec.casalemedia.com/ Frame E6EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E6EF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZPU.MAL8NXL8cEAE-8TFkQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJqsDOAkWf1HZ96lu-Qs8CU&google_cver=1&google_hm=2
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJqsDOAkWf1HZ96lu-Qs8CU&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJqsDOAkWf1HZ96lu-Qs8CU&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame E6EF 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z3Z8Z6M099EXQD5NBY4N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E6EF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7928e066-76a9-463e-af89-7ce88bea635d&expiration=1696385841&gdpr=0&gdpr_consent=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7928e066-76a9-463e-af89-7ce88bea635d&expiration=1696385841&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7928e066-76a9-463e-af89-7ce88bea635d&expiration=1696385841&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame E6EF
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C0079F51A67C45978E5DF77E05DE4DD6
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C0079F51A67C45978E5DF77E05DE4DD6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C0079F51A67C45978E5DF77E05DE4DD6
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 03 Sep 2023 02:17:21 GMT
rum
dsum.casalemedia.com/ Frame E6EF
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=3516034f14b304a9&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAACqLm9CWEgvgNvBoZ3AAAAAAA&expiration=1693880241&is_secure=true
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAACqLm9CWEgvgNvBoZ3AAAAAAA&expiration=1693880241&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAACqLm9CWEgvgNvBoZ3AAAAAAA&expiration=1693880241&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame E6EF
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=38aa4246-e467-4cc5-9f7c-952976286688&expiration=1725416241
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=38aa4246-e467-4cc5-9f7c-952976286688&expiration=1725416241
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=38aa4246-e467-4cc5-9f7c-952976286688&expiration=1725416241
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame E6EF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7671167391070426394
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7671167391070426394
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7671167391070426394
pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame E6EF 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FW0JSYJRR0NB97EH72YF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pbs.gif
sync.colossusssp.com/ 		0
0
ecm3
s.amazon-adsystem.com/ Frame DDE4 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=a43cfe94-5c60-8b68-8f40-ebed2888e460
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J7WYXH8RSXQEF9DZDJKB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
682de4ad-d066-a2db-7e99-7f8fbfece2c9
pr-bh.ybp.yahoo.com/sync/openx/ Frame DDE4 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/682de4ad-d066-a2db-7e99-7f8fbfece2c9?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:92c5:57a0:36d6:5a53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame DDE4 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=a43cfe94-5c60-8b68-8f40-ebed2888e460
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4V4R1DMZXNW2JC4EX4GD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DDE4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=fcea82e9-40ca-3092-4f4e-697a40bb2f80&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=7928e066-76a9-463e-af89-7ce88bea635d&ttd_puid=fcea82e9-40ca-3092-4f4e-697a40bb2f80&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=7928e066-76a9-463e-af89-7ce88bea635d&ttd_puid=fcea82e9-40ca-3092-4f4e-697a40bb2f80&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=7928e066-76a9-463e-af89-7ce88bea635d&ttd_puid=fcea82e9-40ca-3092-4f4e-697a40bb2f80&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame DDE4 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDA4NTUxMjMtODliZC02ZTM2LTVhYWUtMzNjMzhhNTllMWUw
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DDE4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOxrBZt74oeY9DAT_YDu4EM&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOxrBZt74oeY9DAT_YDu4EM&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOxrBZt74oeY9DAT_YDu4EM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame A00E
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=4011881537103642354
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=4011881537103642354
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
an-x-request-uuid
bc8478da-a3e5-4da1-8ae4-e64fc4079b0d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=4011881537103642354
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame A00E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=&gdpr_consent=&us_privacy=
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=3a2d6f47-f20d-4033-9be9-629d68a3e87f&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=gumgum2&user_id=Vzv7yYIb7id9re8oU3B80
  • https://usersync.gumgum.com/usersync?b=bsw&i=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:22 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 04 Sep 2023 02:17:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame A00E
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28313dKssAclANv5-C39Ri45BIkcR5gONliu0IIbpnFmFVHTR6tgolVWMPlmgOPMeO%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&obuid=ENC(313dKssAclANv5-C39Ri45BIkcR5gONliu0IIbpnFmFVHTR6tgolVWMPlmgOPMeO)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3D313dKssAclANv5-C39Ri4...
  • https://sync.outbrain.com/cookie-sync?p=criteo&uid=6b3993bb-7262-427d-8897-2ad913a7b869&obUid=313dKssAclANv5-C39Ri45BIkcR5gONliu0IIbpnFmFVHTR6tgolVWMPlmgOPMeO&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSN...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=6b3993bb-7262-427d-8897-2ad913a7b869&obUid=313dKssAclANv5-C39Ri45BIkcR5gONliu0IIbpnFmFVHTR6tgolVWMPlmgOPMeO&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&platformId=GUMGU18H7EL9NI653I7DPEH51&initiator=platform
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:22 GMT
Cache-Control
no-cache
X-TraceId
597aa967d4de77504f917176a503213a
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:22 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync.outbrain.com/cookie-sync?p=criteo&uid=6b3993bb-7262-427d-8897-2ad913a7b869&obUid=313dKssAclANv5-C39Ri45BIkcR5gONliu0IIbpnFmFVHTR6tgolVWMPlmgOPMeO&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&platformId=GUMGU18H7EL9NI653I7DPEH51&initiator=platform
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1439621
content-length
0
expires
Mon, 04 Sep 2023 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame A00E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=0bd72699-68df-08c4-2835-799788eb2ec6
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=0bd72699-68df-08c4-2835-799788eb2ec6
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:17:21 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=0bd72699-68df-08c4-2835-799788eb2ec6
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame A00E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-eb067bed-7771-5702-6904-f1a213a26691$ip$38.132.118.76
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-eb067bed-7771-5702-6904-f1a213a26691$ip$38.132.118.76
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-eb067bed-7771-5702-6904-f1a213a26691$ip$38.132.118.76
Date
Mon, 04 Sep 2023 02:17:21 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame A00E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-q_GnEVZE2pelL9NY_GB_BwR3tHSl_dfnzKS_~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-q_GnEVZE2pelL9NY_GB_BwR3tHSl_dfnzKS_~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-q_GnEVZE2pelL9NY_GB_BwR3tHSl_dfnzKS_~A
content-length
0
usersync
usersync.gumgum.com/ Frame A00E
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=ef64a777-f1cd-43a8-a50e-1af8b0183d5c
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=ef64a777-f1cd-43a8-a50e-1af8b0183d5c
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=ef64a777-f1cd-43a8-a50e-1af8b0183d5c
Date
Mon, 04 Sep 2023 02:17:21 GMT
Connection
keep-alive
X-CI-RTID
3b56b282-113a-4ec7-971d-b74dacd4e3fc
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame A00E 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:20 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame A00E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=pJzQ7WI8Qm9vWQAlMsLp&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVYEU6SRG5LUSOCRNU4XMV2RIFWE242MOA
  • https://usersync.gumgum.com/usersync?b=zem&i=pJzQ7WI8Qm9vWQAlMsLp
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=pJzQ7WI8Qm9vWQAlMsLp
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:22 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=pJzQ7WI8Qm9vWQAlMsLp
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame A00E
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=d28fcfe5-3705-4821-8ffc-49f439ce1b44
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=d28fcfe5-3705-4821-8ffc-49f439ce1b44
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=d28fcfe5-3705-4821-8ffc-49f439ce1b44
access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:21 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame A00E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=Fp0YLgfWeIDa&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=Fp0YLgfWeIDa&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://usersync.gumgum.com/usersync?b=pln&i=Fp0YLgfWeIDa&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-5zghb
expires
-1
usersync
usersync.gumgum.com/ Frame A00E
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1869577055167662355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1869577055167662355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1869577055167662355
date
Mon, 04 Sep 2023 02:17:21 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame A00E 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_5acc3aaa-1709-48bc-996d-7993392c2d49
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KXQV9AN8KTZM6THDXR4K
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 9FD6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZPU_MQAAAyPauwA4
  • https://usersync.gumgum.com/usersync?b=atm&i=ZPU_MQAAAyPauwA4&gdpr=&gdpr_consent=&_test=ZPU_MQAAAyPauwA4
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZPU_MQAAAyPauwA4&gdpr=&gdpr_consent=&_test=ZPU_MQAAAyPauwA4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:21 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 04 Sep 2023 02:17:21 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZPU_MQAAAyPauwA4&gdpr=&gdpr_consent=&_test=ZPU_MQAAAyPauwA4
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mia-kmia1760091-MIA
x-timer
S1693793841.460845,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 374E 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV81YWNjM2FhYS0xNzA5LTQ4YmMtOTk2ZC03OTkzMzkyYzJkNDk=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:17:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A4F4 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.25.11 Dallas, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-25-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=102122
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:17:21 GMT
expires
Tue, 05 Sep 2023 06:39:23 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 54AB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=7928e066-76a9-463e-af89-7ce88bea635d
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=7928e066-76a9-463e-af89-7ce88bea635d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:21 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Mon, 04 Sep 2023 02:17:21 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=7928e066-76a9-463e-af89-7ce88bea635d
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 9C90
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZPU.McCo5uYAAFGFxvUAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZPU.McCo5uYAAFGFxvUAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:21 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 04 Sep 2023 02:17:21 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZPU.McCo5uYAAFGFxvUAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40105.dc2p.scaleout.jp
X-SO-IP
38.132.118.76
X-SO-Key
ZPU.McCo5uYAAFGFxvUAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"38.132.118.76","key":"ZPU.McCo5uYAAFGFxvUAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40105"}
X-SO-LB-Hostname
a-tgng40015.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40105
gumgum
cs.admanmedia.com/sync/ Frame 88F3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
ecm3
s.amazon-adsystem.com/ Frame 87F4 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=3Rc7eqqnn7qDpk7WJcMz
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VZ4J3805DP1EY4NASVWR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 87F4
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTQ2QjAxNzUtRDZBQS00NkI5LUEwQUQtQzJBOTMwQkY1Mjc2&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VHBn9dRE2uWExNUgvLatIWJKUoocc0M-~A&gdpr=0
0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VHBn9dRE2uWExNUgvLatIWJKUoocc0M-~A&gdpr=0
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 21:08:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VHBn9dRE2uWExNUgvLatIWJKUoocc0M-~A&gdpr=0
date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cs
cs.yellowblue.io/ Frame 87F4
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1693793841458
  • https://ad.turn.com/r/cs?pid=45&rndcb=4023070349
  • https://sync.1rx.io/usersync/turn/7671167391070426394?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
0
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11599&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:22 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://sync-amz.ads.yieldmo.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs.yellowblue.io/cs?aid=11599&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
Date
Mon, 04 Sep 2023 02:17:21 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX3559f5de46114ec6ac6ccf2f5ef1bc6c005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
sync
ads.yieldmo.com/v000/ Frame 87F4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=4011881537103642354&pn_id=an
43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=4011881537103642354&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
34.197.26.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-26-74.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
an-x-request-uuid
ea939544-d8c9-483d-8f85-203abd3467c9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.yieldmo.com/v000/sync?userid=4011881537103642354&pn_id=an
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 87F4 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=M1JjN2VxcW5uN3FEcGs3V0pjTXo=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 87F4
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3Rc7eqqnn7qDpk7WJcMz
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=4011881537103642354&pt=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=4011881537103642354&pt=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec%2C%2C
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
an-x-request-uuid
b547a86e-3343-4db3-a5fa-694bfdd5cc0d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=4011881537103642354&pt=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec%2C%2C
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 4D6A
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=qa45XtQKCxwmfyBqSHIl&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=qa45XtQKCxwmfyBqSHIl&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:21 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 04 Sep 2023 02:17:21 GMT Mon, 04 Sep 2023 02:17:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=qa45XtQKCxwmfyBqSHIl&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame ED94
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:17:21 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:17:21 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
cs
cs-server-s2s.yellowblue.io/ Frame 259D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=4011881537103642354&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=4011881537103642354&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
an-x-request-uuid
05509145-593c-482c-98a0-f243d57646f4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=4011881537103642354&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 259D
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=14ea9e7f-9725-0dd7-0409-35e86112fbc3
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=14ea9e7f-9725-0dd7-0409-35e86112fbc3
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Mon, 04 Sep 2023 02:17:21 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=14ea9e7f-9725-0dd7-0409-35e86112fbc3
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 259D
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=6275276a-1c31-4f7d-a3ea-7cf382941856
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=6275276a-1c31-4f7d-a3ea-7cf382941856
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-192
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=6275276a-1c31-4f7d-a3ea-7cf382941856
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 259D
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=e8def573-4079-4fed-a230-54596150311f
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=e8def573-4079-4fed-a230-54596150311f
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=e8def573-4079-4fed-a230-54596150311f
Date
Mon, 04 Sep 2023 02:17:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs.yellowblue.io/ Frame 259D
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11600&id=1869577055167662355&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11600&id=1869577055167662355&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11600&id=1869577055167662355&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:17:20 GMT
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 259D
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3Rc7eqqnn7qDpk7WJcMz&gdpr=0&gdpr_consent=&us_privacy=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3Rc7eqqnn7qDpk7WJcMz&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3Rc7eqqnn7qDpk7WJcMz&gdpr=0&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 259D
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212259677762089
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212259677762089
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
referrer-policy
unsafe-url
server
33XP010
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212259677762089
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
RX-a8ae4ae0-6744-40a6-89da-320e02e0e33f-005
sync.targeting.unrulymedia.com/csync/ Frame 259D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings&zcc=1&cb=1693793841480
  • https://ad.turn.com/r/cs?pid=45&rndcb=802866287
  • https://sync.1rx.io/usersync/turn/7671167391070426394?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-a8ae4ae0-6744-40a6-89da-320e02e0e33f-005
43 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-a8ae4ae0-6744-40a6-89da-320e02e0e33f-005
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:21 GMT
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-a8ae4ae0-6744-40a6-89da-320e02e0e33f-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
cksync.php
contextual.media.net/ Frame 259D 		53 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.120.23 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-120-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 04 Sep 2023 02:17:21 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Mon, 04 Sep 2023 02:17:21 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 259D
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11575%26uid%3D%5BUSER_ID%5D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11575&uid=325EFEFEE69D4CC091A3A44A64B0FD63
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11575&uid=325EFEFEE69D4CC091A3A44A64B0FD63
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
13
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Mon, 04 Sep 2023 02:17:21 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain; charset=utf-8
location
https://cs-server-s2s.yellowblue.io/cs?aid=11575&uid=325EFEFEE69D4CC091A3A44A64B0FD63
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
x-varnish
364508904
access-control-allow-credentials
true
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame 259D
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTQ2QjAxNzUtRDZBQS00NkI5LUEwQUQtQzJBOTMwQkY1Mjc2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VHBn9dRE2uWExNUgvLatIWJKUoocc0M-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VHBn9dRE2uWExNUgvLatIWJKUoocc0M-~A&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 21:07:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VHBn9dRE2uWExNUgvLatIWJKUoocc0M-~A&gdpr=0
date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cs
cs-server-s2s.yellowblue.io/ Frame 259D
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=zgn5cAUresle&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=zgn5cAUresle&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=zgn5cAUresle&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-xr7bc
expires
-1
RX-a8ae4ae0-6744-40a6-89da-320e02e0e33f-005
sync.targeting.unrulymedia.com/csync/ Frame 259D
Redirect Chain
  • https://sync.1rx.io/usersync2/rise?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rise?zcc=1&redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3D%5BRX_UUID%5D&cb=1693793841494
  • https://ad.turn.com/r/cs?pid=45&rndcb=2366306222
  • https://sync.1rx.io/usersync/turn/7671167391070426394?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-a8ae4ae0-6744-40a6-89da-320e02e0e33f-005
43 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-a8ae4ae0-6744-40a6-89da-320e02e0e33f-005
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:21 GMT
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-a8ae4ae0-6744-40a6-89da-320e02e0e33f-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
cs
cs.yellowblue.io/ Frame 259D
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=10cc90a5543d40bf1773b37f7cb6655&gdpr_consent=&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=10cc90a5543d40bf1773b37f7cb6655&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=10cc90a5543d40bf1773b37f7cb6655&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693793841515061-456
cs
cs-server-s2s.yellowblue.io/ Frame 259D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194590&cb=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11583%26id%3D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11583&id=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11583&id=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cs-server-s2s.yellowblue.io/cs?aid=11583&id=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
/
csync.loopme.me/ Frame 259D 		0
0
cs
cs.yellowblue.io/ Frame 259D
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11587&uid=7fd2fd0a-3037-41ee-a72d-cc602bef1832&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11587&uid=7fd2fd0a-3037-41ee-a72d-cc602bef1832&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:22 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11587&uid=7fd2fd0a-3037-41ee-a72d-cc602bef1832&gdpr=0
date
Mon, 04 Sep 2023 02:17:21 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 259D 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rise.com&id=kDfme2pzCp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HT5QQ15KNFSXE459F746
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
onetag-sys.com/usync/ Frame CF90 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame F48C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:17:21 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:17:21 GMT
location
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame D89D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0d43cf6ee2a94f6120efed2bff5fd431452117ac4fde83201e9916b406266ae7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:21 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:37:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58754
Connection
keep-alive
Content-Length
10123
Expires
Mon, 04 Sep 2023 18:36:35 GMT
cs
cs.minutemedia-prebid.com/ Frame 8E9F
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21483%26id%3D%5BUSER_ID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21483&id=325EFEFEE69D4CC091A3A44A64B0FD63
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21483&id=325EFEFEE69D4CC091A3A44A64B0FD63
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Mon, 04 Sep 2023 02:17:21 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain; charset=utf-8
location
https://cs.minutemedia-prebid.com/cs?aid=21483&id=325EFEFEE69D4CC091A3A44A64B0FD63
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
x-varnish
487065045
access-control-allow-credentials
true
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 8E9F
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=4011881537103642354
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=4011881537103642354
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
an-x-request-uuid
233214f2-829c-4d23-a295-cac83646479c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=4011881537103642354
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 8E9F
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTQ2QjAxNzUtRDZBQS00NkI5LUEwQUQtQzJBOTMwQkY1Mjc2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VHBn9dRE2uWExNUgvLatIWJKUoocc0M-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VHBn9dRE2uWExNUgvLatIWJKUoocc0M-~A&gdpr=0
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 21:08:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VHBn9dRE2uWExNUgvLatIWJKUoocc0M-~A&gdpr=0
date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cs
cs.minutemedia-prebid.com/ Frame 8E9F
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562963&ev=1&us_privacy=[US_PRIVACY]&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID...
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=zgn5cAUresle&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21494&id=zgn5cAUresle&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cs.minutemedia-prebid.com/cs?aid=21494&id=zgn5cAUresle&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-xr7bc
expires
-1
cs
cs.minutemedia-prebid.com/ Frame 8E9F
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER...
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=91b287752595b0928c3fe9c48677b9d0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21502&id=91b287752595b0928c3fe9c48677b9d0
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://cs.minutemedia-prebid.com/cs?aid=21502&id=91b287752595b0928c3fe9c48677b9d0
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame 8E9F
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
  • https://cs.minutemedia-prebid.com/cs?aid=21489&id=d28fcfe5-3705-4821-8ffc-49f439ce1b44
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21489&id=d28fcfe5-3705-4821-8ffc-49f439ce1b44
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21489&id=d28fcfe5-3705-4821-8ffc-49f439ce1b44
access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:21 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
csync.loopme.me/ Frame 8E9F 		0
0
cs
cs.minutemedia-prebid.com/ Frame 8E9F
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia
  • https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-6a35ffea-8057-313e-bfb9-3e646aac53b8
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-6a35ffea-8057-313e-bfb9-3e646aac53b8
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-6a35ffea-8057-313e-bfb9-3e646aac53b8
pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
cache-control
no-store
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame 8E9F
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F38710%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3De04b39a0-b6a4-433d-b5c7-aeb7ac81aed7%26bidder...
  • https://prebid.a-mo.net/cchain/0/38710?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&bidder=appnexus&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2Fp...
  • https://cm.adform.net/cookie?&gdpr=0&gdpr_consent=&us_privacy=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F38710%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A...
  • https://prebid.a-mo.net/cchain/2/38710?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&bidder=adform&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F38710%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_p...
  • https://prebid.a-mo.net/cchain/3/38710?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&bidder=index_rtb&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2F...
  • https://rtb.openx.net/sync/prebid?&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F38710%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3De04...
  • https://prebid.a-mo.net/cchain/4/38710?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&bidder=openx&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F38710%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3De04b39...
  • https://prebid.a-mo.net/cchain/5/38710?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2Fp...
  • https://ap.lijit.com/pixel?&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F7%2F38710%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3De04b39...
  • https://prebid.a-mo.net/cchain/7/38710?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&bidder=sovrn&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0...
  • https://cs.minutemedia-prebid.com/cs?aid=21492&uid=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21492&uid=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&gdpr=0
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21492&uid=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&gdpr=0
date
Mon, 04 Sep 2023 02:17:23 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 8E9F
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=HQzJeBZHuGCrpGR8Q52pzqdh
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21488&id=HQzJeBZHuGCrpGR8Q52pzqdh
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Date
Mon, 04 Sep 2023 02:17:21 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cs.minutemedia-prebid.com/cs?aid=21488&id=HQzJeBZHuGCrpGR8Q52pzqdh
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame 8E9F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZPU.MAL8NXL8cEAE-8TFkQAA%26938
0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZPU.MAL8NXL8cEAE-8TFkQAA%26938
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZPU.MAL8NXL8cEAE-8TFkQAA%26938
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
0
Expires
0
cs
cs.minutemedia-prebid.com/ Frame 8E9F
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1&rts=-6557616649119493033
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=b0231eb4-a9f2-53f7-952d-4f68f1d87159
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21505&id=b0231eb4-a9f2-53f7-952d-4f68f1d87159
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21505&id=b0231eb4-a9f2-53f7-952d-4f68f1d87159
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 8E9F
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21504&uid=6275276a-1c31-4f7d-a3ea-7cf382941856
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21504&uid=6275276a-1c31-4f7d-a3ea-7cf382941856
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-192
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs.minutemedia-prebid.com/cs?aid=21504&uid=6275276a-1c31-4f7d-a3ea-7cf382941856
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 8E9F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dminu...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=2c13604cc4584d1995e49827a64c2897&ssp=minutemedia&bsw_param=e8def573-4079-4fed-a230-54596150311f&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://cs.minutemedia-prebid.com/cs?aid=21490&id=e8def573-4079-4fed-a230-54596150311f
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21490&id=e8def573-4079-4fed-a230-54596150311f
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:22 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
//cs.minutemedia-prebid.com/cs?aid=21490&id=e8def573-4079-4fed-a230-54596150311f
Date
Mon, 04 Sep 2023 02:17:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame 8E9F
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=3Rc7eqqnn7qDpk7WJcMz&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=3Rc7eqqnn7qDpk7WJcMz&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=3Rc7eqqnn7qDpk7WJcMz&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 8E9F
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=65b360ed-3f58-0fc6-37d6-708d00b8a565
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21477&id=65b360ed-3f58-0fc6-37d6-708d00b8a565
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Mon, 04 Sep 2023 02:17:21 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs.minutemedia-prebid.com/cs?aid=21477&id=65b360ed-3f58-0fc6-37d6-708d00b8a565
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 8E9F
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=1869577055167662355&gdpr=0&gdpr_consent=
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21498&id=1869577055167662355&gdpr=0&gdpr_consent=
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21498&id=1869577055167662355&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:17:20 GMT
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 8E9F
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=3934349205523529802736
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21480&id=3934349205523529802736
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21480&id=3934349205523529802736
date
Mon, 04 Sep 2023 02:17:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs
cs.minutemedia-prebid.com/ Frame 8E9F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/minutemedia/?&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21515%26uid%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=pJzQ7WI8Qm9vWQAlMsLp&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3TFZWWS3TVORSW2ZLENFQS24DSMVRGSZBOMNXW2L3D...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3TFZWWS3TVORSW2ZLENFQS24DSMVRGSZBOMNXW2L3DOM7WC2LEHUZDCNJRGUTGK6DDNBQW4Z3FHVWWS3TVORSW2ZLENFQSM5LJMQ6XAST2KE3VOSJYKFWTS5SXKFAWY...
  • https://cs.minutemedia-prebid.com/cs?aid=21515&uid=pJzQ7WI8Qm9vWQAlMsLp
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21515&uid=pJzQ7WI8Qm9vWQAlMsLp
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:23 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:22 GMT
Content-Type
text/html; charset=utf-8
Location
https://cs.minutemedia-prebid.com/cs?aid=21515&uid=pJzQ7WI8Qm9vWQAlMsLp
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
98
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 8E9F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7653242496
  • https://sync.1rx.io/usersync/tradedesk/7928e066-76a9-463e-af89-7ce88bea635d
  • https://sync.targeting.unrulymedia.com/csync/RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3DRX-3559f5de-4611-4ec6-ac6c-cf2f5ef1b...
  • https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:22 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
Date
Mon, 04 Sep 2023 02:17:22 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX3559f5de46114ec6ac6ccf2f5ef1bc6c005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
cs
cs.minutemedia-prebid.com/ Frame 8E9F
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=5006350c-a261-44d7-84dd-dbea8f08b6e4&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21496&id=5006350c-a261-44d7-84dd-dbea8f08b6e4&gdpr=0
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:22 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21496&id=5006350c-a261-44d7-84dd-dbea8f08b6e4&gdpr=0
date
Mon, 04 Sep 2023 02:17:21 GMT
content-length
0
minute_media
cs.admanmedia.com/sync/ Frame 8E9F 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:21 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
cs
cs.minutemedia-prebid.com/ Frame 8E9F
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=minutemedia
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=d3abac0a-72dc-4079-b6bf-3a54511c4e93
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21503&id=d3abac0a-72dc-4079-b6bf-3a54511c4e93
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:22 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
//cs.minutemedia-prebid.com/cs?aid=21503&id=d3abac0a-72dc-4079-b6bf-3a54511c4e93
date
Mon, 04 Sep 2023 02:17:22 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 8E9F
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212259677762089
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212259677762089
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:22 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
referrer-policy
unsafe-url
server
33XP013
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212259677762089
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
ecm3
s.amazon-adsystem.com/ Frame 8E9F 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=minutemedia.com&id=MffyelMzkp_mm
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z9A9P348ZQ1GCGAJHDPB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sid
mug.criteo.com/ Frame 41FB
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=shefinds.com&sn=ChromeSyncframe&so=0&topUrl=www.shefinds.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=JCIetXxaMFF5bVpsVGZiNUk0TzdjTGhwWDR6YUxMRWU5M3dkei9BZ0hHOUpKdkdJeGN0dVlRWVlNTFcxb3NFK3JEV0txS2w4V3l5OHU0NmRaU2JSWnpQSWEwYWpRaVRmM2ZOKzc2N1k4dUlyT2lIdkoyWWtBK04rTE5ZME...
441 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=JCIetXxaMFF5bVpsVGZiNUk0TzdjTGhwWDR6YUxMRWU5M3dkei9BZ0hHOUpKdkdJeGN0dVlRWVlNTFcxb3NFK3JEV0txS2w4V3l5OHU0NmRaU2JSWnpQSWEwYWpRaVRmM2ZOKzc2N1k4dUlyT2lIdkoyWWtBK04rTE5ZME41allCM3V5UkxSNWtNZVdMVEt6R0NVd0JjWkdEVnNZaUxTT1ZqTnF3K25aMkk3MzJzbVIvckI5SUF4WGlONjV4UE0ydlA4ZWRVaUdmdWcrYzlSNkxwdHZrOWNFeXlDei9QSlBhaFB5YWdpdmJvRFhNSU9Lb0Y0Zi9NYXVHSTM5ZzM0Z1ZiYVFMcmpYRmp4Zk04ZjdXellCajA1dEtoUT09fA&cppv=2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f34c35894dbb7cd3dece2a08634f138ff2f201ea2261fbd4bff57e2d5e2a3fc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:20 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2157117
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=JCIetXxaMFF5bVpsVGZiNUk0TzdjTGhwWDR6YUxMRWU5M3dkei9BZ0hHOUpKdkdJeGN0dVlRWVlNTFcxb3NFK3JEV0txS2w4V3l5OHU0NmRaU2JSWnpQSWEwYWpRaVRmM2ZOKzc2N1k4dUlyT2lIdkoyWWtBK04rTE5ZME41allCM3V5UkxSNWtNZVdMVEt6R0NVd0JjWkdEVnNZaUxTT1ZqTnF3K25aMkk3MzJzbVIvckI5SUF4WGlONjV4UE0ydlA4ZWRVaUdmdWcrYzlSNkxwdHZrOWNFeXlDei9QSlBhaFB5YWdpdmJvRFhNSU9Lb0Y0Zi9NYXVHSTM5ZzM0Z1ZiYVFMcmpYRmp4Zk04ZjdXellCajA1dEtoUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
502777
content-length
0
expires
0
usync.html
eus.rubiconproject.com/ Frame 12F2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-tam.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:17:21 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:17:21 GMT
location
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 7558 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-tam.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usermatch
ssum-sec.casalemedia.com/ Frame 9477 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
561225210e63c49c17f08dc4050d77422d0d41b1bbe119132214d3a2ae644731

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1751
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:17:21 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame 91E9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:17:21 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:17:21 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame F05C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=b787e5ce-4065-0cf1-25cb-76bdb7170fd2
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=b787e5ce-4065-0cf1-25cb-76bdb7170fd2
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
H2
Server
18.164.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-50.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
via
1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
avEDlDSVKTX9jpX_XJFfoZpJGicTGOqlZz2cR3Ulz7KB3qfWvYk8Hw==

Redirect headers

date
Mon, 04 Sep 2023 02:17:21 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=b787e5ce-4065-0cf1-25cb-76bdb7170fd2
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame F05C
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-MjJj8ERE2uG26LattTglFSDPccItfil4~A
0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-MjJj8ERE2uG26LattTglFSDPccItfil4~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
H2
Server
18.164.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-50.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
via
1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
IEJYhat_LvwTXloPVTi5kIw8JaUrjjLkzt0gxh23BVS-gYXtUXLtkw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-MjJj8ERE2uG26LattTglFSDPccItfil4~A
date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame F05C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=7928e066-76a9-463e-af89-7ce88bea635d&ttl=1696385841
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=7928e066-76a9-463e-af89-7ce88bea635d&ttl=1696385841
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
H2
Server
18.164.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-50.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:20 GMT
via
1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
zV4AgmPv40rhVbXcymrX-6v_mEnqIKWshHm634nRErsxwj68QRr_eQ==

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=7928e066-76a9-463e-af89-7ce88bea635d&ttl=1696385841
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
249
sync
usr.undertone.com/userPixel/ Frame F05C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM494BTJ-1P-8OPA
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM494BTJ-1P-8OPA
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
H2
Server
18.164.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-50.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
via
1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
OLRfqlyJCTWBJYiWKNJktcVALbIakI5JEHoPK0zqMO_tVvPwhCuvsA==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM494BTJ-1P-8OPA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
Expires
0
SPug
image4.pubmatic.com/AdServer/ Frame F05C
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTQ2QjAxNzUtRDZBQS00NkI5LUEwQUQtQzJBOTMwQkY1Mjc2&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VHBn9dRE2uWExNUgvLatIWJKUoocc0M-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VHBn9dRE2uWExNUgvLatIWJKUoocc0M-~A&gdpr=0
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VHBn9dRE2uWExNUgvLatIWJKUoocc0M-~A&gdpr=0
date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame F05C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerI...
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
H2
Server
18.164.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-50.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
via
1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
41R6VYaKTVk0KpbTrdbf_eLgWI7-qR368cKaWiGJlVLWrRP4mgQc2Q==

Redirect headers

date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame F05C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-70lmELdE2uFYfjk5c.xD9t3xIJYO_ELvJyAImdQ-~A
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-70lmELdE2uFYfjk5c.xD9t3xIJYO_ELvJyAImdQ-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
H2
Server
18.164.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-50.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
via
1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
g_scU2aMoPIhAvSuGVpi_-qlNjyS7Dou1Dmc2WwdtKmOawMgrH8u1A==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-70lmELdE2uFYfjk5c.xD9t3xIJYO_ELvJyAImdQ-~A
date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ecm3
s.amazon-adsystem.com/ Frame F05C 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=4bywjpflk0hcx6zrrym79v937
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
850TCP5FE7TMJHGW7W38
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
t.gif
cw.addthis.com/ Frame F05C 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=46&pdid=492e50f022874344a9db824ccc7e44c3
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.12.2 Montreal, Canada, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-12-2.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 04 Sep 2023 02:17:21 GMT
demconf.jpg
dpm.demdex.net/ Frame F05C
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=4bywjpflk0hcx6zrrym79v937
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=4bywjpflk0hcx6zrrym79v937
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=4bywjpflk0hcx6zrrym79v937
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
HTTP/1.1
Server
52.5.117.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-117-77.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-0efad31d8.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
mnbdGRCqT50=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-1-v049-0c4538ad7.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Iq+9BJ7LQY0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=4bywjpflk0hcx6zrrym79v937
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
15597
tags.bluekai.com/site/ Frame F05C 		62 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/15597?id=4bywjpflk0hcx6zrrym79v937
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.8.236 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-8-236.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 04 Sep 2023 02:17:21 GMT
content-length
62
content-type
image/gif
db_sync
px.ads.linkedin.com/ Frame F05C
Redirect Chain
  • https://idsync.rlcdn.com/403716.gif?partner_uid=4bywjpflk0hcx6zrrym79v937
  • https://idsync.rlcdn.com/1000.gif?memo=CITSGBIlCiEIARCakQEaGTRieXdqcGZsazBoY3g2enJyeW03OXY5MzcQABoNCLH81KcGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=85ee5936033e0c178eb23e14a086dbbc8bf7ff8b4a4bf12cb38be8c7024f72f5791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=85ee5936033e0c178eb23e14a086dbbc8bf7ff8b4a4bf12cb38be8c7024f72f5791426b5417dce21&rand=04969934
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=85ee5936033e0c178eb23e14a086dbbc8bf7ff8b4a4bf12cb38be8c7024f72f5791426b5417dce21&rand=04969934&expected_cookie=a2159579-e179-46ac-a581-32e54fcaa8a9
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=85ee5936033e0c178eb23e14a086dbbc8bf7ff8b4a4bf12cb38be8c7024f72f5791426b5417dce21&rand=04969934&expected_cookie=a2159579-e179-46ac-a581-32e54fcaa8a9
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:22 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 21A495388BC4487D8D64E1B11455495F Ref B: MIAEDGE2008 Ref C: 2023-09-04T02:17:22Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEfxxUSBOs1YhwctecIw==

Redirect headers

date
Mon, 04 Sep 2023 02:17:22 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: CE2D717DD64946C0896068FEBBB9D307 Ref B: MIAEDGE2008 Ref C: 2023-09-04T02:17:22Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
location
/db_sync?pid=10339&puuid=85ee5936033e0c178eb23e14a086dbbc8bf7ff8b4a4bf12cb38be8c7024f72f5791426b5417dce21&rand=04969934&expected_cookie=a2159579-e179-46ac-a581-32e54fcaa8a9
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEfxxLQAZv/5R41aiDkw==
usermatch.gif
beacon.krxd.net/ Frame F05C 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=4bywjpflk0hcx6zrrym79v937
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.94.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-94-1.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-served-by
beacon-n015-ash-prod.krxd.net
date
Mon, 04 Sep 2023 02:17:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1693793841
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
sync.bfmio.com/ Frame BEC1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=7928e066-76a9-463e-af89-7ce88bea635d
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=7928e066-76a9-463e-af89-7ce88bea635d
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
44.207.99.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-99-201.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 04 Sep 2023 02:17:21 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=7928e066-76a9-463e-af89-7ce88bea635d
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
183
sync
sync.bfmio.com/ Frame BEC1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=60
  • https://sync.bfmio.com/sync?pid=169&uid=7671167391070426394
0
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=169&uid=7671167391070426394
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
44.207.99.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-99-201.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 04 Sep 2023 02:17:21 GMT

Redirect headers

location
https://sync.bfmio.com/sync?pid=169&uid=7671167391070426394
pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame BEC1 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=0a0e5701258ad78e83f1efcd4af6b375867a3f68&ex=bf.com
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V7DVVZ5YTPEXPH48JVH3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
sync.bfmio.com/ Frame BEC1
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/bch
  • https://match.prod.bidr.io/cookie-sync/bch?_bee_ppp=1
  • https://sync.bfmio.com/sync?pid=168&uid=AAEzzU7J6nwAACbk4ScR2w
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=168&uid=AAEzzU7J6nwAACbk4ScR2w
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
44.207.99.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-99-201.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 04 Sep 2023 02:17:21 GMT

Redirect headers

location
https://sync.bfmio.com/sync?pid=168&uid=AAEzzU7J6nwAACbk4ScR2w
Date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync
sync.bfmio.com/ Frame BEC1
Redirect Chain
  • https://www.storygize.net/ccm/ab07fd15-2039-48b6-b2a2-4c9d1869ba93
  • https://www.storygize.net/csr?r=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D178%26uid%3Df3ecbccc-aea0-40f7-af63-e68aebb6f2f1
  • https://sync.bfmio.com/sync?pid=178&uid=f3ecbccc-aea0-40f7-af63-e68aebb6f2f1
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=178&uid=f3ecbccc-aea0-40f7-af63-e68aebb6f2f1
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
44.207.99.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-99-201.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 04 Sep 2023 02:17:22 GMT

Redirect headers

Location
https://sync.bfmio.com/sync?pid=178&uid=f3ecbccc-aea0-40f7-af63-e68aebb6f2f1
Pragma
no-cache
P3P
CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
cache-control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
expires
0
sync
sync.bfmio.com/ Frame BEC1
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=B8C43B19-109C-445A-B4F6-EE6B3765AF18&rurl=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D166%26uid%3D%24%24visitor_cookie%24%24
  • https://sync.bfmio.com/sync?pid=166&uid=2c13604cc4584d1995e49827a64c2897
0
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=166&uid=2c13604cc4584d1995e49827a64c2897
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
44.207.99.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-99-201.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 04 Sep 2023 02:17:21 GMT

Redirect headers

Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://sync.bfmio.com/sync?pid=166&uid=2c13604cc4584d1995e49827a64c2897
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
rtset
bh.contextweb.com/bh/ Frame FE86
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=N2dIY25XRlNnRlhoTWRTSHFhS1drZw&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEAxQmIhGF8zzjaf4HKYK258&google_cver=1
49 B
811 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEAxQmIhGF8zzjaf4HKYK258&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-5zghb
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEAxQmIhGF8zzjaf4HKYK258&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame FE86
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=3e3e5d83873206f4&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAACqLm9CWEgwgMARrNJAAAAAAA&expiration=1693880241&nuid=&is_secure=true
49 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAACqLm9CWEgwgMARrNJAAAAAAA&expiration=1693880241&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-5zghb
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAACqLm9CWEgwgMARrNJAAAAAAA&expiration=1693880241&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame FE86 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=zgn5cAUresle&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D1R80A4AN2P2DTRD2ZJX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 02:17:21 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 8F0F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58438518&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8e0eeaaec387f5614f5e60a0641d10674c6c849916deb3c401b09e5c20d74e94

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 04 Sep 2023 02:17:20 GMT
content-length
1736
content-type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame AB25 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=HQzJeBZHuGCrpGR8Q52pzqdh&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1QCV7P91X42PX142G59H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sovrn
tr.blismedia.com/v1/api/sync/ Frame AB25 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
merge
ce.lijit.com/ Frame AB25
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1693793841383&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=C0079F51A67C45978E5DF77E05DE4DD6
43 B
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=C0079F51A67C45978E5DF77E05DE4DD6
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=C0079F51A67C45978E5DF77E05DE4DD6
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 03 Sep 2023 02:17:21 GMT
merge
ce.lijit.com/ Frame AB25
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=zgn5cAUresle&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=zgn5cAUresle&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://ce.lijit.com/merge?pid=49&3pid=zgn5cAUresle&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-5zghb
expires
-1
merge
ce.lijit.com/ Frame AB25
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=XDfmHVlmsxhHMLYRDDutSVg74hFHZeVJW2cpQXEK
43 B
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=XDfmHVlmsxhHMLYRDDutSVg74hFHZeVJW2cpQXEK
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=XDfmHVlmsxhHMLYRDDutSVg74hFHZeVJW2cpQXEK
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cs
cs.yellowblue.io/ Frame AB25
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=8946715365
  • https://sync.1rx.io/usersync/turn/7671167391070426394?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11599&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:22 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ce.lijit.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs.yellowblue.io/cs?aid=11599&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
Date
Mon, 04 Sep 2023 02:17:21 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX3559f5de46114ec6ac6ccf2f5ef1bc6c005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
264.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/i/1173/8.gif?id5id=ID5*M9P78xF7zartpS38R_iQqtcv4ZpVZ1lPz8J6Zp8nosZfVchjY0UR50Tol2ll1SFPX1aKdltd9DVout0-zBSBcg&o=api&gdpr_consent=undefined&gdpr=false
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-01ceEplVPO5HtWpEGgg81M15DFaFwdnMIOLwnMU6UA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F3%2F7%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26...
  • https://id5-sync.com/c/1173/3/7/2.gif?puid=789c64f5-3e31-4100-b68c-6bef558fd551&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/1173/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/1173/2/6/3.gif?puid=4011881537103642354&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F434%2F5%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/1173/434/5/4.gif?puid=6275276a-1c31-4f7d-a3ea-7cf382941856&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=4011881537103642354&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F1246%2F4%2F5.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdp...
  • https://id5-sync.com/c/1173/1246/4/5.gif?puid=HQzJeBZHuGCrpGR8Q52pzqdh&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AAEzzU7J6nwAACbk4ScR2w&id5AccountNum=155&numCascadesAllowed=9
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F429%2F2%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/1173/429/2/7.gif?puid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=7928e066-76a9-463e-af89-7ce88bea635d&ttl=%%TTL%%
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/264.gif?puid=7928e066-76a9-463e-af89-7ce88bea635d&ttl=%%TTL%%
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding
chunked
content-type
text/html;charset=utf-8

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://id5-sync.com/k/264.gif?puid=7928e066-76a9-463e-af89-7ce88bea635d&ttl=%%TTL%%
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9477 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:92c5:57a0:36d6:5a53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 9477
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4011881537103642354
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4011881537103642354
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
an-x-request-uuid
8f43ac66-118f-44da-b89c-67acc696bcde
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4011881537103642354
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9477
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Server
2600:1f18:4e9:5a05:92c5:57a0:36d6:5a53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 9477
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZPU_MQAAAyPauwA4
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZPU_MQAAAyPauwA4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-mia-kmia1760091-MIA
pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
via
1.1 varnish
server
Varnish
x-timer
S1693793842.539673,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZPU_MQAAAyPauwA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 9477
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=6wZ77XdxVwJpBPGiE6JmkSaEdkw
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=6wZ77XdxVwJpBPGiE6JmkSaEdkw
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=6wZ77XdxVwJpBPGiE6JmkSaEdkw
Date
Mon, 04 Sep 2023 02:17:21 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
usermatchredir
ssum-sec.casalemedia.com/ Frame 9477
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
r.casalemedia.com/ Frame 9477
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&gdpr=0&gdpr_consent=
43 B
606 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBDskpGcJDXjfTGZ1w%2BnisUzwYvNu0TffYUTsrCcXQq7jkVLMqt65%2FIeSlRQuQFj%2F10D07dxIovpdiWW3kKVhTIQabFR6weE1gEyrQnhlvdqAHmJ%2Beve2%2FCVu6LUvgsu8rRi"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8012bc5a1d74d9e9-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame 9477 		0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-50.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:20 GMT
via
1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
bUUWsx58msXc7EUFHOYXWVna3W60hsIbLLwwL9soTzp_NBf0u6_gTg==
ecm3
s.amazon-adsystem.com/ Frame D89D
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---&khaos=LM494BTJ-1P-8OPA
  • https://s.amazon-adsystem.com/ecm3?id=LM494BTJ-1P-8OPA&ex=d-rubiconproject.com&status=ok&us_privacy=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LM494BTJ-1P-8OPA&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CRZ23NSSFQ1ZER46K9Z4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LM494BTJ-1P-8OPA&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
Expires
0
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1230911863589528&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.shefinds.com%2F&rl=&if=false&ts=1693793841508&cd[segment_id]=105086&sw=1600&sh=1200&v=2.9.125&r=stable&ec=2&o=30&fbp=fb.1.1693793839435.1043375870&it=1693793839304&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 04 Sep 2023 02:17:21 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=340247040194248&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.shefinds.com%2F&rl=&if=false&ts=1693793841509&cd[segment_id]=105086&sw=1600&sh=1200&v=2.9.125&r=stable&ec=3&o=30&fbp=fb.1.1693793839435.1043375870&it=1693793839304&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 04 Sep 2023 02:17:21 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
Artemis
aud.pubmatic.com/AdServer/
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D441%26segid%3D21144%2C21967%2C32638%2C32745%2C33093%2C33097%2C33495%...
  • https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=441&segid=21144,21967,32638,32745,33093,33097,33495,33515,34895,35238,38317,38334
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=441&segid=21144,21967,32638,32745,33093,33097,33495,33515,34895,35238,38317,38334
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Server
162.248.18.10 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

location
https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=441&segid=21144,21967,32638,32745,33093,33097,33495,33515,34895,35238,38317,38334
date
Mon, 04 Sep 2023 02:17:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
crum
dsum-sec.casalemedia.com/ Frame 5142
Redirect Chain
  • https://um4.eqads.com/um/cs
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=954cc683-4c37-4611-8406-3ce451d1e04b&expiration=1701656241
43 B
631 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=954cc683-4c37-4611-8406-3ce451d1e04b&expiration=1701656241
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:21 GMT
Expires
0
Keep-Alive
timeout=1, max=493
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

cache-control
no-cache
content-length
0
date
Mon, 04 Sep 2023 02:17:21 GMT
expires
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=954cc683-4c37-4611-8406-3ce451d1e04b&expiration=1701656241
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-17ba9"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 02:17:21 GMT
setuid
px.ads.linkedin.com/ Frame D89D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM494BTJ-1P-8OPA&us_privacy=1---
0
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM494BTJ-1P-8OPA&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 5B80FA07FDBF497590C96EC8C1BB13E9 Ref B: MIAEDGE2008 Ref C: 2023-09-04T02:17:21Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEfxxDLfsoyCN1s2OmKw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM494BTJ-1P-8OPA&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D89D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHMtJlAKG67RU_1iH2_oYVc&google_cver=1
42 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHMtJlAKG67RU_1iH2_oYVc&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
314e432eb2d967cf733b82bdbbe35231
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHMtJlAKG67RU_1iH2_oYVc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D89D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/LpjUiR-4Y5E41ZCckhc618n5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Ak0yNAxE2oJbAhbrDHCoOBb9YkUf2eYBj8ecxg--~A
42 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Ak0yNAxE2oJbAhbrDHCoOBb9YkUf2eYBj8ecxg--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Ak0yNAxE2oJbAhbrDHCoOBb9YkUf2eYBj8ecxg--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame D89D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7928e066-76a9-463e-af89-7ce88bea635d&gdpr=0&gdpr_consent=&expires=30
42 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7928e066-76a9-463e-af89-7ce88bea635d&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7928e066-76a9-463e-af89-7ce88bea635d&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
dcm
aax-eu.amazon-adsystem.com/s/ Frame D89D 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
23KZNJ44P5DCSM05CPJ7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame D89D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xAZL0qlLT_2C2-FpFJZYaA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xAZL0qlLT_2C2-FpFJZYaA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xAZL0qlLT_2C2-FpFJZYaA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B90HH3AGXR2EGY2MCC7J
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xAZL0qlLT_2C2-FpFJZYaA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame D89D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmNlNjFjNmFkOTI1NGI1N2I2M2JiMTFlZmMzOTI3NTE0MjA0YjQ1Zg&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmNlNjFjNmFkOTI1NGI1N2I2M2JiMTFlZmMzOTI3NTE0MjA0YjQ1Zg&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmNlNjFjNmFkOTI1NGI1N2I2M2JiMTFlZmMzOTI3NTE0MjA0YjQ1Zg&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame D89D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE00OTRCVEotMVAtOE9QQQ==&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF64KM8Y6EMI5uDlXN6idpY&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE00OTRCVEotMVAtOE9QQQ==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE00OTRCVEotMVAtOE9QQQ==&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE00OTRCVEotMVAtOE9QQQ==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
Expires
0
usync.js
eus.rubiconproject.com/ Frame ED94 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0d43cf6ee2a94f6120efed2bff5fd431452117ac4fde83201e9916b406266ae7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:21 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:37:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58754
Connection
keep-alive
Content-Length
10123
Expires
Mon, 04 Sep 2023 18:36:35 GMT
dcm
s.amazon-adsystem.com/ Frame 5FD4 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=546B0175-D6AA-46B9-A0AD-C2A930BF5276&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
C70BMHPDW2KBPMDRC18K
ecm3
s.amazon-adsystem.com/ Frame 4B76 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID546B0175-D6AA-46B9-A0AD-C2A930BF5276
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
9ZXEC22EYXCF0847878E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8F0F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VGsBddaqRrmgrcKpML9Sdg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.203.25.11 Dallas, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-25-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=102122
accept-ranges
bytes
content-length
5636
expires
Tue, 05 Sep 2023 06:39:23 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 8F0F
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=546B0175-D6AA-46B9-A0AD-C2A930BF5276
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=37325644865334343530996390913382611896&pt=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=37325644865334343530996390913382611896&pt=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:22 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

DCS
dcs-prod-va6-2-v049-08cd16043.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
4xIofaURRyA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=37325644865334343530996390913382611896&pt=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec%2C%2C
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 8F0F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20546B0175-D6AA-46B9-A0AD-C2A930BF5276&rnd=RND
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 8F0F 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 8F0F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTQ2QjAxNzUtRDZBQS00NkI5LUEwQUQtQzJBOTMwQkY1Mjc2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7671167391070426394&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=10c3ae70f05904a9&is_secure=true&networkId=17100&version=1&nuid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACfs2zcBQ3fwN3KdwnAAAAAAA&expiration=1693880243&nuid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Mon, 04 Sep 2023 02:17:23 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 8F0F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBIFCuL02ctOmxY2EnZKdvU&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7671167391070426394&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6bdc6534928106f4&is_secure=true&networkId=17100&version=1&nuid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAABp91Ff6SkOQMg0_wWAAAAAAA&expiration=1693880243&nuid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=ef64a777-f1cd-43a8-a50e-1af8b0183d5c&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=4a128e3b-88fd-4575-854f-3b7c5c958939&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 04 Sep 2023 02:17:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame 8F0F
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C0079F51A67C45978E5DF77E05DE4DD6
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=546B0175-D6AA-46B9-A0AD-C2A930BF5276
0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:22 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=546B0175-D6AA-46B9-A0AD-C2A930BF5276
date
Mon, 04 Sep 2023 02:17:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
113
content-type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 8F0F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7928e066-76a9-463e-af89-7ce88bea635d&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7671167391070426394&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5adc93bef05d0706&is_secure=true&networkId=17100&version=1&nuid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACqLm9CWEhUAMIhyVHAAAAAAA&expiration=1693880243&nuid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=ef64a777-f1cd-43a8-a50e-1af8b0183d5c&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=968907269421605264&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&gdpr_pd=
1 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 04 Sep 2023 02:17:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
546B0175-D6AA-46B9-A0AD-C2A930BF5276
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 8F0F 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/546B0175-D6AA-46B9-A0AD-C2A930BF5276?gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:92c5:57a0:36d6:5a53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usync.js
eus.rubiconproject.com/ Frame 12F2 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0d43cf6ee2a94f6120efed2bff5fd431452117ac4fde83201e9916b406266ae7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:21 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:37:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58754
Connection
keep-alive
Content-Length
10123
Expires
Mon, 04 Sep 2023 18:36:35 GMT
usync.js
eus.rubiconproject.com/ Frame F48C 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0d43cf6ee2a94f6120efed2bff5fd431452117ac4fde83201e9916b406266ae7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:21 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:37:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58754
Connection
keep-alive
Content-Length
10123
Expires
Mon, 04 Sep 2023 18:36:35 GMT
usync.js
eus.rubiconproject.com/ Frame 91E9 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0d43cf6ee2a94f6120efed2bff5fd431452117ac4fde83201e9916b406266ae7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:21 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:37:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58754
Connection
keep-alive
Content-Length
10123
Expires
Mon, 04 Sep 2023 18:36:35 GMT
container.html
892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DAF4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:17:21 GMT
expires
Tue, 03 Sep 2024 02:17:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ Frame 4FCA 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-71.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 9dcf1f784090d97aac2d38aa49e628e2.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1403233
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
GnJlHTlOtFNlCFiEX3Acw1QGrf8iq66NuaMJEzgPJky2m0lEk74R1g==
postbid.js
ads.blogherads.com/static/ Frame 4FCA 		421 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/postbid.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1800ac1ca3a7f0961bbbedbbdd49055fdc44aaa02e8f280257874c91745e7d66

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:22 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26APB4KBZES1BD7P
age
1018
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
yGBwMReVDEY/Vr79nG1QrmmpLiU7xWhSlSMbOg1NFDj1CxnWkn9dLRpdPF7HFJJjPYrFSuCgZ4s=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:29 GMT
x-timer
S1693793842.062376,VS0,VE4
etag
W/"7423bef5d99fd702fe9c804009f4b11b"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
1
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4FCA 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:17:22 GMT
container.html
892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 30F8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:17:21 GMT
expires
Tue, 03 Sep 2024 02:17:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
event
collector.sheknows.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.95.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-95-230.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Mon, 04 Sep 2023 02:17:22 GMT
event
collector.sheknows.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.95.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-95-230.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Mon, 04 Sep 2023 02:17:22 GMT
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ Frame B204 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-71.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 9dcf1f784090d97aac2d38aa49e628e2.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1403233
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
uIywZPjt1fTHkOCHULH6jkrPmYbDsdP9UTTzP2Z3k9A5OqBZeeOMVw==
boomerang-client.js
ads.blogherads.com/static/ Frame B204 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/boomerang-client.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c4a478f209dddd433c1849f661b71160f14ad996c9c075e5f4b7fbeb21d1bf0f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:22 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
G64VNSRXBNNP2J7K
age
1018
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
js00xV2yEyoUbw/5Yf82mWQtvoC3B6FX8NqZM7hC3H2QGJLiV2Xu006LnQkcjb5ZIpgZbTilwgM=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:30 GMT
x-timer
S1693793842.244138,VS0,VE0
etag
W/"f4b7dbaeb313299eb47e0873bc496740"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
33
view
securepubads.g.doubleclick.net/pcs/ Frame B204 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuMxgqZlCBllJ-Hs3gT6B2KA1wLX9YXjqsZ3i0xGZ-8HN34h8C7K1TyV6yJIFWssPiAlbiWsubur1DUG-tc39_BcMOfvAHx4jGHDyuf-54HZrNDEBKDHzWSS-oTu21UoQhDTTxBL9Z_H9epvW8X_fsVkDTeHNt1wW_pXWL3XieSuhIG8WzgrwBfckhBSlSM0LcIzk6bbScyTD0sZPtjPImEl7scm2R-NtlYOmtD2PWY0Lf6Dvb10xOx0pS8kFvB8HQi_1BqqiaYABWM6RVmm7dzscM7JRrD4MNHwf-KzY1c29VveEIlwq4kOhMu7j31iB7WF4yzg&sai=AMfl-YQ_hjSk0uu-2XuAkdcR_lTCw1_-vhTM1nDPqzx5hbE4zMF35pzwSFOJqxFd7t0caduc40Dy-5v9rauW06DNEUznqHKOIHaJF22AAIlZCj916qaafTqryKeXlP3UP5ON2CBMnFlSwfVuxPEeIL2MutbM2VCaucUqyM9ouDobtDoH&sig=Cg0ArKJSzOkEBED_RmqHEAE&uach_m=[UACH]&urlfix=1&adurl=[%ThirdPartyImpressionTracker%]
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
event
collector.sheknows.com/ 		3 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.95.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-95-230.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
257c1be96ae69f4b01c2c69bdb6d78605f59175819fb007d0bf245bf48444c4a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:22 GMT
access-control-allow-headers
Content-Type
content-length
3
access-control-max-age
86400
access-control-allow-methods
POST
content-type
application/json; charset=UTF-8
event
collector.sheknows.com/ 		3 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.95.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-95-230.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
257c1be96ae69f4b01c2c69bdb6d78605f59175819fb007d0bf245bf48444c4a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:22 GMT
access-control-allow-headers
Content-Type
content-length
3
access-control-max-age
86400
access-control-allow-methods
POST
content-type
application/json; charset=UTF-8
btn.js
d3r7h55ola878c.cloudfront.net/btn/1.0.2/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d3r7h55ola878c.cloudfront.net/btn/1.0.2/btn.js?_=1693793842265
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/user.js?cb=638255840286354546
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.26.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-26-102.pit50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
events
api.permutive.com/v2.0/batch/ 		201 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=2aed5ae2-5875-450b-9e5e-34ac932123da
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
82e47ae45ab0b917e4c7aeb06b03cd7e7e2d1c9a211cf368fbcee990d60a2554

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:17:22 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140
usersync
usersync.gumgum.com/ Frame ED94
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LM494BTJ-1P-8OPA
  • https://usersync.gumgum.com/usersync?b=mag&i=LM494BTJ-1P-8OPA
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LM494BTJ-1P-8OPA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:22 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LM494BTJ-1P-8OPA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
Expires
0
pandg-sdk.js
pghub.io/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:42:14 GMT
content-encoding
gzip
age
2108
x-guploader-uploadid
ADPycdvin3Fa5JRGFvBurnk2GofRE4DJYDb8x2vyONzu5NRewX6gUypPsY01mSVCMV-JCx0nKfQmzqbkMzU5-I3e1_Ni0w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5009
last-modified
Mon, 05 Jun 2023 16:36:50 GMT
server
UploadServer
etag
"47a886353056caf33a998c6041e20896"
vary
Accept-Encoding
x-goog-generation
1685983010517890
x-goog-hash
crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
5009
accept-ranges
bytes
content-type
application/javascript
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1-...
  • https://prebid-server.rubiconproject.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=3367954411524477000V10
86 B
811 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=3367954411524477000V10
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 04 Sep 2023 02:17:22 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://prebid-server.rubiconproject.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=3367954411524477000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 04 Sep 2023 02:17:22 GMT
bl-c25b203-3a0438bc.js
tagan.adlightning.com/sheknows/ Frame DAF4 		70 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/bl-c25b203-3a0438bc.js
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-71.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bcfbab9fd00258a8a7a78fb08e87e31df1108c7db3947dee810a8116d2559ce4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 17:43:37 GMT
content-encoding
gzip
via
1.1 9dcf1f784090d97aac2d38aa49e628e2.cloudfront.net (CloudFront)
x-amz-version-id
fDygbOvffZhNFEakwARu.NBUEeg3nXOk
x-amz-cf-pop
EWR53-C3
age
203626
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29383
x-amz-meta-git_commit
c25b203
last-modified
Fri, 01 Sep 2023 17:31:30 GMT
server
AmazonS3
etag
"72accb99e27883f839a54d3c92c2899d"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
G3WvV0NPh0aC0rBHgeha0OR8gGsbKOPttrozN6j16bz6L8jvCFnQXQ==
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ Frame DAF4 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-71.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 9dcf1f784090d97aac2d38aa49e628e2.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1403233
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
P7yAYb-sZk-wafpIZXtDTrL402RIcIlJaezdT6UUfMTtE4XAZuCpCg==
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame DAF4 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 13:58:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
44318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13552
x-xss-protection
0
server
cafe
etag
17023098769855550506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 13:58:44 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DAF4 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 01:20:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
349014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 30 Aug 2024 01:20:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DAF4 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:17:22 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame DAF4 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite_fy2021.js
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 13:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
44576
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9067
x-xss-protection
0
server
cafe
etag
16184311534176170479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 13:54:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame DAF4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 13:54:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
44574
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 13:54:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame DAF4 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 13:54:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
44592
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 13:54:10 GMT
jload
pixel.adsafeprotected.com/ Frame BEB1 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=930203&campId=728x90&pubId=15403870&chanId=223928350&placementId=5064405287&pubCreative=138308429211&pubOrder=2543335655&cb=1562974638&adsafe_par&impId=2cf79976-4ac9-11ee-bef5-0ac9557753d3&custom2=frame2&custom3=s1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.46.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-46-70.compute-1.amazonaws.com
Software
/
Resource Hash
c8d68594aec4a7ef1a985a169b0379c194160d65cd4b78b961508094bfd139fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:22 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4FCA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQrrzWC_QoplEg_pDS480suizvYqgnKyrzfpNRgdFlYQ12zBKGHv9OvhP-iRbqeU5go5YWjynNpU-fcraAM995UWzSPcrVrh4Oq_nDJpONf6Ot2dIUMuvkvbqxy10Tmp_gs1qF9mZwv2QJAQQsRAGQG4AbIUKca8IE0hpwXSFX771LqLEaxfn3smDxcySPxi_AIeEFJa8xo6gVs9mwPAzmJN25aXrQtZ4QSJW4kQNt2RVx71PRzrFHhD8GqKGVuC5OcfF3fwDgAawdfAozefBVHuQULpOqd6BRBub5nV9uZ5HWZVqF8au3Vr3Mo3K_Fuz-lTOd3Q&sai=AMfl-YRwXgIWRB7ZzMz0sdB5HLqwQBcvggfQqtfMgWitLR_3Yyyz33zlF_ku5xSwkneG4qXyahhvitMEKTLB-6jHQinlNtOWdedNgKCNuN0MzYlDl-UCcB4j1bkIGwWd13UCFVVg63ZmGxD5LH-C1DOB_0LIrgwTIxcldJK_SooUdeky&sig=Cg0ArKJSzC9F6vgOnYxJEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
bl-c25b203-3a0438bc.js
tagan.adlightning.com/sheknows/ Frame 30F8 		70 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/bl-c25b203-3a0438bc.js
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-71.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bcfbab9fd00258a8a7a78fb08e87e31df1108c7db3947dee810a8116d2559ce4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 17:43:37 GMT
content-encoding
gzip
via
1.1 9dcf1f784090d97aac2d38aa49e628e2.cloudfront.net (CloudFront)
x-amz-version-id
fDygbOvffZhNFEakwARu.NBUEeg3nXOk
x-amz-cf-pop
EWR53-C3
age
203626
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29383
x-amz-meta-git_commit
c25b203
last-modified
Fri, 01 Sep 2023 17:31:30 GMT
server
AmazonS3
etag
"72accb99e27883f839a54d3c92c2899d"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
TveNo_k8iqWidiB60tJAgLjAFCSQjefwUPL_bGeIboNtmesFL-gTWQ==
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ Frame 30F8 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-71.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 9dcf1f784090d97aac2d38aa49e628e2.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1403233
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
B9VVFiUqkftuzuLuSCXcGtpzqRp7-Q3SvAGdyWP72ISz6Reeq-zrVQ==
css
fonts.googleapis.com/ Frame 30F8 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Sep 2023 02:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 02:04:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Sep 2023 02:17:22 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 30F8 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 13:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
44576
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 13:54:27 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame 30F8 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite_fy2021.js
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 13:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
44576
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9067
x-xss-protection
0
server
cafe
etag
16184311534176170479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 13:54:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 30F8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 13:54:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
44574
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 13:54:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 30F8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 13:54:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
44592
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 13:54:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 30F8 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:17:22 GMT
3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame 30F8 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 08:56:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
580835
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15058
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 00:31:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 26 Nov 2023 08:56:48 GMT
cs
cs.minutemedia-prebid.com/ Frame 12F2
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LM494BTJ-1P-8OPA
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LM494BTJ-1P-8OPA
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LM494BTJ-1P-8OPA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:23 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LM494BTJ-1P-8OPA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
Expires
0
cs
cs.yellowblue.io/ Frame F48C
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LM494BTJ-1P-8OPA
  • https://cs.yellowblue.io/cs?aid=11590&id=LM494BTJ-1P-8OPA
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LM494BTJ-1P-8OPA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:23 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LM494BTJ-1P-8OPA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
314e432eb2d967cf733b82bdbbe35231
Expires
0
sync
usr.undertone.com/userPixel/ Frame 91E9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=LM494BTJ-1P-8OPA
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM494BTJ-1P-8OPA
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM494BTJ-1P-8OPA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
H2
Server
18.164.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-50.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:22 GMT
via
1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
nExwxExwEiIVcpkKRb09mKnjXzREgBMvMDRBe3gaJSqlLV2HocSCuw==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM494BTJ-1P-8OPA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1df09169f58a071f2a391dff1b3307b
Expires
0
truncated
/ Frame B204 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
379ccdbeb5b59ace2ae2cf3a95c68fe8c4e1ea939a58734d2b5e08bd04ecec3e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
35.ffa44917a77d7f8b045a.js
ads.blogherads.com/static/chunks/ Frame 4FCA 		1 KB
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/35.ffa44917a77d7f8b045a.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80285dfd3fe73b3736d5c9f1565b45e47543dddddce2d54c47093db9dbae0a43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:22 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26ASC13V739QXNC3
age
1019
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
F0Wppb1l28d6EBkrpkpGjqzRDHDhYeTknm2FuZ6XfN7/76PRcmSqbHe8t+jeRSEOu24MPqicXmg=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693793843.890802,VS0,VE0
etag
W/"9a805af25f2863ad614644ba47504a2b"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
92
boomerang.json
ads.blogherads.com/bh/41/412/412983/2498530/ Frame 4FCA 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/bh/41/412/412983/2498530/boomerang.json
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1e5ada85311794e56eaaa31718cef387f575ecc1cbb855ea721fef82b4624a65

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:22 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
FD3T6EBWFABBFG5T
age
800
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
P/L8VRfSwfhvPY5J4eikbOmJYdlDIYAgslv0RE9idMGMj6obpJp4FjlbRCmLuIaAhT0Ml6rveNo=
x-served-by
cache-mia-kmia1760028-MIA
last-modified
Wed, 30 Aug 2023 01:59:18 GMT
x-timer
S1693793843.969437,VS0,VE0
etag
W/"7e6b29f049e57c8b16f38618e130c93c"
vary
accept-encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
2
truncated
/ Frame 4FCA 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c249a9f6d1d169a2e273b49cfa2103b9d1e8acfad451b1aa342ecd3f32f6611a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
float-and-scroll-chunk.6fa48da8dfa673bb496a.js
ads.blogherads.com/static/chunks/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/float-and-scroll-chunk.6fa48da8dfa673bb496a.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9163a9e397d818cd252d74c78be9e5a8dde68c72cabde38dd2a8c47c8c611f59

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:23 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
YZDJFC13PJVV67Y1
age
1018
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
t6fObVe5dn05TXbEQGWDL56MfkKQvkFo7JvEEAs1KJ/m9ysYPAD9cN53dxNiJEpYDJYRgXyG1rI=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693793843.007729,VS0,VE0
etag
W/"1cafd6c3703201b55df7d845c4f674eb"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
21
state
api.permutive.com/v1.0/ 		0
33 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=2aed5ae2-5875-450b-9e5e-34ac932123da
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:23 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cm
u.openx.net/w/1.0/ Frame 3219 		930 B
585 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
939b2d0ac65070b34012066316e63d37f2a9ba1cfa63111f6c174f4750745f40

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
566
content-type
text/html
date
Mon, 04 Sep 2023 02:17:23 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
main.19.8.439.js
static.adsafeprotected.com/ Frame BEB1 		207 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.439.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:246c:d800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 13:44:02 GMT
x-amz-version-id
jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding
gzip
via
1.1 bde769d41da514ce261f05fde0f91e2c.cloudfront.net (CloudFront)
x-amz-cf-pop
PIT50-P1
age
2205202
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:42 GMT
server
AmazonS3
etag
W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
5kN5tN3_QxNMvxXl9-TxdKqVIUKILOEmNj5xDc9vOqbWGmXvhV0D4g==
tag
pandg.tapad.com/ Frame 4136
Redirect Chain
  • https://feed.pghub.io/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fwww.shefinds.com%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C...
  • https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fwww.shefinds.com%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%...
592 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fwww.shefinds.com%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22fashion%22%7D
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
b244fbd7376d39eedb06c118d4a920101225e65df0f2878ad4e536db1631ee86
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-security-policy
default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
content-type
text/html;charset=utf-8
date
Mon, 04 Sep 2023 02:17:23 GMT
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
server
Jetty(11.0.13)
strict-transport-security
max-age=31536000
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-length
0
date
Mon, 04 Sep 2023 02:17:23 GMT
location
https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fwww.shefinds.com%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22fashion%22%7D
server
Jetty(11.0.13)
strict-transport-security
max-age=31536000
via
1.1 google
0.6c6348ebc294aacf1fc2.js
ads.blogherads.com/static/chunks/ Frame 4FCA 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/0.6c6348ebc294aacf1fc2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
34781a83f4c9966ba06d7bb47e5fc57fe8e7dc68767171a4b509e0a5e7864669

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:23 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26AKRVEDS5CP3HRH
age
1020
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
SzVOPiSNQA5ObWhg11UcVZGO3Bez1SkUT1bwcOqhNQJn5zNClBLULev/lC8KJSW5MbE/dIfpNvI=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693793844.699217,VS0,VE0
etag
W/"adbbea4ed0d19fcf33cae37dd9ad4855"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
76
vendors~amp-prebid-integration~boomerang-prebid-integration~postbid-prebid-integration~waterfall-pre~ee04b93a.fbba40a6dc57384702c5.js
ads.blogherads.com/static/chunks/ Frame 4FCA 		76 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/vendors~amp-prebid-integration~boomerang-prebid-integration~postbid-prebid-integration~waterfall-pre~ee04b93a.fbba40a6dc57384702c5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
928d1c50f77d48e64b3461df0c194a81711c6528588849fc99710f96541cc51d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:23 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26ASVNYP5AGXHG2E
age
1020
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
/RbjmAkJufUB8USqFiIS9dHwROmJ5c6EN2l1gN5T6PJnASW0IFcbHyZ5Rvc4eE8TMlF11EiedeQ=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693793844.700236,VS0,VE0
etag
W/"8a4de88af87f2e76e0a9e1e1306ccdf3"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
88
postbid-prebid-integration.adda40bfac824b1494e9.js
ads.blogherads.com/static/chunks/ Frame 4FCA 		33 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/postbid-prebid-integration.adda40bfac824b1494e9.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2d1946cab10182e8a80eec47ae0c2023cffa0fc715b041d53f1cd4e2ec679c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:23 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
YZDQZXYXTQK6AZDM
age
1020
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
jedUQtNM1cNpcpbllsYdPXJdGy+T9pR9WZtLyqV5tTzVCqoB047VFyk1n7fnoqgkFsqQW39eohU=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693793844.701177,VS0,VE0
etag
W/"2654990d140e86f395d6fd898b941cd7"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
30
hLpY1Nb5VKES0NUS7fDOJpi2IlOf_MDz61xICdFpsJahP2WSnbT2dVk7kxZ9fdJOJcCK8n06xKKagandJtVZYn3OD2PXNQMSiDP0tKlRHmVRFrbJTyscXXXzd6l0A_HoVKzxCOI-OuXanCCb-wAf2sNH1Vtr6_HfkmMAPQw4C9Z8gig3ZuKGV98iHUtY1YE=w1200...
lh6.googleusercontent.com/proxy/ Frame DAF4 		456 KB
456 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh6.googleusercontent.com/proxy/hLpY1Nb5VKES0NUS7fDOJpi2IlOf_MDz61xICdFpsJahP2WSnbT2dVk7kxZ9fdJOJcCK8n06xKKagandJtVZYn3OD2PXNQMSiDP0tKlRHmVRFrbJTyscXXXzd6l0A_HoVKzxCOI-OuXanCCb-wAf2sNH1Vtr6_HfkmMAPQw4C9Z8gig3ZuKGV98iHUtY1YE=w1200-h627-rp-pd
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b0a76f558c9fc5286ccba192d48da170b1917343ee641cfd4dcbfe7b3237a4ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:23 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
466768
x-xss-protection
0
expires
Tue, 05 Sep 2023 02:17:23 GMT
9832126723343678101
tpc.googlesyndication.com/simgad/ Frame DAF4
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODq98TLzAEQsAkYsAkyCL7QyPRNNYKU
  • https://tpc.googlesyndication.com/simgad/9832126723343678101
77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9832126723343678101
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 22:34:47 GMT
x-content-type-options
nosniff
age
531756
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79088
x-xss-protection
0
last-modified
Mon, 10 Apr 2023 14:51:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 27 Aug 2024 22:34:47 GMT

Redirect headers

date
Sun, 03 Sep 2023 09:15:50 GMT
x-content-type-options
nosniff
server
cafe
age
61293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/9832126723343678101
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 03 Oct 2023 09:15:50 GMT
setuid
prebid-server.rubiconproject.com/ Frame 3219 		0
792 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=openx&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=c5340d26-f955-037b-24c2-a96fc1e0ed0d
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
receive
pixel.tapad.com/idsync/ex/ Frame 3219 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=fa94f115-1bcd-0d15-05af-f1ac7337ee8c
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:23 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
sync
ups.analytics.yahoo.com/ups/58294/ Frame 3219 		0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=d22e0160-98a0-0adb-1c69-a870d718dbe9
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:23 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
396846.gif
idsync.rlcdn.com/ Frame 3219
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=a92cfd8f-8d8d-06f2-1037-e98979204e58
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=a92cfd8f-8d8d-06f2-1037-e98979204e58
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=a92cfd8f-8d8d-06f2-1037-e98979204e58
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Mon, 04 Sep 2023 02:17:24 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=a92cfd8f-8d8d-06f2-1037-e98979204e58
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 3219
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=4011881537103642354
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=4011881537103642354
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:23 GMT
an-x-request-uuid
3122d762-47c2-493e-b774-253b5343ef8f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=4011881537103642354
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3219
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7671167391070426394&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7671167391070426394&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7671167391070426394&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 04 Sep 2023 02:17:23 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 3219
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZPU_MQAAAyPauwA4
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZPU_MQAAAyPauwA4
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-mia-kmia1760091-MIA
pragma
no-cache
date
Mon, 04 Sep 2023 02:17:23 GMT
via
1.1 varnish
server
Varnish
x-timer
S1693793844.928024,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZPU_MQAAAyPauwA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
receive
pixel.tapad.com/idsync/ex/ Frame 4136
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec%252C%252C%25257B%252522architecture%252522%25253A%252522%252522%25252C%252522bitness...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7928e066-76a9-463e-af89-7ce88bea635d&ttd_puid=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec%2C%2C%257B%2522architecture%2522%253A%...
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7928e066-76a9-463e-af89-7ce88bea635d&ttd_puid=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec%2C%2C%257B%2522architecture%2522%253A%2522%2522%252C%2522bitness%2522%253A%2522%2522%252C%2522brands%2522%253A%255B%255D%252C%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D
Requested by
Host: pandg.tapad.com
URL: https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fwww.shefinds.com%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22fashion%22%7D
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pandg.tapad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:23 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:23 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7928e066-76a9-463e-af89-7ce88bea635d&ttd_puid=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec%2C%2C%257B%2522architecture%2522%253A%2522%2522%252C%2522bitness%2522%253A%2522%2522%252C%2522brands%2522%253A%255B%255D%252C%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
987
SPug
simage4.pubmatic.com/AdServer/ Frame 8F0F 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:23 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3161&u=https%3A%2F%2Fwww.shefinds.com
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
1e9566328ed695496ddcfab7d78dffb01b62ec2e7fe0b2f09d95e8301ce698a1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:09:58 GMT
via
1.1 f07e3fd03d3423bceb1c6083ab62cf8a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
age
444
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2336
x-amz-cf-id
1-PtP1BBsO3vW2v2dp1qUKqwjmtSmPwR-R1tX8uOwvMOnhpeTBGBjA==
bid
aax.amazon-adsystem.com/e/dtb/ 		125 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3161&u=https%3A%2F%2Fwww.shefinds.com%2F&pid=uU4M6mWo7ciM9&cb=1&ws=1600x1200&v=23.821.1806&t=2000&slots=%5B%7B%22id%22%3A%22outstreamVideoFloat%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&cfgv=1&schain=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*M9P78xF7zartpS38R_iQqtcv4ZpVZ1lPz8J6Zp8nosZfVchjY0UR50Tol2ll1SFPX1aKdltd9DVout0-zBSBcg%22%2C%22pubcommon%22%3A%22abecd2ef-c404-4a57-873d-a954abd40420%22%2C%22audigent%22%3A%22060kihgfc676faj6hbef6ekceadlebk8k98yusqoj021oew0sgmo0myimek0mgy4y%22%7D%7D
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.107.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-107-227.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
53603111043eb286e63049466c4076ec0e97db73e9c8895accb8cb801a3658dc
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 c7f059cae2da7d584bee2041395eabe8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P6
x-amz-rid
8DT5GC9YR1MPW4S2M5JZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
125
x-amz-cf-id
joPnbpBUSGpTo43VAVOuHFpbfhzlCk8_IM98CSB93mwRsjwFPWkjvQ==
shopping
encrypted-tbn1.gstatic.com/ Frame 30F8 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRKjApOHqT4WaRfUWTWrw9SIbx1Nr_aGp6h-vC68P9c0QhgubLh9lO6RSiP3w&usqp=CAI
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::8b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9677bd3bf16130b10555776143faa7ced51a52370ead1dc179fe2d125ee0ae7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 22:34:48 GMT
x-content-type-options
nosniff
age
531756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21878
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 06:18:22 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 27 Aug 2024 22:34:48 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 30F8 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTVnmNax94ZdMhzFdm5uAsY8Fp6NKT1TMYtOq-Puv25OypelsPqfIrC8LgAqA&usqp=CAI
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b3660ad66d99dcff9a626891996aec896c54096d9f832e0878f668c4bd8652d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 12:45:54 GMT
x-content-type-options
nosniff
age
307890
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15732
x-xss-protection
0
last-modified
Sun, 19 Mar 2023 06:21:21 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 30 Aug 2024 12:45:54 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 30F8 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQ7hsa34ZVVloxiFSZbxuXlWT3nwse9eppU7Y3892KL9NNuRlgphETHBkxLKs4&usqp=CAI
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
637d253670396e8966c62d920d4a132977cd8489bd8d3e5d40caa5ecc0cb74f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 02:47:27 GMT
x-content-type-options
nosniff
age
84597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14334
x-xss-protection
0
last-modified
Sun, 28 Jan 2024 05:08:07 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 02 Sep 2024 02:47:27 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 30F8 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT4p7IcXo8SfcSgFpPht4Rs8Z_JDcZWzKtYRKez30uucLKmY4k56lCGvk1mQw&usqp=CAI
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bc226502ad17965f57283cace7265a669be5cad17a486638237cc306bcc4df8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 16:09:53 GMT
x-content-type-options
nosniff
age
468451
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16963
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 03:30:55 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 28 Aug 2024 16:09:53 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 30F8 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTGPMFrg43qN1-wlJGIHUr2E20uNj6ge48m6CpZsIyzXqVhyfiJ3ZVH89wjGg&usqp=CAI
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7aae7be072b60f210ff53423bea6b2fae228ae46175db10a300a0aaedebfbe22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 16:01:12 GMT
x-content-type-options
nosniff
age
36972
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15595
x-xss-protection
0
last-modified
Sat, 01 Apr 2023 07:53:13 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 02 Sep 2024 16:01:12 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 30F8 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR2O_ZnTMxIyV3vJoBS-ZIG4_4OQsEw69uKw3aKpg2EjRWVaajmgXEVSCA_bV0&usqp=CAI
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70e05872774adbde4975fd25997fa6b82148efeec66b64c16e266f616f529233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:01:21 GMT
x-content-type-options
nosniff
age
40563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22901
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 01:08:36 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 02 Sep 2024 15:01:21 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 30F8 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQULexFGEIeZNPWEQx5FQJ_tIGdpNT0dxRmapU5VNJpwPiZ01PzPfCqWQqOMg&usqp=CAI
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
017e23cd30cf3318b71b12a335816c4a8b0c1e189e1496d014f579d9c0c158ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 21:19:47 GMT
x-content-type-options
nosniff
age
190657
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17486
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 06:27:04 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 31 Aug 2024 21:19:47 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 30F8 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTQcSxEicoGCQMX5HoCHmmFUwhlXUNh0MsZ1dpLhc_FH88Qkj0l9LAhnmAUoQ&usqp=CAI
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7815956f16d7e968096f1ecbe61ee7c97147e8c5538fad6d99224bb8a6980c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 09:45:14 GMT
x-content-type-options
nosniff
age
59530
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40294
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 04:46:36 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 02 Sep 2024 09:45:14 GMT
9832126723343678101
tpc.googlesyndication.com/simgad/ Frame 30F8
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODq98TLzAEQsAkYsAkyCL7QyPRNNYKU
  • https://tpc.googlesyndication.com/simgad/9832126723343678101
77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9832126723343678101
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 22:34:47 GMT
x-content-type-options
nosniff
age
531757
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79088
x-xss-protection
0
last-modified
Mon, 10 Apr 2023 14:51:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 27 Aug 2024 22:34:47 GMT

Redirect headers

date
Sun, 03 Sep 2023 09:15:50 GMT
x-content-type-options
nosniff
server
cafe
age
61293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/9832126723343678101
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 03 Oct 2023 09:15:50 GMT
truncated
/ Frame 30F8 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cfd377a43ad961ed4d4d605e0e660d5062aced99a2d1d869020ae158502b8cd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame A8E0 		143 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
2831
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 01:30:13 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame DAF4 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62e9db908f55d3b2fcb85b18200762e7257c6b62ddee7d317fe5f4f0e80e1b8c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 30F8 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 21:08:57 GMT
x-content-type-options
nosniff
age
104907
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 21:08:57 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 30F8 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 11:09:21 GMT
x-content-type-options
nosniff
age
140883
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 11:09:21 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-28.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 11:35:10 GMT
content-encoding
gzip
via
1.1 c7947fe0c635bc68b2cbc2a30738872c.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:15 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
52934
x-amz-server-side-encryption
AES256
etag
W/"560498a44e7d42477433425cdafd6a16"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
se2V4NsoOVM86ciRc_V2kZyJSpdxosRuAAtG1V9SmlFm3F3mc248iw==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.shefinds.com%2F&ref=&_it=amazon&partner_id=458
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:23 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 22 May 2023 16:51:11 GMT
server
cloudflare
x-amz-request-id
CYR3MH29WZT1YS7G
age
556
etag
W/"82b3b53182a6a8dbe6684806275e839a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
8012bc64bd98288a-MIA
x-amz-id-2
pr+Q8VZpaGu8DMcuENZeqcR0lrPEBfaCAARteKZNkCZ9cp1Mx8GlJmbnFEfNaQF40cm7aA9jb9o=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		118 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d68e1b3634db2da8c394ef1754ae0bb9e0fe14e550643e0b913464ce66ba6ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 21 Aug 2023 10:48:56 GMT
server
cloudflare
x-amz-request-id
1D0GD6VQX3NVXQ48
age
190
etag
W/"7799d2904b6b2427a4713f4da8b71602"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8012bc64bdd86da7-MIA
x-amz-id-2
EqOrwWwydSqoW8uBvrxa6+GQ/qFfb9wQmiQ3ivXnYYuSGUdse2WLBfX96KrCu3Re+To946FSa2I5006tqFa2Ng==
optoutstatus.html
ads.shemedia.com/static/ Frame 6111 		748 B
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.shemedia.com/static/optoutstatus.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
79fd83bcdd3db7cac0a11b39c2878c0aaadbe136cffccc39c99793ee6a428675

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
age
1021
cache-control
max-age=14400, stale-while-revalidate=3600
content-encoding
br
content-type
text/html
date
Mon, 04 Sep 2023 02:17:23 GMT
etag
W/"d3adb9510fa96393f723a02c4cb16432"
last-modified
Fri, 01 Sep 2023 00:04:31 GMT
vary
accept-encoding
via
1.1 varnish
x-amz-id-2
mbYDVR5J3Mg4JZ2ORVj00FtGdAhbNEo1efuqk46Nv0BRINPXQQC8/WmTUO1HIrZwO4+uUXqsw1k=
x-amz-request-id
924FXCPFQ92D9CXG
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
122
x-served-by
cache-mia-kmia1760037-MIA
x-timer
S1693793844.963813,VS0,VE0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 349D 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:246c:d800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 03:25:40 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 bde769d41da514ce261f05fde0f91e2c.cloudfront.net (CloudFront)
x-amz-cf-pop
PIT50-P1
age
3019905
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
HuaBNfOrXpbFWr1-nuRI5gBRxZyYYSsl3ucbbEIotqNSGBxiHh_CXw==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=930203&campId=728x90&pubId=15403870&chanId=223928350&placementId=5064405287&pubCreative=138308429211&pubOrder=2543335655&cb=1562974638&adsafe_par&impId=2cf79976-4ac9-11ee-bef5-0ac9557753d3&custom2=frame2&custom3=s1&adsafe_url=https%3A%2F%2Fwww.shefinds.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:c1729f21-84ed-3d2f-45d9-458ec7b0763f,c:nawPN7,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-67bdfc9f5d-p2vkb,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:436.1101.728.90,am:i,cc:436.1101.728.90,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:572,mot:0,app:0,maw:0,fm:tOQOlQr+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18111%7C18112%7C18113%7C18114%7C18115%7C18116%7C18117%7C18118%7C1812%7C18131%7C18132%7C1814%7C1815%7C1816%7C1817%7C1818%7C181911%7C18192%7C181a1%7C181a2%7C181b%7C181c%7C181d%7C181e%7C181f%7C181g%7C181h1%7C181h2%7C181i%7C19%7C1a%7C1b1%7C1c*.930203%7C1c1%7C1c2%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:699,oid:2eb1099b-4ac9-11ee-bfcf-6265b8009a06,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.46.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-46-70.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
server
nginx
x-server-name
app04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
183734-166492037162020.js
js-sec.indexww.com/ht/p/ Frame 4FCA 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/183734-166492037162020.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93333b694a5fd2636ee7cef4db9507f215b598af30400008adcf36a348e76d31

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Sep 2023 02:10:16 GMT
server
cloudflare
age
289
etag
W/"9022fc-9fd2-6047f02ed659c"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
8012bc65bd32336d-MIA
expires
Mon, 04 Sep 2023 06:17:24 GMT
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=c1729f21-84ed-3d2f-45d9-458ec7b0763f&tv=%7Bc:nawPNz,pingTime:0,time:726,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:698%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:726,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:698,wc:0.0.1600.1200,ac:436.1101.728.90,am:i,cc:436.1101.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B151~100%5D,as:%5B151~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tOQOlQr+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18111%7C18112%7C18113%7C18114%7C18115%7C18116%7C18117%7C18118%7C1812%7C18131%7C18132%7C1814%7C1815%7C1816%7C1817%7C1818%7C181911%7C18192%7C181a1%7C181a2%7C181b%7C181c%7C181d%7C181e%7C181f%7C181g%7C181h1%7C181h2%7C181i%7C19%7C1a%7C1b1%7C1c*.930203%7C1c1%7C1c2%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:1c*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:699%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dd1:ab44:ba2a:c71f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=c1729f21-84ed-3d2f-45d9-458ec7b0763f&tv=%7Bc:nawPO6,pingTime:-2,time:759,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:799,beZ:800,mfA:1371,cmA:1372,inA:1372,inZ:1377,prA:1377,prZ:1490,si:1497,poA:1498,poZ:1515,cmZ:1515,mfZ:1515,loA:1539,loZ:1544,ltA:1557,ltZ:1557,mdA:801,mdZ:1075%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:698%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:759,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:698,wc:0.0.1600.1200,ac:436.1101.728.90,am:i,cc:436.1101.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B184~100%5D,as:%5B184~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tOQOlQr+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18111%7C18112%7C18113%7C18114%7C18115%7C18116%7C18117%7C18118%7C1812%7C18131%7C18132%7C1814%7C1815%7C1816%7C1817%7C1818%7C181911%7C18192%7C181a1%7C181a2%7C181b%7C181c%7C181d%7C181e%7C181f%7C181g%7C181h1%7C181h2%7C181i%7C19%7C1a%7C1b1%7C1c*.930203%7C1c1%7C1c2%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:1c*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:699,slid:%5Bgoogle_ads_iframe_/83521017293/a.shefinds/fashion_1,google_ads_iframe_/83521017293/a.shefinds/fashion_1__container__,skm-ad-frame2,pmc-atlasmg-adhesion-bar%5D,sinceFw:59,readyFired:true%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dd1:ab44:ba2a:c71f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
auction
prebid-server.rubiconproject.com/openrtb2/ 		219 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
1364d43be2c234b3d47b6ecd9841d4ff6a4fec384cad821b51c27c7c559cf566

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.127.0
Content-Type
application/json
access-control-allow-origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
194
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
an-x-request-uuid
d6a08597-41d7-4ffd-9714-4ca94ad29f8d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=505861
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f84636fe8d38422e6828e8904c784ea4e60fd000c47c61be751f47b20953541d

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfCG02BAASQkHT4gSPVl9lJdmJFwFi36dWQOAUAM2mElGeojyfHPiu5qAifkEH3ooPN98Orx6Ej%2FJKXnyS8jgUFnCAvIbHkLKgFmOGY4RGcE%2F%2BIhzOi6V%2BylEfGQrl9cz%2B5wPitS"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8012bc661eead9e9-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
1f4bc16f8f64c06ea93f8385b1c521c2f5d776749dc5e142f6c53b1d1a78535e

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.127.0
Content-Type
application/json
access-control-allow-origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
shemedia
direct.adsrvr.org/bid/bidder/ 		0
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/shemedia
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:17:23 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
bid
krk.kargo.com/api/v2/ 		2 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22abb126d9-18b0-4371-9481-b65a37988dcd%22%2C%22requestCount%22%3A1%2C%22timeout%22%3A1500%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1693793844158%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22954cb3849438be2%22%3A%22_kskn7ErFY3%22%7D%2C%22bidSizes%22%3A%7B%22954cb3849438be2%22%3A%5B%5B1600%2C900%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22sua%22%3A%7B%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%7D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_kskn7ErFY3%22%7D%2C%22auctionId%22%3A%2274bcf981-8b59-49ac-89fe-b49945f06179%22%2C%22floorData%22%3A%7B%22skipped%22%3Afalse%2C%22skipRate%22%3A0%2C%22location%22%3A%22setConfig%22%7D%2C%22userId%22%3A%7B%22tdid%22%3A%227928e066-76a9-463e-af89-7ce88bea635d%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227928e066-76a9-463e-af89-7ce88bea635d%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22player_type%22%3A%22floatDesktop%22%2C%22autoplay%22%3A%22true%22%2C%22closable_player%22%3A%22y%22%2C%22inview%22%3A%22true%22%2C%22player_height%22%3A900%2C%22player_width%22%3A1600%2C%22st%22%3A%22video%22%2C%22loc%22%3A%22outstr%22%2C%22inst%22%3A%22-%22%2C%22us_privacy%22%3A%221---%22%2C%22consent_required%22%3A%220%22%2C%22vertical%22%3A%5B%22undefined%22%5D%2C%22vertical1%22%3A%5B%22undefined%22%5D%2C%22pbadslot%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Fundefined%2Fvideo-outstream%2Fprebid-video%22%7D%2C%22gpid%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Fundefined%2Fvideo-outstream%2Fprebid-video%22%2C%22tid%22%3A%226f09f5b8-71b0-4841-9fed-f80e9b951044%22%7D%7D%2C%22renderer%22%3A%7B%22url%22%3A%22_%22%7D%2C%22mediaTypes%22%3A%7B%22video%22%3A%7B%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22maxduration%22%3A120%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2F3gpp%22%2C%22video%2Fx-m4v%22%2C%22video%2Fogg%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A5%2C%22placement%22%3A5%2C%22plcmt%22%3A4%2C%22playbackmethod%22%3A%5B2%2C3%2C6%5D%2C%22context%22%3A%22outstream%22%2C%22playerSize%22%3A%5B%5B1600%2C900%5D%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22skip%22%3A1%2C%22skipafter%22%3A5%7D%7D%2C%22adUnitCode%22%3A%22prebid-video%22%2C%22transactionId%22%3A%226f09f5b8-71b0-4841-9fed-f80e9b951044%22%2C%22sizes%22%3A%5B%5B1600%2C900%5D%5D%2C%22bidId%22%3A%22954cb3849438be2%22%2C%22bidderRequestId%22%3A%22945ae9108c4f76b%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0.10000002384185791%2C0%2C0%5D%2C%22userId.mod.init%22%3A%5B0.19999998807907104%2C0.2999999523162842%2C0%2C0.19999998807907104%2C0%2C0.09999996423721313%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.19999998807907104%2C0%2C0%5D%2C%22userId.mods.identityLink.init%22%3A%5B0.2999999523162842%2C0.19999998807907104%2C0.09999996423721313%5D%2C%22userId.init.modules%22%3A%5B2.399999976158142%2C0.9000000357627869%2C0.8999999761581421%5D%2C%22userId.total%22%3A%5B1197.199999988079%2C75.30000001192093%5D%2C%22userId.mod.callback%22%3A%5B76.10000002384186%5D%2C%22userId.mods.identityLink.callback%22%3A%5B76.10000002384186%5D%2C%22userId.callbacks.total%22%3A%5B76.19999998807907%5D%2C%22userId.callbacks.pending%22%3A%5B3850.099999964237%5D%2C%22requestBids.usp%22%3A0.09999996423721313%2C%22requestBids.priceFloors%22%3A0.10000002384185791%2C%22requestBids.userId%22%3A0.20000004768371582%2C%22requestBids.rtd%22%3A10%2C%22requestBids.validate%22%3A0.19999998807907104%2C%22requestBids.makeRequests%22%3A2.200000047683716%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.shefinds.com%2F%22%2C%22domain%22%3A%22shefinds.com%22%2C%22keywords%22%3A%22beauty%2Ccontests%2Ccoupons%2Cdeals%2Cfashion%2Cgiveaways%2Cnails%2Csales%2Cshopping%2Cweddings%22%2C%22publisher%22%3A%7B%22domain%22%3A%22shefinds.com%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22pvuuid%22%3A%5B%22f7b45e1c-6f9f-4680-aa2b-17488febc95b%22%5D%2C%22addir%22%3A%5B%22bh%2F41%2F412%2F412983%2F2498530%22%5D%2C%22site%22%3A%5B%22shefinds%22%5D%2C%22domain%22%3A%5B%22shefinds.com%22%5D%2C%22urlhash%22%3A%5B%22177546%22%5D%2C%22ci%22%3A%5B%22front%22%5D%2C%22plat%22%3A%5B%22desk%22%5D%2C%22pt%22%3A%5B%22-%22%5D%2C%22schainv10%22%3A%5B%221.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C%22%5D%2C%22browser%22%3A%5B%22Chrome%22%5D%2C%22pageview%22%3A%5B%221%22%5D%2C%22admants%22%3A%5B%22S_11586%22%2C%22S_12972%22%2C%22S_12973%22%2C%22S_4282%22%2C%22S_4283%22%2C%22S_4289%22%2C%22S_4305%22%2C%22S_4307%22%2C%22S_4700%22%2C%22S_6554%22%2C%22S_6555%22%2C%22S_6651%22%2C%22S_6655%22%2C%22S_7003%22%2C%22S_7075%22%2C%22S_8275%22%5D%2C%22adt%22%3A%5B%22veryLow%22%5D%2C%22alc%22%3A%5B%22veryLow%22%5D%2C%22dlm%22%3A%5B%22veryLow%22%5D%2C%22drg%22%3A%5B%22veryLow%22%5D%2C%22hat%22%3A%5B%22veryLow%22%5D%2C%22off%22%3A%5B%22veryLow%22%5D%2C%22vio%22%3A%5B%22veryLow%22%5D%2C%22ias-kw%22%3A%5B%22IAS_3005184_PG%22%2C%22IAS_3005161_PG%22%2C%22IAS_3005111_PG%22%2C%22IAS_3008366_PG%22%2C%22IAS_3007987_PG%22%2C%22IAS_3005069_PG%22%2C%22IAS_3006637_PG%22%2C%22IAS_3005151_PG%22%2C%22IAS_3005175_PG%22%2C%22IAS_3008596_PG%22%2C%22IAS_3005146_PG%22%2C%22IAS_1508023_PG%22%5D%2C%22fr%22%3A%5B%22true%22%5D%2C%22videocodecgroup%22%3A%5B%22all%22%5D%7D%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22permutive%22%3A%5B%2221967%22%2C%2232638%22%2C%2232745%22%2C%2233093%22%2C%2233097%22%2C%2233495%22%2C%2233515%22%2C%2234895%22%2C%2235238%22%2C%2238317%22%2C%2238334%22%2C%2260188%22%2C%2260189%22%2C%2261650%22%2C%2261680%22%2C%2261710%22%2C%2264902%22%2C%2272125%22%2C%2273308%22%2C%2273711%22%2C%2287946%22%2C%2288067%22%2C%2295993%22%2C%2299938%22%2C%22101194%22%2C%22105086%22%2C%22106672%22%2C%22107679%22%2C%22116913%22%2C%22116916%22%2C%22124918%22%2C%22128770%22%2C%22128795%22%2C%22132398%22%2C%22137974%22%2C%22144198%22%2C%22149161%22%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.140%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pmc.com%22%2C%22sid%22%3A%221179161%22%2C%22hp%22%3A1%7D%5D%7D%7D%5D%2C%22prebidVersion%22%3A%227.40.0%22%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%2C%22tdID%22%3A%227928e066-76a9-463e-af89-7ce88bea635d%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.shefinds.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.112.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-112-232.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:24 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Nbr
505
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
c
prebid.a-mo.net/a/ 		1001 B
638 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
5657ab9658059b2a3bded3c90eadb90ccf67bb4ce09965cd45114d6301a76543

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:17:23 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
58
content-length
486
si
googleads.g.doubleclick.net/pagead/drt/ Frame A8E0
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
307 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
URL: https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:17:24 GMT
expires
Mon, 04 Sep 2023 02:17:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:17:24 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
headerstats
as-sec.casalemedia.com/ Frame 4FCA 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 4FCA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstsNGvkHwX5hmU-xkgFUm6EiYYIV-jsuXgSzwlHfiNx2DgvVn39iSHh9UQYCHO3XlUpAy14bJ7r0rH9_Ac5CqPPiVQOKdu0TcWEjWoBisKjNMZ3L3NWwvS3rUcJf-7Kvo-oUYFs3gc_m8xLpYzAaKVslzghjVJ5c6woDr_kPu6jm9jOZaT2H6j9drWmx3ef2_6gZkBEv2b-tDyPp1Y1DEf-XV0Si65Q3aPzpuITc0U4Mn-4Qj2FneSco_5hTXW46FeaiXIzRGIFjes-HSIMQxxvBOxMH8fM4XFhQ-UFKTY1niH7jBbX8p-Lk8Y4eDr5GEHMk3_hSSL2&sai=AMfl-YSbhtucBJSz0v3sy9eshxIkjYnH23CqiwCxLj4ltov0moxP-jnFAmr91YM5zC8AvGJ9my0GdPwqq-DfHXuS-g7EqgO-l4b_dcUWCE1-ZWXv3772aeSoQk5EsBAnMdweajGzYcQy5wweV4yiWFTZRePTXp-dxSXzDfondgmE3Wfi&sig=Cg0ArKJSzEChDbXSErcjEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Sep 2023 02:17:24 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CM-1zMT71ZOjQB9DtzwWRrbeIBufu7tlynqfppqYRue7wyKoBEAEggMz4HmDJhoCA3KPEEKABocCY8SjIAQngAgCoAwHIA8sEqgT3AU_QlUB74lYTEMV_APu0u8zW72W40bzIwciDV9RK4WRwSAbT7eCJnHEtaCFsmtzmcfMxMls_tVhyujDdnuUa3mj59W32EiedvEDizeFJAUvLiXL1MRBT-feRjzTOTqUdgvZsVunbl2PJNr9NYQy5goPGCKXWZOOSHmFogF2oTpiBdtJv9wEYut1OqvRWbjWvXFAFro2K7jL5ri2eyy51nWDZFsyURXzwU2xWPihNcKy7CRoJN9q_8qABU7mo201WO1CQbEWQ_0F4uj5Zl1LmAjdOeYqyRBY5vHIKqnhF3l8EeoEpVmNpljL2kbTBW1HxDlRubAs-0bTABK3y3OGuBOAEAYgFptuOikuSBQQIBBgBkgUECAUYBKAGLoAHjvC4ngSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQjoAm0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTM1MTIwMDI5Nzg2NjIyNzOaCf4BaHR0cHM6Ly93d3cudGVtdS5jb20va3VpcGVyL3VuMS5odG1sP3N1Ymo9ZmVlZC11biZfYmdfZnM9MSZfcF9tYXQxX3R5cGU9MSZfcF9qdW1wX2lkPTcyNSZfeF92c3Rfc2NlbmU9YWRnJmxvY2FsZV9vdmVycmlkZT0yMTF-ZW5-VVNEJmdvb2RzX2lkPTYwMTA5OTUxNTg3NTI4NiZfcF9yZnM9MSZfeF9hZHNfc3ViX2NoYW5uZWw9b3RoZXImX3hfYWRzX2NoYW5uZWw9Z29vZ2xlJl94X2JnX2FkaWQ9Z2QzMjY5MTMtMSZ0b3BpY19jbGFzc2lmeT0xMjCACgPICwHaDBEKCxDAp9vyndHziswBEgIBA9gTDNAVAYAXAbIXHgocCAASFHB1Yi05NDg5NjIxNzU1NjA1MzQ4GL7DEg&sigh=NbeH0_FG1dU&uach_m=[UACH]&ase=2&cid=CAQSXgBpAlJWHLdkgd4HpCQ4CatwUr1uXqGj84qxebsFFVR-3PdjH44hlqWu3jHUonlQd6X2P2a_TnLiN21ngUr0sIHF9n4WKh2bHGMZ8zXgM4GfaXsywgJQlVC0X20nYG0YAQ&template_id=494&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:17:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 30F8
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CM-1zMT71ZOjQB9DtzwWRrbeIBufu7tlynqfppqYRue7wyKoBEAEggMz4HmDJhoCA3KPEEKABocCY8SjIAQngAgCoAwHIA8sEqgT3AU_QlUB74lYTEMV_APu0u8zW72W40bzIwciDV9RK...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc2efdb6aeda07fb0000000000000000%22,%222%22:%220xa278e52a2e87ce040000000000000000%22,%223%22:%220xc2fe126...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc2efdb6aeda07fb0000000000000000%22,%222%22:%220xa278e52a2e87ce040000000000000000%22,%223%22:%220xc2fe126f530a7ebe0000000000000000%22,%224%22:%220x4912f5c659c5fbed0000000000000000%22,%225%22:%220xf3133837edf98f40000000000000000%22},%22debug_key%22:%2212298511281680659660%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2209-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215981831421006668529%22}&andc=true
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xc2efdb6aeda07fb0000000000000000","2":"0xa278e52a2e87ce040000000000000000","3":"0xc2fe126f530a7ebe0000000000000000","4":"0x4912f5c659c5fbed0000000000000000","5":"0xf3133837edf98f40000000000000000"},"debug_key":"12298511281680659660","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["09-04"],"6":["true"]},"priority":"500","source_event_id":"15981831421006668529"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Sep 2023 02:17:24 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 04 Sep 2023 02:17:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc2efdb6aeda07fb0000000000000000","2":"0xa278e52a2e87ce040000000000000000","3":"0xc2fe126f530a7ebe0000000000000000","4":"0x4912f5c659c5fbed0000000000000000","5":"0xf3133837edf98f40000000000000000"},"debug_key":"12298511281680659660","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["09-04"],"6":["true"]},"priority":"500","source_event_id":"15981831421006668529"}&andc=true
access-control-allow-origin
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cookie_sync
prebid-server.rubiconproject.com/ Frame 4FCA 		3 KB
903 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/cookie_sync
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
f7addfd87b1d5a526dafe6a4dc5030b68fde7c154ce070d3e6decc7a74c61215

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json
access-control-allow-origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
630
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 4FCA 		218 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
73f9ef3e9080ff8604eb6ea5c772fb0e0a852870c26237ec820fba97fe222a6b

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.127.0
Content-Type
application/json
access-control-allow-origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
193
Expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame 4FCA 		36 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=473696
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
338b5c4c1b11fe592414842a27604a9f395a0dd5a11e355df715aa63fc39a6c6

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5A4v4sgQUALoANYZm%2BIk%2FftP795%2FzfYagaBrFil1Hkc9O1LNzMSGj%2BthuhVWn69DhFb2B7%2BrmxLdLKZ%2BU5fNthbb3lDnjE4dSTY8JQQnVl8rK6%2BXrFQKULa5gQKmtXSw1kWTSQin"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8012bc66b8c0d9c9-MIA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4FCA 		809 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10278&site_id=84040&zone_id=587220&size_id=2&rp_schain=1.0,1!pmc.com,1179161,1,,,&tpid_tdid=7928e066-76a9-463e-af89-7ce88bea635d&eid_adserver.org=7928e066-76a9-463e-af89-7ce88bea635d&rf=https%3A%2F%2Fwww.shefinds.com%2F&kw=beauty%2Ccontests%2Ccoupons%2Cdeals%2Cfashion%2Cgiveaways%2Cnails%2Csales%2Cshopping%2Cweddings&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2F&tg_i.domain=shefinds.com&tg_i.bidtype=post&tg_i.permutive=21967%2C32638%2C33097%2C34895%2C35238%2C38317%2C38334%2C60188%2C61650%2C61680%2C73711%2C101194%2C106672%2C107679%2C116913%2C116916%2C128770%2C128795%2C149161%2C21967%2C32638%2C32745%2C33093%2C33097%2C33495%2C33515%2C34895%2C35238%2C38317%2C38334%2C60188%2C60189%2C61650%2C61680%2C61710%2C64902%2C72125%2C73308%2C73711%2C87946%2C88067%2C95993%2C99938%2C101194%2C105086%2C106672%2C107679%2C116913%2C116916%2C124918%2C128770%2C128795%2C132398%2C137974%2C144198%2C149161&tg_i.vertical=fashion&tg_i.vertical1=fashion&tg_i.pbadslot=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fframe2%2Fskm-ad-frame2&tk_flint=pbjs_lite_v7.40.0&x_source.tid=99dc7055-c951-4c38-bdb8-5dc68b6126f2&l_pb_bid_id=6364c9930dfa6e&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fframe2%2Fskm-ad-frame2&slots=1&rand=0.6434635399870388
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
216cc48cb3d89f1595a155e98553a666247286de5ada97e7c41abd0c9365abb9

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
809
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 4FCA 		24 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.40.0
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
7d829d2d844dc38695405989060d5cd8860790f0d8dce4086d7bed317cd2f3b2

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 04 Sep 2023 02:17:24 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
ib.adnxs.com/ut/v3/ Frame 4FCA 		19 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
an-x-request-uuid
39c2aec4-2ec4-47e9-b9ff-b8d31e5a595d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
pagead2.googlesyndication.com/bg/ Frame 7C0E 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 19:45:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
23487
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14803
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 02 Sep 2024 19:45:57 GMT
sync
eb2.3lift.com/ Frame 90AC 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
55cf937d853c81c76530517d51f43d473429c9b6fdc5b167cb0e0d978ab519a3

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1287
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:17:24 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2460 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
70925
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:17:24 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 12 Aug 2023 06:34:33 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
993, 187400
X-Served-By
cache-lga13626-LGA, cache-mia-kmia1760072-MIA
X-Timer
S1693793844.349707,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 607E 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
24
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8012bc66ce92336d-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:17:24 GMT
expires
Mon, 04 Sep 2023 06:17:24 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
pre.ads.justpremium.com/v/1.0/t/ Frame 7975 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/1.0/t/sync?_c=abr5b581693793840611&usPrivacy=1---
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.217.4.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-217-4-96.compute-1.amazonaws.com
Software
/
Resource Hash
90abdccf7edd3fc5c6ca012e94b188de62c1282c19d1c12d594acf64a8351f9b

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
public, no-cache, no-store, must-revalidate
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:17:24 GMT
usersync.html
cdn.undertone.com/js/ Frame 0064 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?ccpa=1---
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:ee00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
68112
content-encoding
gzip
content-type
text/html
date
Sun, 03 Sep 2023 07:22:13 GMT
etag
W/"9f69f355a69e650f4a86354e76e60d40"
last-modified
Tue, 18 Jul 2023 10:31:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
x-amz-cf-id
oCtFof_KDiKnaaRVDf-qE1tu2AFtSLSRwn6rg6c9TiwOMUE4RV_Bfg==
x-amz-cf-pop
JFK50-P6
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
5cDzvCPt5iTw_HTWM8q.kHMVnUk7Smec
x-cache
Hit from cloudfront
isyn
prebid.a-mo.net/ Frame 3275 		959 B
501 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=_e%3DCrcBShB3d3cuc2hlZmluZHMuY29tUgthYXMtNWI4NDI0NVoIcGJhMS4zLjJqEHd3dy5zaGVmaW5kcy5jb236AQY3LjQwLjDoAgGIA7D81KcGqANA6gMkZjNlY2U4NDYtMDdhZC00ZTA1LThkMjctZDAyOTUzMWJkNGY1qgQDRENIsgUDVVNE0gUEMTEyNtgFAeAFAeoFB2Rlc2t0b3D6BQRkYzEzqgcDd2ViygcMc2hlZmluZHMuY29t
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
0df0c4ef7a90513c1de5be1efb1d1a23f42dca9e9491fd9944f6f92710634976

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
438
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:17:23 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
cs.html
cs.seedtag.com/ Frame D2E3 		51 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.111.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92627de3f8247ba3779c04c97da834843cd2ce0f9b8bcbc90d5de669286c1812

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
530
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=86400
cf-cache-status
HIT
cf-ray
8012bc673b6831e0-MIA
content-encoding
br
content-type
text/html
date
Mon, 04 Sep 2023 02:17:24 GMT
etag
W/"2ff9eb522fbbcad21bb6774305a2a0c2"
expires
Tue, 05 Sep 2023 02:17:24 GMT
last-modified
Mon, 17 Jul 2023 13:43:40 GMT
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1689601420843860
x-goog-hash
crc32c=DckRUw== md5=L/nrUi+7ytIbtndDBaKgwg==
x-goog-metageneration
2
x-goog-storage-class
REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
15461
x-guploader-uploadid
ADPycdsTp4pmidkzImKuDETC4gFvwJ-UKWrsPr1uBu69-BZrC-Amx8GLW66JD38jTQVna32sb5F-4ItHB8o_X9YpPjrdQ5Vyiehh
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0038 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
70925
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:17:24 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 12 Aug 2023 06:34:33 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
993, 186103
X-Served-By
cache-lga13626-LGA, cache-mia-kmia1760058-MIA
X-Timer
S1693793844.360579,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame A00C 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:17:24 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 4F99 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
24
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8012bc66deae336d-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:17:24 GMT
expires
Mon, 04 Sep 2023 06:17:24 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
ibs:dpid=903&dpuuid=7928e066-76a9-463e-af89-7ce88bea635d
dpm.demdex.net/
Redirect Chain
  • https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=0&gdpr_consent=undefined&ust=image
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=7928e066-76a9-463e-af89-7ce88bea635d&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=7928e066-76a9-463e-af89-7ce88bea635d
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=7928e066-76a9-463e-af89-7ce88bea635d
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Server
52.5.117.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-117-77.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-0de7e7de3.edge-va6.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
iz4ou7pIQcs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=7928e066-76a9-463e-af89-7ce88bea635d
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
189
155.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_db626397-f440-4bdf-8b4a-d5a003334797&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AAEzzU7J6nwAACbk4ScR2w&id5AccountNum=155&numCascadesAllowed=9
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/155.gif?puid=AAEzzU7J6nwAACbk4ScR2w&id5AccountNum=155&numCascadesAllowed=9
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding
chunked
content-type
text/html;charset=utf-8

Redirect headers

location
https://id5-sync.com/k/155.gif?puid=AAEzzU7J6nwAACbk4ScR2w&id5AccountNum=155&numCascadesAllowed=9
Date
Mon, 04 Sep 2023 02:17:24 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
10.gif
id5-sync.com/c/441/1242/0/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_ba28544a-ba89-4c0f-880d-1f5015d18911&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/441/108/8/2.gif?puid=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/7/3.gif?puid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=85&3pid=AAEzzU7J6nwAACbk4ScR2w&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1241%2F6%2F4.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/441/1241/6/4.gif?puid=HQzJeBZHuGCrpGR8Q52pzqdh&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/5/5.gif?puid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F796%2F4%2F6.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/441/796/4/6.gif?puid=ef64a777-f1cd-43a8-a50e-1af8b0183d5c&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=85&3pid=AAEzzU7J6nwAACbk4ScR2w&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1241%2F3%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/441/1241/3/7.gif?puid=HQzJeBZHuGCrpGR8Q52pzqdh&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F203%2F2%2F8.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/441/203/2/8.gif?puid=6b3993bb-7262-427d-8897-2ad913a7b869&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=85&3pid=AAEzzU7J6nwAACbk4ScR2w&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1241%2F1%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/441/1241/1/9.gif?puid=HQzJeBZHuGCrpGR8Q52pzqdh&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=58&3pid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1242%2F0%2F10.gif%3Fpuid%3D%5BSOVRNID%5D...
  • https://id5-sync.com/c/441/1242/0/10.gif?puid=HQzJeBZHuGCrpGR8Q52pzqdh&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/441/1242/0/10.gif?puid=HQzJeBZHuGCrpGR8Q52pzqdh&gdpr=0&gdpr_consent=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 04 Sep 2023 02:17:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:28 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://id5-sync.com/c/441/1242/0/10.gif?puid=HQzJeBZHuGCrpGR8Q52pzqdh&gdpr=0&gdpr_consent=
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F796%2F8%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/441/796/8/2.gif?puid=ef64a777-f1cd-43a8-a50e-1af8b0183d5c&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/7/3.gif?puid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-01ceEplVPO5HtWpEGgg81M15DFaFwdnMIOLwnMU6UA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F6%2F4.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/6/4.gif?puid=d28fcfe5-3705-4821-8ffc-49f439ce1b44&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/5/5.gif?puid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/441/108/4/6.gif?puid=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=7928e066-76a9-463e-af89-7ce88bea635d&ttl=%%TTL%%
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F203%2F2%2F8.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/441/203/2/8.gif?puid=6b3993bb-7262-427d-8897-2ad913a7b869&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=7928e066-76a9-463e-af89-7ce88bea635d&ttl=%%TTL%%
  • https://sync.go.sonobi.com/us.gif?nw=i5td&nuid=7928e066-76a9-463e-af89-7ce88bea635d&gdpr=0&consent=&id5id=ID5-01ceEplVPO5HtWpEGgg81M15DFaFwdnMIOLwnMU6UA
49 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=i5td&nuid=7928e066-76a9-463e-af89-7ce88bea635d&gdpr=0&consent=&id5id=ID5-01ceEplVPO5HtWpEGgg81M15DFaFwdnMIOLwnMU6UA
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-192
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=i5td&nuid=7928e066-76a9-463e-af89-7ce88bea635d&gdpr=0&consent=&id5id=ID5-01ceEplVPO5HtWpEGgg81M15DFaFwdnMIOLwnMU6UA
date
Mon, 04 Sep 2023 02:17:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
9.gif
id5-sync.com/c/1173/796/0/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_0527843c-eb64-4ee8-996b-b7931f16ad27&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=7928e066-76a9-463e-af89-7ce88bea635d&ttl=%%TTL%%
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F796%2F2%2F7.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consen...
  • https://id5-sync.com/c/1173/796/2/7.gif?puid=ef64a777-f1cd-43a8-a50e-1af8b0183d5c&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F203%2F1%2F8.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/1173/203/1/8.gif?puid=6b3993bb-7262-427d-8897-2ad913a7b869&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F796%2F0%2F9.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consen...
  • https://id5-sync.com/c/1173/796/0/9.gif?puid=ef64a777-f1cd-43a8-a50e-1af8b0183d5c&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/1173/796/0/9.gif?puid=ef64a777-f1cd-43a8-a50e-1af8b0183d5c&gdpr=0&gdpr_consent=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 04 Sep 2023 02:17:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/1173/796/0/9.gif?puid=ef64a777-f1cd-43a8-a50e-1af8b0183d5c&gdpr=0&gdpr_consent=
Date
Mon, 04 Sep 2023 02:17:26 GMT
Connection
keep-alive
X-CI-RTID
9d2e35ee-234a-433b-943c-c79b16aac669
Content-Length
133
Content-Type
text/html; charset=utf-8
9.gif
id5-sync.com/c/1173/441/0/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_548f6681-f31c-4651-8513-e46920dfb6f1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=7928e066-76a9-463e-af89-7ce88bea635d&ttl=%%TTL%%
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-01ceEplVPO5HtWpEGgg81M15DFaFwdnMIOLwnMU6UA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F1173%2F124%2F2%2F7.gif%3Fpuid%3...
  • https://id5-sync.com/cq/1173/124/2/7.gif?puid=d28fcfe5-3705-4821-8ffc-49f439ce1b44&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F429%2F1%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/1173/429/1/8.gif?puid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F441%2F0%2F9.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/1173/441/0/9.gif?puid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/1173/441/0/9.gif?puid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=0&gdpr_consent=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 04 Sep 2023 02:17:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/c/1173/441/0/9.gif?puid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:17:26 GMT
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
/
www.googleadservices.com/pagead/ar-adview/ Frame DAF4
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CxTuPMT71ZObQB9DtzwWRrbeIBufu7tlynqfppqYRue7wyKoBEAEggMz4HmDJhoCA3KPEEKABocCY8SjIAQbgAgCoAwHIA8MEqgT0AU_QfRhLY_z80Bw1y5O0UjFMm6t9GjzwJJ3tHR5Y...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc2efdb6aeda07fb0000000000000000%22,%222%22:%220xa278e52a2e87ce040000000000000000%22,%223%22:%220xc2fe126...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc2efdb6aeda07fb0000000000000000%22,%222%22:%220xa278e52a2e87ce040000000000000000%22,%223%22:%220xc2fe126f530a7ebe0000000000000000%22,%224%22:%220x4912f5c659c5fbed0000000000000000%22,%225%22:%220xf3133837edf98f40000000000000000%22},%22debug_key%22:%227456045907539866766%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2209-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210080939116944098913%22}&andc=true
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H3
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xc2efdb6aeda07fb0000000000000000","2":"0xa278e52a2e87ce040000000000000000","3":"0xc2fe126f530a7ebe0000000000000000","4":"0x4912f5c659c5fbed0000000000000000","5":"0xf3133837edf98f40000000000000000"},"debug_key":"7456045907539866766","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["09-04"],"6":["true"]},"priority":"500","source_event_id":"10080939116944098913"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Sep 2023 02:17:24 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 04 Sep 2023 02:17:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc2efdb6aeda07fb0000000000000000","2":"0xa278e52a2e87ce040000000000000000","3":"0xc2fe126f530a7ebe0000000000000000","4":"0x4912f5c659c5fbed0000000000000000","5":"0xf3133837edf98f40000000000000000"},"debug_key":"7456045907539866766","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["09-04"],"6":["true"]},"priority":"500","source_event_id":"10080939116944098913"}&andc=true
access-control-allow-origin
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CxTuPMT71ZObQB9DtzwWRrbeIBufu7tlynqfppqYRue7wyKoBEAEggMz4HmDJhoCA3KPEEKABocCY8SjIAQbgAgCoAwHIA8MEqgT0AU_QfRhLY_z80Bw1y5O0UjFMm6t9GjzwJJ3tHR5YBeZ_LUhqJhR1ttIxyu-tdyMoLucRxeKdz3WOt3kSNN_v9cA97j0OGkyc3OJeJgZqy1QZvX6ahyYKPKRBPLue8we9AJTQlP7y3xVMZWYGuRBsSPeNaJ3WEjAu15eRYDIlwow0fVjbYYxV7JdEp_eD9BtFxYDK0agudXbHxnjph5PPIBrWIP4X_QWLJJOp28k5YI-r2EH4GJM1-560CTHRnjgmSqlXLL7A6GSgZrZ78SNxnJrrzFK2Zzd5KHvGosplFQSvWNfwqHT8EtaryfI7rnigFRy8s9vABK3y3OGuBOAEAYgFptuOikuSBQQIBBgBkgUECAUYBKAGN4AHjvC4ngSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwHyBwQQuvFO0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTM1MTIwMDI5Nzg2NjIyNzOaCf4BaHR0cHM6Ly93d3cudGVtdS5jb20va3VpcGVyL3VuMS5odG1sP3N1Ymo9ZmVlZC11biZfYmdfZnM9MSZfcF9tYXQxX3R5cGU9MSZfcF9qdW1wX2lkPTcyNSZfeF92c3Rfc2NlbmU9YWRnJmxvY2FsZV9vdmVycmlkZT0yMTF-ZW5-VVNEJmdvb2RzX2lkPTYwMTA5OTUxNTg3NTI4NiZfcF9yZnM9MSZfeF9hZHNfc3ViX2NoYW5uZWw9b3RoZXImX3hfYWRzX2NoYW5uZWw9Z29vZ2xlJl94X2JnX2FkaWQ9Z2QzMjY5MTMtMSZ0b3BpY19jbGFzc2lmeT0xMjCACgPICwHaDBEKCxCg5OGJr9OjiIYBEgIBA9gTDNAVAYAXAbIXHgocCAASFHB1Yi05NDg5NjIxNzU1NjA1MzQ4GL7DEg&sigh=kWrlHzAEEjQ&uach_m=[UACH]&ase=2&cid=CAQSXgBpAlJWHLdkgd4HpCQ4CatwUr1uXqGj84qxebsFFVR-3PdjH44hlqWu3jHUonlQd6X2P2a_TnLiN21ngUr0sIHF9n4WKh2bHGMZ8zXgM4GfaXsywgJQlVC0X20nYG0YAQ&template_id=493&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:17:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
outstream-creative.js
ads.blogherads.com/static/ Frame ABCD 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/outstream-creative.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/float-and-scroll-chunk.6fa48da8dfa673bb496a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2185bec7021207aafdae627f04944bdf4da8c35d27a54c0dce4ffad77259083

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
SF70PDGSHCHQXPJJ
age
1020
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
nODQL0pdkY5zadxXJb186pGu9y6IerNnILjPcoorhquSfTvhYO9MuJ4T/FHGx3ZKfgfegVQV92I=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:30 GMT
x-timer
S1693793844.321525,VS0,VE0
etag
W/"062d239a01e8a33fd7731ee6d55541b6"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
25
event
collector.sheknows.com/ 		3 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.95.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-95-230.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
257c1be96ae69f4b01c2c69bdb6d78605f59175819fb007d0bf245bf48444c4a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:24 GMT
access-control-allow-headers
Content-Type
content-length
3
access-control-max-age
86400
access-control-allow-methods
POST
content-type
application/json; charset=UTF-8
event
collector.sheknows.com/ 		3 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.95.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-95-230.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
257c1be96ae69f4b01c2c69bdb6d78605f59175819fb007d0bf245bf48444c4a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:24 GMT
access-control-allow-headers
Content-Type
content-length
3
access-control-max-age
86400
access-control-allow-methods
POST
content-type
application/json; charset=UTF-8
event
collector.sheknows.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.95.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-95-230.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Mon, 04 Sep 2023 02:17:24 GMT
event
collector.sheknows.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.95.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-95-230.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Mon, 04 Sep 2023 02:17:24 GMT
sync
eb2.3lift.com/ Frame E239 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
9d3889e9ff7a755ef2eb6446d73279f2382d2fe6ea2ecb2827cffef9029de170

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1453
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:17:24 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
xuid
eb2.3lift.com/ Frame 90AC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7928e066-76a9-463e-af89-7ce88bea635d&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=7928e066-76a9-463e-af89-7ce88bea635d&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=7928e066-76a9-463e-af89-7ce88bea635d&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame 90AC
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkzNDM0OTIwNTUyMzUyOTgwMjczNg%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 90AC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGJ9ndNU06XGIuOwvzt_ovs&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGJ9ndNU06XGIuOwvzt_ovs&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGJ9ndNU06XGIuOwvzt_ovs&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 90AC
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkzNDM0OTIwNTUyMzUyOTgwMjczNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkzNDM0OTIwNTUyMzUyOTgwMjczNg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkzNDM0OTIwNTUyMzUyOTgwMjczNg%3D%3D
date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 90AC 		0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3934349205523529802736&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: D4214E6642534D5BB8F8D0707602CCD8 Ref B: MIAEDGE2008 Ref C: 2023-09-04T02:17:24Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEfxxsSg4mMpTbpRJO5w==
xuid
eb2.3lift.com/ Frame 90AC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3934349205523529802736&gdpr=0&gdpr_consent=
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=e8def573-4079-4fed-a230-54596150311f
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=e8def573-4079-4fed-a230-54596150311f&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=triplelift&bsw_param=e8def573-4079-4fed-a230-54596150311f
  • https://eb2.3lift.com/xuid?mid=2409&xuid=e8def573-4079-4fed-a230-54596150311f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=e8def573-4079-4fed-a230-54596150311f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=e8def573-4079-4fed-a230-54596150311f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 04 Sep 2023 02:17:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 90AC
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3934349205523529802736?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-oeTwoP5E2oQirhVxJIMp6LtveIKWIs8IMiJStnUJJw--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-oeTwoP5E2oQirhVxJIMp6LtveIKWIs8IMiJStnUJJw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 04 Sep 2023 02:17:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-oeTwoP5E2oQirhVxJIMp6LtveIKWIs8IMiJStnUJJw--~A&dongle=0883
content-length
0
c.gif
c.bing.com/ Frame 90AC 		42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3934349205523529802736&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:23 GMT
last-modified
Wed, 30 Aug 2023 15:12:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 672A74BE709E4F2FAD8251AEB04F2834 Ref B: MIAEDGE2512 Ref C: 2023-09-04T02:17:24Z
etag
"3370fe5b54dbd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 90AC
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=6b3993bb-7262-427d-8897-2ad913a7b869&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=6b3993bb-7262-427d-8897-2ad913a7b869&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:23 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=6b3993bb-7262-427d-8897-2ad913a7b869&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2084316
content-length
0
expires
Mon, 04 Sep 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 90AC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4011881537103642354&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=4011881537103642354&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
an-x-request-uuid
dbfa190c-a715-4603-acd1-d81030c0f60c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=4011881537103642354&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cframe.js
assets.a-mo.net/js/ Frame 3275 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=_e%3DCrcBShB3d3cuc2hlZmluZHMuY29tUgthYXMtNWI4NDI0NVoIcGJhMS4zLjJqEHd3dy5zaGVmaW5kcy5jb236AQY3LjQwLjDoAgGIA7D81KcGqANA6gMkZjNlY2U4NDYtMDdhZC00ZTA1LThkMjctZDAyOTUzMWJkNGY1qgQDRENIsgUDVVNE0gUEMTEyNtgFAeAFAeoFB2Rlc2t0b3D6BQRkYzEzqgcDd2ViygcMc2hlZmluZHMuY29t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75923de2a993785ccab38a3f2766e0ef00649c91bce9c3373ea78fa40dcf68f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 cf3d1f97e96a04720e63ac8b1955ac3e.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-C3
age
451
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 17 Aug 2023 16:18:48 GMT
server
cloudflare
etag
W/"bf90df713e5e01906e68ba8a50b132d3"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
8012bc67f97e3376-MIA
x-amz-cf-id
z7OD7xqbX0Z38hfMP3uG7QN8qrIuhpkwcBZ3dcCHOHJPdWSGYvkvZg==
expires
Mon, 04 Sep 2023 03:17:24 GMT
usync.js
eus.rubiconproject.com/ Frame A00C 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0d43cf6ee2a94f6120efed2bff5fd431452117ac4fde83201e9916b406266ae7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:24 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:37:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58751
Connection
keep-alive
Content-Length
10123
Expires
Mon, 04 Sep 2023 18:36:35 GMT
xuid
eb2.3lift.com/ Frame E239
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7928e066-76a9-463e-af89-7ce88bea635d&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=7928e066-76a9-463e-af89-7ce88bea635d&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=7928e066-76a9-463e-af89-7ce88bea635d&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame E239
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkzNDM0OTIwNTUyMzUyOTgwMjczNg%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame E239
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGJ9ndNU06XGIuOwvzt_ovs&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGJ9ndNU06XGIuOwvzt_ovs&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGJ9ndNU06XGIuOwvzt_ovs&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E239
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkzNDM0OTIwNTUyMzUyOTgwMjczNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkzNDM0OTIwNTUyMzUyOTgwMjczNg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzkzNDM0OTIwNTUyMzUyOTgwMjczNg%3D%3D
date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame E239 		0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3934349205523529802736&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: CE1C471A5D9840F587D63B8938A87B3F Ref B: MIAEDGE2008 Ref C: 2023-09-04T02:17:24Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEfxxtHdEYIReh8pHurA==
xuid
eb2.3lift.com/ Frame E239
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3934349205523529802736&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e8def573-4079-4fed-a230-54596150311f&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10599855045206035720&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2409&xuid=e8def573-4079-4fed-a230-54596150311f&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=e8def573-4079-4fed-a230-54596150311f&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=e8def573-4079-4fed-a230-54596150311f&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Mon, 04 Sep 2023 02:17:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame E239
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3934349205523529802736?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-oeTwoP5E2oQirhVxJIMp6LtveIKWIs8IMiJStnUJJw--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-oeTwoP5E2oQirhVxJIMp6LtveIKWIs8IMiJStnUJJw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 04 Sep 2023 02:17:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-oeTwoP5E2oQirhVxJIMp6LtveIKWIs8IMiJStnUJJw--~A&dongle=0883
content-length
0
c.gif
c.bing.com/ Frame E239 		42 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3934349205523529802736&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:23 GMT
last-modified
Wed, 30 Aug 2023 15:12:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E344E688DB104B87BE141B0007346178 Ref B: MIAEDGE2512 Ref C: 2023-09-04T02:17:24Z
etag
"3370fe5b54dbd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame E239
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=6b3993bb-7262-427d-8897-2ad913a7b869&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=6b3993bb-7262-427d-8897-2ad913a7b869&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:23 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=6b3993bb-7262-427d-8897-2ad913a7b869&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1290682
content-length
0
expires
Mon, 04 Sep 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame E239
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4011881537103642354&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=4011881537103642354&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
an-x-request-uuid
a3f12eff-6df5-445e-a145-57d3186829b5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=4011881537103642354&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
prebid-server.rubiconproject.com/ Frame E239 		0
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=triplelift&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=3934349205523529802736
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
usersync.php
ssp.api.tappx.com/cs/ Frame 8CBE 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=1---&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.236.200.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.200.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
aa4c0bd79e703c76a78d6f787f26f5beaa7a9460b576beab23cd67264979b73f

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:17:24 GMT
server
nginx
transfer-encoding
chunked
usermatch
ssum-sec.casalemedia.com/ Frame 10F2 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
a70b348fae8d26cd3fb5ee58ebb8e93f916f699ab73827d3693d41736c2672b5

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1660
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:17:24 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
jp
rtb.gumgum.com/usync/ Frame A6E0 		2 KB
970 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-dad2e94d-5bdd-43fd-83d7-963b6bf43e4b-158060-635452036%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Requested by
Host: pre.ads.justpremium.com
URL: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=abr5b581693793840611&usPrivacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.203.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-203-164.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3e4b92c625d504bbb58351b21b455c730169ce7d710635c504a3f2f2498230b0

Request headers

Referer
https://pre.ads.justpremium.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 04 Sep 2023 02:17:24 GMT
etag
W/"01e2c05930f1d4742b95c635af781ff24"
server
nginx
timing-allow-origin
*
gg
match.justpremium.com/match/ Frame 7975
Redirect Chain
  • https://rtb.gumgum.com/getuid/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-dad2e94d-5bdd-43fd-83d7-963b6bf43e4b-158060-635452036%26ex_uid%3D%5BUID%5D&us_privacy=1---
  • https://match.justpremium.com/match/gg?jp_uid=r-dad2e94d-5bdd-43fd-83d7-963b6bf43e4b-158060-635452036&ex_uid=u_5acc3aaa-1709-48bc-996d-7993392c2d49
43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/gg?jp_uid=r-dad2e94d-5bdd-43fd-83d7-963b6bf43e4b-158060-635452036&ex_uid=u_5acc3aaa-1709-48bc-996d-7993392c2d49
Requested by
Host: pre.ads.justpremium.com
URL: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=abr5b581693793840611&usPrivacy=1---
Protocol
H2
Server
44.217.4.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-217-4-96.compute-1.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pre.ads.justpremium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://match.justpremium.com/match/gg?jp_uid=r-dad2e94d-5bdd-43fd-83d7-963b6bf43e4b-158060-635452036&ex_uid=u_5acc3aaa-1709-48bc-996d-7993392c2d49
date
Mon, 04 Sep 2023 02:17:24 GMT
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
6.9a16801caca75de51f76.js
ads.blogherads.com/static/chunks/ Frame ABCD 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/6.9a16801caca75de51f76.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/outstream-creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eaef5512d357749b8b67afcbc14f1f8142782d78b2bc63a45a3743b724499296

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
XYY7B31CR3PED0Q5
age
1020
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
NY9soRzOE3GkaB7ScGJ49X7nHQmqmX32KBfSYsEzG0zUg2nblZ/wF2rCq0nrVyCFRooKAugIlw4=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693793844.475065,VS0,VE0
etag
W/"9a0dc0236a0f23dbc45173c0327da9a5"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
30
7.37b48ce6bb747213c697.js
ads.blogherads.com/static/chunks/ Frame ABCD 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/7.37b48ce6bb747213c697.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/outstream-creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f55c81bdb3f78501328d113278a91beca92f5743976b7df7f57f1a6c20c8cb9f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
XYY680XF3FEA5MJY
age
1020
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
FvJlEfZTp2/03sBwmgipSnvdxb3GyOsNYr9/4hCQgzRBpFCJm2f9M3q30Z/h/TEUP9gaQpkh5Oo=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693793844.475003,VS0,VE0
etag
W/"bd4532813580d7940222ba535b06fdfa"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
30
36.bfd587a3f8b4f9fdee8d.js
ads.blogherads.com/static/chunks/ Frame ABCD 		943 B
727 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/36.bfd587a3f8b4f9fdee8d.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/outstream-creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9e69f5fc00bc8a4343aaa025e8c9ce3345ef0ddc644e5e06f5b91dcb1c0c3c36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
XYY8ZAKGQ89FAB23
age
1020
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
Wp41ZfN071tUE4HiWVTbFMASsUGM/wA5Ib11444MG0YX+ITEMsTXaemgOaMTB7Ud7jxK3+bMa+c=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693793844.474987,VS0,VE0
etag
W/"0d530e3b44970dc7e69cd9b2518d4191"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
31
boomerang-client.js
ads.blogherads.com/static/ Frame ABCD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/boomerang-client.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/outstream-creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.197.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c4a478f209dddd433c1849f661b71160f14ad996c9c075e5f4b7fbeb21d1bf0f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
G64VNSRXBNNP2J7K
age
1020
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
js00xV2yEyoUbw/5Yf82mWQtvoC3B6FX8NqZM7hC3H2QGJLiV2Xu006LnQkcjb5ZIpgZbTilwgM=
x-served-by
cache-mia-kmia1760062-MIA
last-modified
Fri, 01 Sep 2023 00:04:30 GMT
x-timer
S1693793844.474974,VS0,VE0
etag
W/"f4b7dbaeb313299eb47e0873bc496740"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
34
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame ABCD 		356 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/outstream-creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc64f649adfa3906a1b2067dcb6eba81b1b28c474cb1376ffd3d0ab9e6c71842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125515
x-xss-protection
0
expires
Mon, 04 Sep 2023 02:17:24 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 745F 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
7dc50716723eb12ba92695f77b6aec2c18621b2126c280a6fd27d1f124af1d64

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1733
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:17:24 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame EE8F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:17:24 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:17:24 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame 0064
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=b787e5ce-4065-0cf1-25cb-76bdb7170fd2
0
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=b787e5ce-4065-0cf1-25cb-76bdb7170fd2
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
18.164.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-50.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:23 GMT
via
1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
lFVaalj2MfSVR_MfAUd2tzFRoJsRkbExuedtTgQ80_fgRKdYiqXqMQ==

Redirect headers

date
Mon, 04 Sep 2023 02:17:24 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=b787e5ce-4065-0cf1-25cb-76bdb7170fd2
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame 0064
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-MjJj8ERE2uG26LattTglFSDPccItfil4~A
0
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-MjJj8ERE2uG26LattTglFSDPccItfil4~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
18.164.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-50.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
cNbtC5XQX_yp2uAgKlcXt7DO0ag83ieEK9sccddwMvGADsYPJSBkzw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-MjJj8ERE2uG26LattTglFSDPccItfil4~A
date
Mon, 04 Sep 2023 02:17:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame 0064
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=7928e066-76a9-463e-af89-7ce88bea635d&ttl=1696385844
0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=7928e066-76a9-463e-af89-7ce88bea635d&ttl=1696385844
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
18.164.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-50.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:23 GMT
via
1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
2nFoh5vJxypkYrbMVlVOaFG2pfKzyfn7wVXiIYAqIivlk4VfaRc9FA==

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=7928e066-76a9-463e-af89-7ce88bea635d&ttl=1696385844
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
249
sync
usr.undertone.com/userPixel/ Frame 0064
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM494BTJ-1P-8OPA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM494BTJ-1P-8OPA
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
18.164.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-50.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:23 GMT
via
1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
-uA8mfgBSgZNO8v39W7s9_s1GJx905Lpbpv04PjE5NUa3fXdRwHJ7w==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM494BTJ-1P-8OPA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
29af2665c43893332e84c235bac366c1
Expires
0
sync
usr.undertone.com/userPixel/ Frame 0064
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D546B0175-D6AA-46B9-A0AD-C2A930BF5276
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=546B0175-D6AA-46B9-A0AD-C2A930BF5276
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
18.164.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-50.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:23 GMT
via
1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
zpf-aFUXQtpWSyucKU2GDdudclYMUAc65kVQMY1640BIO9P6afhz_Q==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=546B0175-D6AA-46B9-A0AD-C2A930BF5276
date
Sun, 03 Sep 2023 21:07:10 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
usr.undertone.com/userPixel/ Frame 0064
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
18.164.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-50.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
zaeogqoYZpM38uIC2rmUNq0WplomgG-5fS4RyJja_Ga4EjOVLTdrng==

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:23 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
usr.undertone.com/userPixel/ Frame 0064
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-70lmELdE2uFYfjk5c.xD9t3xIJYO_ELvJyAImdQ-~A
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-70lmELdE2uFYfjk5c.xD9t3xIJYO_ELvJyAImdQ-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
18.164.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-50.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
5JmK4eUfAb-It7MsKt6ikkQetyv8OzwtN19_syS-e_feSBrOOFI2Dg==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-70lmELdE2uFYfjk5c.xD9t3xIJYO_ELvJyAImdQ-~A
date
Mon, 04 Sep 2023 02:17:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
t.gif
cw.addthis.com/ Frame 0064 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=46&pdid=492e50f022874344a9db824ccc7e44c3
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.12.2 Montreal, Canada, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-12-2.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 04 Sep 2023 02:17:24 GMT
ibs:dpid=152416&dpuuid=4bywjpflk0hcx6zrrym79v937
dpm.demdex.net/ Frame 0064 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=4bywjpflk0hcx6zrrym79v937
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.117.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-117-77.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-0efad31d8.edge-va6.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
k4jFSO1CS7I=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
15597
tags.bluekai.com/site/ Frame 0064 		62 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/15597?id=4bywjpflk0hcx6zrrym79v937
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.8.236 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-8-236.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 04 Sep 2023 02:17:24 GMT
content-length
62
content-type
image/gif
362358.gif
idsync.rlcdn.com/ Frame 0064
Redirect Chain
  • https://idsync.rlcdn.com/403716.gif?partner_uid=4bywjpflk0hcx6zrrym79v937
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPB-au-2J0mhh3YOehAXjCI&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPB-au-2J0mhh3YOehAXjCI&google_cver=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPB-au-2J0mhh3YOehAXjCI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 0064 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=4bywjpflk0hcx6zrrym79v937
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.94.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-94-1.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-served-by
beacon-n038-ash-prod.krxd.net
date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
private, no-cache, no-store
x-request-time
D=20 t=1693793844
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync
ib.adnxs.com/ Frame 2460 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
an-x-request-uuid
ddc88768-b863-4bb8-ac88-46a325a73347
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=2aed5ae2-5875-450b-9e5e-34ac932123da
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
f015707db8b8dcfa10523f5dc3c1a93958c6a1091afe03404ed220b06ac2c981

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
async_usersync
ib.adnxs.com/ Frame 0038 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
an-x-request-uuid
0c1e5ad7-37d4-4398-bb3e-7803c3fd3fd1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
pagead2.googlesyndication.com/bg/ Frame 2972 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 19:45:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
23487
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14803
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 02 Sep 2024 19:45:57 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 54FE 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
8a00ac8a5c7143c96bd8dc1fb358903c7cb48345d0bc4acc45188e531595cba2

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1509
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:17:24 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc2efdb6aeda07fb0000000000000000%22,%222%22:%220xa278e52a2e87ce040000000000000000%22,%223%22:%220xc2fe126f530a7ebe0000000000000000%22,%224%22:%220x4912f5c659c5fbed0000000000000000%22,%225%22:%220xf3133837edf98f40000000000000000%22},%22debug_key%22:%2212298511281680659660%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2209-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215981831421006668529%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:17:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc2efdb6aeda07fb0000000000000000%22,%222%22:%220xa278e52a2e87ce040000000000000000%22,%223%22:%220xc2fe126f530a7ebe0000000000000000%22,%224%22:%220x4912f5c659c5fbed0000000000000000%22,%225%22:%220xf3133837edf98f40000000000000000%22},%22debug_key%22:%227456045907539866766%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2209-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210080939116944098913%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:17:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame A6E0
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=4011881537103642354
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=4011881537103642354
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-dad2e94d-5bdd-43fd-83d7-963b6bf43e4b-158060-635452036%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
an-x-request-uuid
f51b3cb7-765b-4423-afc4-f6cd9edb232d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=4011881537103642354
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame A6E0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=e8def573-4079-4fed-a230-54596150311f&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=e8def573-4079-4fed-a230-54596150311f&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=e809844b-aeaa-4e32-a1cb-4bc5246812a0&ssp=gumgum2&expires=30&user_group=5&bsw_param=e8def573-4079-4fed-a230-54596150311f
  • https://usersync.gumgum.com/usersync?b=bsw&i=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-dad2e94d-5bdd-43fd-83d7-963b6bf43e4b-158060-635452036%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 04 Sep 2023 02:17:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame A6E0
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28313dKssAclANv5-C39Ri45BIkcR5gONliu0IIbpnFmFVHTR6tgolVWMPlmgOPMeO%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&obuid=ENC(313dKssAclANv5-C39Ri45BIkcR5gONliu0IIbpnFmFVHTR6tgolVWMPlmgOPMeO...
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=0&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26ob...
  • https://sync.outbrain.com/cookie-sync?p=centro&uid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&obUid=313dKssAclANv5-C39Ri45BIkcR5gONliu0IIbpnFmFVHTR6tgolVWMPlmgOPMeO&gdpr=0&gdpr_consent=$CON...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=centro&uid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&obUid=313dKssAclANv5-C39Ri45BIkcR5gONliu0IIbpnFmFVHTR6tgolVWMPlmgOPMeO&gdpr=0&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-dad2e94d-5bdd-43fd-83d7-963b6bf43e4b-158060-635452036%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Server
64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:25 GMT
Cache-Control
no-cache
X-TraceId
b08b5df7127c93645c69c830927b9310
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.outbrain.com/cookie-sync?p=centro&uid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&obUid=313dKssAclANv5-C39Ri45BIkcR5gONliu0IIbpnFmFVHTR6tgolVWMPlmgOPMeO&gdpr=0&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
usersync
usersync.gumgum.com/ Frame A6E0
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=0bd72699-68df-08c4-2835-799788eb2ec6
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=0bd72699-68df-08c4-2835-799788eb2ec6
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-dad2e94d-5bdd-43fd-83d7-963b6bf43e4b-158060-635452036%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:17:24 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=0bd72699-68df-08c4-2835-799788eb2ec6
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame A6E0
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-eb067bed-7771-5702-6904-f1a213a26691$ip$38.132.118.76
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-eb067bed-7771-5702-6904-f1a213a26691$ip$38.132.118.76
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-dad2e94d-5bdd-43fd-83d7-963b6bf43e4b-158060-635452036%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-eb067bed-7771-5702-6904-f1a213a26691$ip$38.132.118.76
Date
Mon, 04 Sep 2023 02:17:24 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame A6E0
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-q_GnEVZE2pelL9NY_GB_BwR3tHSl_dfnzKS_~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-q_GnEVZE2pelL9NY_GB_BwR3tHSl_dfnzKS_~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-dad2e94d-5bdd-43fd-83d7-963b6bf43e4b-158060-635452036%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:17:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-q_GnEVZE2pelL9NY_GB_BwR3tHSl_dfnzKS_~A
content-length
0
usersync
usersync.gumgum.com/ Frame A6E0
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=ef64a777-f1cd-43a8-a50e-1af8b0183d5c
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=ef64a777-f1cd-43a8-a50e-1af8b0183d5c
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-dad2e94d-5bdd-43fd-83d7-963b6bf43e4b-158060-635452036%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=ef64a777-f1cd-43a8-a50e-1af8b0183d5c
Date
Mon, 04 Sep 2023 02:17:24 GMT
Connection
keep-alive
X-CI-RTID
eb8702e0-c034-4862-8576-de8063768c60
Content-Length
108
Content-Type
text/html; charset=utf-8
PugMaster
image6.pubmatic.com/AdServer/ Frame A4F4 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=3533329&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0a2c97c9c66867b38ceb5b388b82a9cedad85cc5c69902e39fcd252920f17581

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 04 Sep 2023 02:17:23 GMT
content-length
1973
content-type
text/html; charset=UTF-8
usync.html
eus.rubiconproject.com/ Frame 3EEF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:17:24 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:17:24 GMT
location
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
server
AkamaiGHost
CookieSync.html
csync.smartadserver.com/rtb/csync/ Frame 3D27 		435 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:59::17d5:9e14 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:17:24 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645524912.090457"
Last-Modified
Tue, 22 Feb 2022 09:59:55 GMT
Server
AkamaiNetStorage
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A14F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.25.11 Dallas, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-25-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=102119
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:17:24 GMT
expires
Tue, 05 Sep 2023 06:39:23 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame D4F0
Redirect Chain
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693793844570&pubconsent=&euconsent=&hasConsent=1
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693793844570&pubconsent=&euconsent=&hasConsent=1&rd=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693793844570&pubconsent=&euconsent=&hasConsent=1&rd=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
16453d1eb8a63332323217cae56bb238a2845b08e4ded3caee22de5570e53cce

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:13:23 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:13:23 GMT
location
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693793844570&pubconsent=&euconsent=&hasConsent=1&rd=1
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
x-powered-by
PHP/8.2.4
/
hde.tynt.com/deb/ Frame 4118
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
fc81f0880968fe947bc60e44051dfcdf4f4a6c7153ac0985367712802730b68c

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1607
content-type
text/html
date
Mon, 04 Sep 2023 02:17:23 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Mon, 04 Sep 2023 02:17:23 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
isync
visitor.omnitagjs.com/visitor/ Frame DD15 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
8133bf08d9f33d3371c8cbc9eee39dd5f34736630529a87bf0a50661f6200164
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1470
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:17:24 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-usa02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
5
/
onetag-sys.com/usync/ Frame 1568 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75601b04186d260
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sharethrough
s.seedtag.com/cs/cookiesync/ Frame 462C
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=2TwkgUpM&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=5006350c-a261-44d7-84dd-dbea8f08b6e4&gdpr=0
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=5006350c-a261-44d7-84dd-dbea8f08b6e4&gdpr=0
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Sep 2023 02:17:24 GMT
server
openresty
via
1.1 google

Redirect headers

content-length
0
date
Mon, 04 Sep 2023 02:17:24 GMT
location
https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=5006350c-a261-44d7-84dd-dbea8f08b6e4&gdpr=0
pulsepoint
s.seedtag.com/cs/cookiesync/ Frame 7660
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562983&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpulsepoint%3Fchanneluid%3D%25%25VGUID%25%25
  • https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=zgn5cAUresle&ev=1&us_privacy=1---&pid=562983
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=zgn5cAUresle&ev=1&us_privacy=1---&pid=562983
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Sep 2023 02:17:24 GMT
server
openresty
via
1.1 google

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
cw-server
bh-deployment-cdb79dd64-5zghb
expires
-1
location
https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=zgn5cAUresle&ev=1&us_privacy=1---&pid=562983
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
s
s.seedtag.com/cs/st/ Frame D2E3 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/st/s
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
appnexus
s.seedtag.com/cs/cookiesync/ Frame D2E3
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=4011881537103642354
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=4011881537103642354
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
an-x-request-uuid
89f906e6-eea7-47d6-ba07-d9d815f2e8ac
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=4011881537103642354
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
smart
s.seedtag.com/cs/cookiesync/ Frame D2E3
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=1---&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D
  • https://s.seedtag.com/cs/cookiesync/smart?channeluid=1869577055167662355
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/smart?channeluid=1869577055167662355
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/smart?channeluid=1869577055167662355
date
Mon, 04 Sep 2023 02:17:24 GMT
content-length
0
outbrain
s.seedtag.com/cs/cookiesync/ Frame D2E3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=pJzQ7WI8Qm9vWQAlMsLp&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOONSWKZDUMFTS4Y3PNUXWG4ZPMNXW623JMVZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOONSWKZDUMFTS4Y3PNUXWG4ZPMNXW623JMVZXS3TDF5XXK5DCOJQWS3R7MNUGC3TOMVWHK2LEHVYEU6SRG5LUSOCRNU4XMV2RIFWE242MOATGK6DDNBQW4Z3FHVZWK...
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=pJzQ7WI8Qm9vWQAlMsLp&gdpr=0&us_privacy=1---
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=pJzQ7WI8Qm9vWQAlMsLp&gdpr=0&us_privacy=1---
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=pJzQ7WI8Qm9vWQAlMsLp&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
130
Expires
Thu, 01 Dec 1994 16:00:00 GMT
ttd
s.seedtag.com/cs/cookiesync/ Frame D2E3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=5jrh0rv&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://s.seedtag.com/cs/cookiesync/ttd?channeluid=7928e066-76a9-463e-af89-7ce88bea635d
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/ttd?channeluid=7928e066-76a9-463e-af89-7ce88bea635d
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.seedtag.com/cs/cookiesync/ttd?channeluid=7928e066-76a9-463e-af89-7ce88bea635d
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
205
Bidswitch
s.seedtag.com/cs/cookiesync/ Frame D2E3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=seedtag&bsw_custom_parameter=e8def573-4079-4fed-a230-54596150311f
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=seedtag&bsw_custom_parameter=e8def573-4079-4fed-a230-54596150311f
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=2940fdbe-e48c-4339-a0ac-04f2fd9d5fc9&user_group=1&ssp=seedtag&bsw_param=e8def573-4079-4fed-a230-54596150311f
  • https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Location
//s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=
Date
Mon, 04 Sep 2023 02:17:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
partner
sync.search.spotxchange.com/ Frame D2E3 		0
0
/
sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/ Frame D2E3
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=7928e066-76a9-463e-af89-7ce88bea635d
95 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=7928e066-76a9-463e-af89-7ce88bea635d
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
date
Mon, 04 Sep 2023 02:13:23 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=7928e066-76a9-463e-af89-7ce88bea635d
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
partner
sync.search.spotxchange.com/ Frame D2E3 		0
0
improvedigital
s.seedtag.com/cs/cookiesync/ Frame D2E3
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D
  • https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=d28fcfe5-3705-4821-8ffc-49f439ce1b44
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=d28fcfe5-3705-4821-8ffc-49f439ce1b44
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=d28fcfe5-3705-4821-8ffc-49f439ce1b44
access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:24 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
indexexchange
s.seedtag.com/cs/cookiesync/ Frame D2E3
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D
  • https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZPU.MAL8NXL8cEAE-8TFkQAA%26938
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZPU.MAL8NXL8cEAE-8TFkQAA%26938
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZPU.MAL8NXL8cEAE-8TFkQAA%26938
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
verizon
s.seedtag.com/cs/cookiesync/ Frame D2E3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58427/occ
  • https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-70lmELdE2uFYfjk5c.xD9t3xIJYO_ELvJyAImdQ-~A
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-70lmELdE2uFYfjk5c.xD9t3xIJYO_ELvJyAImdQ-~A
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-70lmELdE2uFYfjk5c.xD9t3xIJYO_ELvJyAImdQ-~A
date
Mon, 04 Sep 2023 02:17:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
adform
s.seedtag.com/cs/cookiesync/ Frame D2E3
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fadform%3Fchanneluid%3D%24UID
  • https://s.seedtag.com/cs/cookiesync/adform?channeluid=3547929380008100760
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/adform?channeluid=3547929380008100760
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/adform?channeluid=3547929380008100760
date
Mon, 04 Sep 2023 02:17:36 GMT
server
nginx
content-length
0
content-type
text/plain
sovrn
s.seedtag.com/cs/cookiesync/ Frame D2E3
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID
  • https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=HQzJeBZHuGCrpGR8Q52pzqdh
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=HQzJeBZHuGCrpGR8Q52pzqdh
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Date
Mon, 04 Sep 2023 02:17:24 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=HQzJeBZHuGCrpGR8Q52pzqdh
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
openx
s.seedtag.com/cs/cookiesync/ Frame D2E3
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e297ef35-c932-4587-9b44-3838020a33e7&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fopenx%3Fchanneluid%3D%7BOPENX_ID%7D
  • https://s.seedtag.com/cs/cookiesync/openx?channeluid=aeb3dbbf-9971-0447-19d7-dabe2058df30
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/openx?channeluid=aeb3dbbf-9971-0447-19d7-dabe2058df30
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

date
Mon, 04 Sep 2023 02:17:24 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://s.seedtag.com/cs/cookiesync/openx?channeluid=aeb3dbbf-9971-0447-19d7-dabe2058df30
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
yeahmobi
s.seedtag.com/cs/cookiesync/ Frame D2E3
Redirect Chain
  • https://event.clientgear.com/cookie/seedtag?partner=seedtag&cookieid=
  • https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mka1c417f5f6be44b981c906350ba5cfaf
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mka1c417f5f6be44b981c906350ba5cfaf
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mka1c417f5f6be44b981c906350ba5cfaf
date
Mon, 04 Sep 2023 02:17:24 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
rtbhouse
s.seedtag.com/cs/cookiesync/ Frame D2E3
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=seedtag
  • https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=qa45XtQKCxwmfyBqSHIl&pi=seedtag
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=qa45XtQKCxwmfyBqSHIl&pi=seedtag
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=qa45XtQKCxwmfyBqSHIl&pi=seedtag
pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT, Mon, 04 Sep 2023 02:17:24 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
opera
s.seedtag.com/cs/cookiesync/ Frame D2E3
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub9283744565120
  • https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPUf145c78f92fa42b288627a33f5e584ec
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPUf145c78f92fa42b288627a33f5e584ec
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPUf145c78f92fa42b288627a33f5e584ec
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
111
expires
Mon, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=c1729f21-84ed-3d2f-45d9-458ec7b0763f&tv=%7Bc:nawPVy,pingTime:-10,time:1221,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw2MDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTYuMC41ODQ1LjE0MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1693793844603%7C%7C185346ba76ab509ad0393afec13cdd57%7C%7C0f286e8f7fa153358c622af13d09b529%7C%7C0e5bfa9e30f72b912ba42c79b78ebb51%7C%7Cb988b873c324bdcca41e715fa53d9ebb%7C%7Cc00bb1d4666314dd561d55fcb396e2fc%7C%7Cda815fccd86aa84805d45c43e61cdada%7C%7C679b34342883a2251fb4ff9fd0612124%7C%7C1663701684,env:%7Bar:self.0%7D%7D
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dd1:ab44:ba2a:c71f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
server
nginx
x-server-name
dt25.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
usersync
usersync.gumgum.com/ Frame D1AF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=ZPU_MQAAAyPauwA4&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZPU_MQAAAyPauwA4&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-dad2e94d-5bdd-43fd-83d7-963b6bf43e4b-158060-635452036%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:24 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 04 Sep 2023 02:17:24 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZPU_MQAAAyPauwA4&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mia-kmia1760091-MIA
x-timer
S1693793845.709916,VS0,VE0
usync.js
eus.rubiconproject.com/ Frame EE8F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0d43cf6ee2a94f6120efed2bff5fd431452117ac4fde83201e9916b406266ae7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:24 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:37:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58751
Connection
keep-alive
Content-Length
10123
Expires
Mon, 04 Sep 2023 18:36:35 GMT
crum
dsum-sec.casalemedia.com/ Frame 10F2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEzzU7J6nwAACbk4ScR2w&expiration=1695003444&us_privacy=1---
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEzzU7J6nwAACbk4ScR2w&expiration=1695003444&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEzzU7J6nwAACbk4ScR2w&expiration=1695003444&us_privacy=1---
Date
Mon, 04 Sep 2023 02:17:24 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 10F2
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709518644&external_user_id=0a80450f-9a45-46a8-b0ba-1e6a38dde008
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709518644&external_user_id=0a80450f-9a45-46a8-b0ba-1e6a38dde008
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709518644&external_user_id=0a80450f-9a45-46a8-b0ba-1e6a38dde008
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 10F2
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&us_privacy=1---
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=30046c42-4ac9-11ee-ba0a-6250e198ad71
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=30046c42-4ac9-11ee-ba0a-6250e198ad71
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
server
Cowboy
content-type
image/gif
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=30046c42-4ac9-11ee-ba0a-6250e198ad71
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-3
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 10F2
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&us_privacy=1---
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=3SV3kkOj1QCZ9y5&us_privacy=1---
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=3SV3kkOj1QCZ9y5&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:24 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-00312b0e559821880@us-east-1d@dxedge-app-us-east-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=3SV3kkOj1QCZ9y5&us_privacy=1---
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
index
ids.ad.gt/api/v1/ Frame 10F2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/index?cb=https%3A%2F%2Fssum-sec.casalemedia.com%2Fium%3Fsourceid%3D15%26uid%3D&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
crum
dsum.casalemedia.com/ Frame 10F2
Redirect Chain
  • https://match.deepintent.com/usersync/113?us_privacy=1---
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_4180617bbf17460393dff
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_4180617bbf17460393dff
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_4180617bbf17460393dff
date
Mon, 04 Sep 2023 02:17:24 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 10F2 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:92c5:57a0:36d6:5a53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum.casalemedia.com/ Frame 10F2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&us_privacy=1---
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4011881537103642354&us_privacy=1---
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4011881537103642354&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
an-x-request-uuid
0c23175c-b327-4abd-a83d-28df8f4e3598
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4011881537103642354&us_privacy=1---
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 10F2 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZPU.MAL8NXL8cEAE-8TFkQAA%26938=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
16565
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8012bc6a7f443708-MIA
content-length
43
expires
Tue, 05 Sep 2023 02:17:24 GMT
usync
ssp.api.tappx.com/cs/ Frame 8CBE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D32%26type%3Diframe%26id%3D%24UID%26auxuid%3D
  • https://ssp.api.tappx.com/cs/usync?idmn=32&type=iframe&id=4011881537103642354&auxuid=
0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=32&type=iframe&id=4011881537103642354&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=1---&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
35.236.200.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.200.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:25 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
an-x-request-uuid
8838d72e-119a-40a3-89dd-d5a43e98dc9d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ssp.api.tappx.com/cs/usync?idmn=32&type=iframe&id=4011881537103642354&auxuid=
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
csync.loopme.me/ Frame 8CBE 		0
0
usync
ssp.api.tappx.com/cs/ Frame 8CBE
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&url=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D45%26type%3Diframe%26id%3D%5Bsas_uid%5D%26auxuid%3D
  • https://ssp.api.tappx.com/cs/usync?idmn=45&type=iframe&id=1869577055167662355&auxuid=
0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=45&type=iframe&id=1869577055167662355&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=1---&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
35.236.200.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.200.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:25 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ssp.api.tappx.com/cs/usync?idmn=45&type=iframe&id=1869577055167662355&auxuid=
date
Mon, 04 Sep 2023 02:17:23 GMT
content-length
0
/
sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/ Frame 8CBE
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=skJudSCZ30&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D108%26type%3Diframe%26id%3D%5BPDID%5D%26auxuid%3D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=1869577055167662355
95 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=1869577055167662355
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=1---&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
date
Mon, 04 Sep 2023 02:13:23 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=1869577055167662355
date
Mon, 04 Sep 2023 02:17:25 GMT
content-length
0
789c64f5-3e31-4100-b68c-6bef558fd551
sync.1rx.io/usersync3/mediamathtest/2064/ Frame 8CBE
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D162%26type%3Diframe%26id%3D%5BRX_UUID%5D%26auxuid%3D
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2064%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=632308182
  • https://sync.1rx.io/usersync3/mediamathtest/2064/789c64f5-3e31-4100-b68c-6bef558fd551?zcc=0&sspret=1
43 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/mediamathtest/2064/789c64f5-3e31-4100-b68c-6bef558fd551?zcc=0&sspret=1
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=1---&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
MT3 1031 59fd23a master iad iad-pixel-x2 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.1rx.io/usersync3/mediamathtest/2064/789c64f5-3e31-4100-b68c-6bef558fd551?zcc=0&sspret=1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 04 Sep 2023 02:17:24 GMT
usync
ssp.api.tappx.com/cs/ Frame 8CBE
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=49574e61&gdpr=&gdpr_consent=&tappx=1
  • https://ssp.api.tappx.com/cs/usync?idmn=80&id=5006350c-a261-44d7-84dd-dbea8f08b6e4
0
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=80&id=5006350c-a261-44d7-84dd-dbea8f08b6e4
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=1---&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
35.236.200.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.200.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:25 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ssp.api.tappx.com/cs/usync?idmn=80&id=5006350c-a261-44d7-84dd-dbea8f08b6e4
date
Mon, 04 Sep 2023 02:17:24 GMT
content-length
0
usync
ssp.api.tappx.com/cs/ Frame 8CBE
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D28%26type%3Diframe%26id%3D%24UID%26auxuid%3D&gdpr=&gdpr_consent=
  • https://ssp.api.tappx.com/cs/usync?idmn=28&type=iframe&id=3934349205523529802736&auxuid=
0
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=28&type=iframe&id=3934349205523529802736&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=1---&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
35.236.200.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.200.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:25 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ssp.api.tappx.com/cs/usync?idmn=28&type=iframe&id=3934349205523529802736&auxuid=
date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync
ssp.api.tappx.com/cs/ Frame 8CBE
Redirect Chain
  • https://s.c.appier.net/tappx
  • https://ssp.api.tappx.com/cs/usync?idmn=728&id=s7nypE8-D5-hKIUNNT71ZA
0
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=728&id=s7nypE8-D5-hKIUNNT71ZA
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=1---&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
35.236.200.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.200.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:25 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

date
Mon, 04 Sep 2023 02:17:25 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssp.api.tappx.com/cs/usync?idmn=728&id=s7nypE8-D5-hKIUNNT71ZA
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
96
usync
ssp.api.tappx.com/cs/ Frame 8CBE
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1934&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D253%26type%3Diframe%26id%3D%7BPUB_USER_ID%7D%26auxuid%3D
  • https://ssp.api.tappx.com/cs/usync?idmn=253&type=iframe&id=d28fcfe5-3705-4821-8ffc-49f439ce1b44&auxuid=
0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=253&type=iframe&id=d28fcfe5-3705-4821-8ffc-49f439ce1b44&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=1---&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
35.236.200.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.200.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:25 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ssp.api.tappx.com/cs/usync?idmn=253&type=iframe&id=d28fcfe5-3705-4821-8ffc-49f439ce1b44&auxuid=
access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:24 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usync
ssp.api.tappx.com/cs/ Frame 8CBE
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43929&callback_url=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D724%26type%3Diframe%26id%3D%24%7BUSER_ID%7D%26auxuid%3D
  • https://ssp.api.tappx.com/cs/usync?idmn=724&type=iframe&id=b0231eb4-a9f2-53f7-952d-4f68f1d87159&auxuid=
0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=724&type=iframe&id=b0231eb4-a9f2-53f7-952d-4f68f1d87159&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=1---&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
35.236.200.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.200.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:25 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ssp.api.tappx.com/cs/usync?idmn=724&type=iframe&id=b0231eb4-a9f2-53f7-952d-4f68f1d87159&auxuid=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
usync
ssp.api.tappx.com/cs/ Frame 8CBE
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6192414557248&gdpr=&consent=&us_privacy={{US_PRIVACY}}
  • https://ssp.api.tappx.com/cs/usync?consent=&gdpr=&id=OPU7a960d576c444aa68d904f18f36ecd5a&idmn=1135&us_privacy=%7B%7BUS_PRIVACY%7D%7D
0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?consent=&gdpr=&id=OPU7a960d576c444aa68d904f18f36ecd5a&idmn=1135&us_privacy=%7B%7BUS_PRIVACY%7D%7D
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=1---&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
35.236.200.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.200.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:25 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://ssp.api.tappx.com/cs/usync?consent=&gdpr=&id=OPU7a960d576c444aa68d904f18f36ecd5a&idmn=1135&us_privacy=%7B%7BUS_PRIVACY%7D%7D
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
171
expires
Mon, 01 Jan 1990 00:00:00 GMT
setuid
prebid-server.rubiconproject.com/ Frame 8CBE 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=tappx&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=c2d1ed5a-b593-47b8-b198-d7ba5702d8fef1a
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=1---&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
sync
visitor-usa02.omnitagjs.com/visitor/ Frame DD15
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26vis...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=4011881537103642354&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
49 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=4011881537103642354&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
an-x-request-uuid
54735258-3829-4b96-adf9-f0dbcfd89d43
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=4011881537103642354&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame DD15
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2f...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=4011881537103642354&gdpr=0&gdpr_consent=&gdpr=0&gdpr_c...
49 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=4011881537103642354&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
an-x-request-uuid
9a382a68-87f0-4c19-a18a-fb9c186e2be8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=4011881537103642354&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame DD15
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=qa45XtQKCxwmfyBqSHIl&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
49 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=qa45XtQKCxwmfyBqSHIl&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
11
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=qa45XtQKCxwmfyBqSHIl&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT, Mon, 04 Sep 2023 02:17:24 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
ayl_pixel
api-2-0.spot.im/pixels/ Frame DD15 		0
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-2-0.spot.im/pixels/ayl_pixel?ayl_id=91b287752595b0928c3fe9c48677b9d0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-6.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 b5fe18267507cb61755963d8928a60f4.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK50-P5
x-amz-cf-id
AMWK2g9a-g228Ke_NLnFL9unoczkEPPOlihzFT_WNREU7hDxAVn8Ew==
x-cache
Miss from cloudfront
sync
visitor.omnitagjs.com/visitor/ Frame DD15
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadyo...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=2c13604cc4584d1995e49827a64c2897&ssp=adyoulike&bsw_param=e8def573-4079-4fed-a230-54596150311f&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=e8def573-4079-4fed-a230-54596150311f&name=BIDSWITCH&gdpr=0&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=e8def573-4079-4fed-a230-54596150311f&name=BIDSWITCH&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

Location
//visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=e8def573-4079-4fed-a230-54596150311f&name=BIDSWITCH&gdpr=0&gdpr_consent=
Date
Mon, 04 Sep 2023 02:17:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
visitor.omnitagjs.com/visitor/ Frame DD15
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=7928e066-76a9-463e-af89-7ce88bea635d&name=THE_TRADE_DESK
49 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=7928e066-76a9-463e-af89-7ce88bea635d&name=THE_TRADE_DESK
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=7928e066-76a9-463e-af89-7ce88bea635d&name=THE_TRADE_DESK
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
319
sync
visitor.omnitagjs.com/visitor/ Frame DD15
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/aul
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAEzzU7J6nwAACbk4ScR2w&name=BEESWAX
49 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAEzzU7J6nwAACbk4ScR2w&name=BEESWAX
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
8
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAEzzU7J6nwAACbk4ScR2w&name=BEESWAX
Date
Mon, 04 Sep 2023 02:17:24 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame DD15
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=openrtb&zoneCode=openrtb_adyoulike&redirect=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSMILE_WANTED%26ttl%3D720%26uid%3De77031af...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=294eef79fe6e6c3b9a340b25c294c68b&gdpr=0&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=294eef79fe6e6c3b9a340b25c294c68b&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:17:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=294eef79fe6e6c3b9a340b25c294c68b&gdpr=0&gdpr_consent=
access-control-allow-credentials
true
cf-ray
8012bc6a9ce06dd4-MIA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
sync
visitor-usa02.omnitagjs.com/visitor/ Frame DD15
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:17:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
216
content-type
text/html; charset=utf-8
/
csync.loopme.me/ Frame DD15 		0
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame DD15
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visit...
  • https://stags.bluekai.com/site/23178?id=pJzQ7WI8Qm9vWQAlMsLp&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGM5SHA4R5GATGOZDQOJPWG...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr=0&gdpr_consent=&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=pJzQ7WI8Qm9vWQAlMsLp
49 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr=0&gdpr_consent=&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=pJzQ7WI8Qm9vWQAlMsLp
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Content-Type
text/html; charset=utf-8
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr=0&gdpr_consent=&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=pJzQ7WI8Qm9vWQAlMsLp
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
221
Expires
Thu, 01 Dec 1994 16:00:00 GMT
adyoulike
sync.adotmob.com/cookie/ Frame DD15 		0
0
sync
visitor.omnitagjs.com/visitor/ Frame DD15
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-eb067bed-7771-5702-6904-f1a213a26691$ip$38.132.118.76&name=STACKADAPT&gdpr=0&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-eb067bed-7771-5702-6904-f1a213a26691$ip$38.132.118.76&name=STACKADAPT&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-eb067bed-7771-5702-6904-f1a213a26691$ip$38.132.118.76&name=STACKADAPT&gdpr=0&gdpr_consent=
Date
Mon, 04 Sep 2023 02:17:24 GMT
Connection
keep-alive
Content-Length
219
Content-Type
text/html; charset=utf-8
sync
visitor-usa02.omnitagjs.com/visitor/ Frame DD15
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45fe67...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=2c13604cc4584d1995e49827a64c2897&gdpr=0&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=2c13604cc4584d1995e49827a64c2897&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=2c13604cc4584d1995e49827a64c2897&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame DD15
Redirect Chain
  • https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNTV_US...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=3411b08f-c53d-4f81-a57c-759cc8a2dbdb&gdpr=0&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=3411b08f-c53d-4f81-a57c-759cc8a2dbdb&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
server
nginx/1.12.2
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=3411b08f-c53d-4f81-a57c-759cc8a2dbdb&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
pixel
ap.lijit.com/ Frame DD15 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN%26ttl%3D720%26uid%3D4b30a0b1f289a261ab592e1e53c126eb%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 04 Sep 2023 02:17:25 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
visitor.omnitagjs.com/visitor/ Frame DD15
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEEN...
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=b0231eb4-a9f2-53f7-952d-4f68f1d87159&name=BETWEENX&gdpr=0&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=b0231eb4-a9f2-53f7-952d-4f68f1d87159&name=BETWEENX&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=b0231eb4-a9f2-53f7-952d-4f68f1d87159&name=BETWEENX&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame DD15
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=6bd378a7-55b8-474b-b8db-de7ae9eca2ad&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=6bd378a7-55b8-474b-b8db-de7ae9eca2ad&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

x-servername
Track001-iad
pragma
no-cache
date
Mon, 04 Sep 2023 02:16:47 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=6bd378a7-55b8-474b-b8db-de7ae9eca2ad&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
cache-control
private,no-cache
content-length
315
expires
-1
711333.gif
id.rlcdn.com/ Frame DD15 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
tp_out
d.adroll.com/cm/index/ Frame 745F 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2204:330d:d91c:ff43:9dc5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 745F
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1791377150691978257
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1791377150691978257
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1791377150691978257
Date
Mon, 04 Sep 2023 02:17:24 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
csync.loopme.me/ Frame 745F 		0
0
crum
dsum.casalemedia.com/ Frame 745F
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=2710a000-cfcc-4fa3-9ebf-7e20a62c118d
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=2710a000-cfcc-4fa3-9ebf-7e20a62c118d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

x-servername
Track002-iad
pragma
no-cache
date
Mon, 04 Sep 2023 02:16:47 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=2710a000-cfcc-4fa3-9ebf-7e20a62c118d
cache-control
private,no-cache
content-length
222
expires
-1
crum
dsum.casalemedia.com/ Frame 745F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4011881537103642354
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4011881537103642354
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
an-x-request-uuid
b2ef2c45-59c4-45fe-863f-4c74a6538a88
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4011881537103642354
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 745F 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0CJ0722911Q2B0TR4ENT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 745F
Redirect Chain
  • https://match.deepintent.com/usersync/113
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_4180617bbf17460393dff
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_4180617bbf17460393dff
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_4180617bbf17460393dff
date
Mon, 04 Sep 2023 02:17:24 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
user-registering
ads.stickyadstv.com/ Frame 745F 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.98.139.150 Chicago, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:24 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693793844958058-482
sync
usr.undertone.com/userPixel/ Frame 745F 		0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-50.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
0_izel6X2TPXBpzy7YgOhIwuUIVG3DGcSTQ7iFnSctdqIn0_xTwTJA==
crum
dsum-sec.casalemedia.com/ Frame 54FE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEzzU7J6nwAACbk4ScR2w&expiration=1695003444&us_privacy=1---
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEzzU7J6nwAACbk4ScR2w&expiration=1695003444&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEzzU7J6nwAACbk4ScR2w&expiration=1695003444&us_privacy=1---
Date
Mon, 04 Sep 2023 02:17:24 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 54FE
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709518644&external_user_id=13b8a4b4-b9b3-4619-9b4b-4e8a29adbfd0
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709518644&external_user_id=13b8a4b4-b9b3-4619-9b4b-4e8a29adbfd0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709518644&external_user_id=13b8a4b4-b9b3-4619-9b4b-4e8a29adbfd0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 54FE
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&us_privacy=1---
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=30046c42-4ac9-11ee-ba0a-6250e198ad71
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=30046c42-4ac9-11ee-ba0a-6250e198ad71
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
server
Cowboy
content-type
image/gif
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=30046c42-4ac9-11ee-ba0a-6250e198ad71
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-3
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum.casalemedia.com/ Frame 54FE
Redirect Chain
  • https://match.deepintent.com/usersync/113?us_privacy=1---
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_4180617bbf17460393dff
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_4180617bbf17460393dff
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_4180617bbf17460393dff
date
Mon, 04 Sep 2023 02:17:23 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
dcm
s.amazon-adsystem.com/ Frame 54FE 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1---&gdpr=&gdpr_consent=&id=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4K9AGHRDECZ6M4AXVMSS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 54FE 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2204:330d:d91c:ff43:9dc5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
CookieIndex
rtb.adentifi.com/ Frame 54FE 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex?us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.131.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-131-34.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
crum
dsum-sec.casalemedia.com/ Frame 54FE
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2810316564796538587
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2810316564796538587
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2810316564796538587
Date
Mon, 04 Sep 2023 02:17:24 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
htw-pixel.gif
cdn.indexww.com/ht/ Frame 54FE 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZPU.MAL8NXL8cEAE-8TFkQAA%26938=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
16565
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8012bc6a7f453708-MIA
content-length
43
expires
Tue, 05 Sep 2023 02:17:24 GMT
pixel
cm.g.doubleclick.net/ Frame 9723 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV81YWNjM2FhYS0xNzA5LTQ4YmMtOTk2ZC03OTkzMzkyYzJkNDk=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-dad2e94d-5bdd-43fd-83d7-963b6bf43e4b-158060-635452036%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:17:24 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6F75 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-dad2e94d-5bdd-43fd-83d7-963b6bf43e4b-158060-635452036%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.25.11 Dallas, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-25-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=102119
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:17:24 GMT
expires
Tue, 05 Sep 2023 06:39:23 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame FC8D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=7928e066-76a9-463e-af89-7ce88bea635d
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=7928e066-76a9-463e-af89-7ce88bea635d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-dad2e94d-5bdd-43fd-83d7-963b6bf43e4b-158060-635452036%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:24 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Mon, 04 Sep 2023 02:17:24 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=7928e066-76a9-463e-af89-7ce88bea635d
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usync.js
eus.rubiconproject.com/ Frame 3EEF 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0d43cf6ee2a94f6120efed2bff5fd431452117ac4fde83201e9916b406266ae7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:24 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:37:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58751
Connection
keep-alive
Content-Length
10123
Expires
Mon, 04 Sep 2023 18:36:35 GMT
usync
ssp.api.tappx.com/cs/ Frame 246A
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D50%26type%3Diframe%26id%3D%24UID%26auxuid%3D
  • https://ssp.api.tappx.com/cs/usync?idmn=50&type=iframe&id=3547929380008100760&auxuid=
0
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=50&type=iframe&id=3547929380008100760&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=1---&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.236.200.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.200.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:17:25 GMT
server
nginx
transfer-encoding
chunked

Redirect headers

content-length
0
content-type
text/plain
date
Mon, 04 Sep 2023 02:17:36 GMT
location
https://ssp.api.tappx.com/cs/usync?idmn=50&type=iframe&id=3547929380008100760&auxuid=
server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 76AE 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158111&userIdMacro=(PM_UID)&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D76%26type%3Diframe%26id%3D%28PM_UID%29%26auxuid%3D
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=1---&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.25.11 Dallas, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-25-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=102119
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:17:24 GMT
expires
Tue, 05 Sep 2023 06:39:23 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 81E7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=tappx&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=1---&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:17:24 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:17:24 GMT
location
https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
server
AkamaiGHost
usync
ssp.api.tappx.com/cs/ Frame 5B93
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D13%26type%3Diframe%26id%3D%24UID%26auxuid%3D
  • https://ssp.api.tappx.com/cs/usync?idmn=13&type=iframe&id=HQzJeBZHuGCrpGR8Q52pzqdh&auxuid=
0
431 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=13&type=iframe&id=HQzJeBZHuGCrpGR8Q52pzqdh&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=1---&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.236.200.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.200.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:17:25 GMT
server
nginx
transfer-encoding
chunked

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Mon, 04 Sep 2023 02:17:24 GMT
Location
https://ssp.api.tappx.com/cs/usync?idmn=13&type=iframe&id=HQzJeBZHuGCrpGR8Q52pzqdh&auxuid=
X-Sovrn-Pod
ad_ap6ewr1
/
de.tynt.com/deb/ Frame 0F3F
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=1---&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
403c3e8e5b63d1cbf22fae35b73034d596e00ba44ef04183dd11848bf400905c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1627
content-type
text/html
date
Mon, 04 Sep 2023 02:17:24 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 04 Sep 2023 02:17:24 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP008
x-33x-status
8340000A
user-sync
sync.adkernel.com/ Frame 0E69 		761 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=1---&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
97e016f14311d762c780843c6e958ce954ddd0255dc5ae23cf301c6324efd04b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
761
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Sep 2023 02:17:24 GMT
Pragma
no-cache
Server
nginx
sync.html
s.spotim.market/ Frame 7977 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:946::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
3a64691c38bad77baf9e509002e69ee162c4e7d8dde700400578967cc9231982

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://visitor.omnitagjs.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1063
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:17:24 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
onetag-sys.com/usync/ Frame A498 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame C3C2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:17:24 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:17:24 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame 9EBA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:17:24 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:17:24 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame E827
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:17:24 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:17:24 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
sync
ssbsync.smartadserver.com/api/ Frame 2F08 		966 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.170 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
f4d13b7d23b27132ab1bd5d9ac27992b12fa8a87da85b897f2fbbce5c2a1e55e

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
966
content-type
text/html
date
Mon, 04 Sep 2023 02:17:24 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 9F2E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFenpVN0o2bndBQUNiazRTY1Iydw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEzzU7J6nwAACbk4ScR2w&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252C...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1869577055167662355&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?uid=AAEzzU7J6nwAACbk4ScR2w&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1869577055167662355%26gdpr%3D0%26gdpr_cons...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1869577055167662355&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://bh.contextweb.com/bh/rtset?ev=AAEzzU7J6nwAACbk4ScR2w&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1869577055167662355%26gdpr%3D0%26bee_sync_pa...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1869577055167662355&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAEzzU7J6nwAACbk4ScR2...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEzzU7J6nwAACbk4ScR2w&gdpr=0
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3547929380008100760
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=546B0175-D6AA-46B9-A0AD-C2A930BF5276
0
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Mon, 04 Sep 2023 02:17:25 GMT
server
istio-envoy
x-envoy-upstream-service-time
2

Redirect headers

content-length
115
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:17:25 GMT
location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=546B0175-D6AA-46B9-A0AD-C2A930BF5276
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame E5CA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4011881537103642354&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 04 Sep 2023 02:17:24 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame C6C4
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=30046c42-4ac9-11ee-ba0a-6250e198ad71
42 B
260 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=30046c42-4ac9-11ee-ba0a-6250e198ad71
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 04 Sep 2023 02:17:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Mon, 04 Sep 2023 02:17:25 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=30046c42-4ac9-11ee-ba0a-6250e198ad71
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-3
ImgSync
image8.pubmatic.com/AdServer/ Frame FDCB
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_4180617bbf17460393dff
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 04 Sep 2023 02:17:24 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame E973
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eG5vbn0_OmtjaT9iKGIkOnxia2JjPGw6fz5nywKv
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

date
Mon, 04 Sep 2023 02:17:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 03 Sep 2023 21:07:42 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 797C 		85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 04 Sep 2023 02:17:24 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760091-MIA
x-timer
S1693793845.871905,VS0,VE25
ImgSync
image8.pubmatic.com/AdServer/ Frame 86FA
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 04 Sep 2023 02:17:24 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
usersync
usersync.gumgum.com/ Frame F566 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:24 GMT
Expires
0
Pragma
no-cache
insync
thrtle.com/ Frame A4F4
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&vxii_pid=12&vxii_pid1=10067&vxii_rcid=15c55c92-fb26-49ab-9c1d-66f09685044d
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&vxii_pid=12&vxii_pid1=10067&vxii_rcid=15c55c92-fb26-49ab-9c1d-66f09685044d
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
34.233.10.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-10-41.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Mon, 04 Sep 2023 02:17:25 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&vxii_pid=12&vxii_pid1=10067&vxii_rcid=15c55c92-fb26-49ab-9c1d-66f09685044d
date
Mon, 04 Sep 2023 02:17:24 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame A4F4 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame A4F4 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.119.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-119-35.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame A4F4 		0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.99.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-99-201.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 04 Sep 2023 02:17:24 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A4F4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=e8def573-4079-4fed-a230-54596150311f
  • https://a.usbrowserspeed.com/cs?puid=42243296-7b04-5b95-89b6-466ebf42f3c3&pid=lc&r=https%3a%2f%2fmatch%2eprod%2ebidr%2eio%2fcookie%2dsync%2ffivebyfive%3fr%3dhttps%253a%252f%252fa%252eclickcertain%2...
  • https://match.prod.bidr.io/cookie-sync/fivebyfive?r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26bidswitch_ssp_id%3dpubmatic
  • https://a.usbrowserspeed.com/cs?puid=AAEzzU7J6nwAACbk4ScR2w&pid=beeswax&r=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26bidswitch_ssp_id%3Dpubmatic
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=179&user_id=5ba5167a-a1f7-4992-a28e-f709ca5f9046&expires=5&user_group=0&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&gdpr_pd=
1 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 04 Sep 2023 02:17:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame A4F4 		0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.131.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-131-34.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
sn.ashx
pmp.mxptint.net/ Frame A4F4
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_10874B36B_F6275555&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
38.98.69.175 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-376798571; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:24 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-376798571; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame 3D27 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:8::17cd:680d Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4240f5f1567668c90d34aaf10dcd7d3212e51354e17d713116673285fd95f15d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2023 08:27:40 GMT
Server
AkamaiNetStorage
ETag
"9e933d8729750cb1d59e5a7d678dc74d:1690276515.341544"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3066
CookieSync.min.js
csync.smartadserver.com/rtb/csync/ Frame 3D27 		74 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:59::17d5:9e14 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081

Request headers

accept-language
en-US,en;q=0.9
Referer
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Jul 2023 09:30:57 GMT
Server
AkamaiNetStorage
ETag
"0dec18a9648b57994b6d38816a4f0f72:1688378499.997788"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16507
TemplatePool.min.js
csync.smartadserver.com/rtb/csync/ Frame 3D27 		157 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:59::17d5:9e14 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
86ec23821217734d74230a6907152bdaf190cfe1f1c6b3490c6ad76d902727a6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Jul 2023 09:30:57 GMT
Server
AkamaiNetStorage
ETag
"e10b5582af97aec7baf13d0edfb2a28d:1688378500.342453"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4237
bridge3.587.0_en.html
imasdk.googleapis.com/js/core/ Frame F13A 		720 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ecda44a108d559f69ea5d0687a080fee360eb8ffd118aee7783edc269cd4c5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
65240
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236429
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 08:10:04 GMT
expires
Mon, 02 Sep 2024 08:10:04 GMT
last-modified
Wed, 30 Aug 2023 15:21:00 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame ABCD 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 04 Sep 2023 02:17:25 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E178 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1069
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 04 Sep 2023 02:59:35 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 2F08 		49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9276a8c8d010b77af50144c60047b781&visitor=1869577055167662355&name=SMARTADSERVER&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 2F08
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3547929380008100760&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3547929380008100760&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.105.12.173 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3547929380008100760&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 2F08
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=5006350c-a261-44d7-84dd-dbea8f08b6e4&gdpr=0
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=5006350c-a261-44d7-84dd-dbea8f08b6e4&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.105.12.173 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=5006350c-a261-44d7-84dd-dbea8f08b6e4&gdpr=0
date
Mon, 04 Sep 2023 02:17:25 GMT
content-length
0
/
csync.loopme.me/ Frame 2F08 		0
0
e09bad714a425a93d6dea503dcf9c528.gif
cs.admanmedia.com/ Frame 2F08 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:25 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
usync.js
eus.rubiconproject.com/ Frame C3C2 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0d43cf6ee2a94f6120efed2bff5fd431452117ac4fde83201e9916b406266ae7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:25 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:37:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58750
Connection
keep-alive
Content-Length
10123
Expires
Mon, 04 Sep 2023 18:36:35 GMT
usync.js
eus.rubiconproject.com/ Frame 81E7 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0d43cf6ee2a94f6120efed2bff5fd431452117ac4fde83201e9916b406266ae7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:25 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:37:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58750
Connection
keep-alive
Content-Length
10123
Expires
Mon, 04 Sep 2023 18:36:35 GMT
usync.js
eus.rubiconproject.com/ Frame E827 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0d43cf6ee2a94f6120efed2bff5fd431452117ac4fde83201e9916b406266ae7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:25 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:37:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58750
Connection
keep-alive
Content-Length
10123
Expires
Mon, 04 Sep 2023 18:36:35 GMT
user-sync
sync.adkernel.com/ Frame 0E69
Redirect Chain
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D200784%26dsp%3D631495%26t%3Dimage%26uid%3D%24UID
  • https://sync.adkernel.com/user-sync?zone=200784&dsp=631495&t=image&uid=4011881537103642354
42 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=200784&dsp=631495&t=image&uid=4011881537103642354
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
an-x-request-uuid
d394d207-9c3c-41ff-bd08-37d79c385c3e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
//sync.adkernel.com/user-sync?zone=200784&dsp=631495&t=image&uid=4011881537103642354
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 9EBA 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0d43cf6ee2a94f6120efed2bff5fd431452117ac4fde83201e9916b406266ae7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:25 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:37:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58750
Connection
keep-alive
Content-Length
10123
Expires
Mon, 04 Sep 2023 18:36:35 GMT
usync.html
eus.rubiconproject.com/ Frame 48C1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:17:25 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:17:25 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BF3F
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1693793844913.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.25.11 Dallas, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-25-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=102118
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:17:25 GMT
expires
Tue, 05 Sep 2023 06:39:23 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 04 Sep 2023 02:17:24 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP009
x-33x-status
40000000008200000A
usync
ssp.api.tappx.com/cs/ Frame 0F3F
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1693793844913.&ri=0010b00001siQHqAAM&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D...
  • https://ssp.api.tappx.com/cs/usync?idmn=58&type=iframe&id=212259677762089&auxuid=
0
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=58&type=iframe&id=212259677762089&auxuid=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
Protocol
HTTP/1.1
Server
35.236.200.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.200.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:25 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
referrer-policy
unsafe-url
server
33XP019
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://ssp.api.tappx.com/cs/usync?idmn=58&type=iframe&id=212259677762089&auxuid=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 0F3F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=the33across&bsw_param=e8def573-4079-4fed-a230-54596150311f&google_hm=ZThkZWY1NzMtNDA3OS00ZmVkLWEyMzAtNTQ1OTYxNTAz...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEEtw_A56VWyshdgAPDjm35M&google_cver=1&ssp=the33across&bsw_param=e8def573-4079-4fed-a230-54596150311f
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=e8def573-4079-4fed-a230-54596150311f
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=e8def573-4079-4fed-a230-54596150311f&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=e8def573-4079-4fed-a230-54596150311f&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=e8def573-4079-4fed-a230-54596150311f&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 0F3F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-oOBjYdZE2uEwY1BGEt4zD_FJ5refzOdP~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-oOBjYdZE2uEwY1BGEt4zD_FJ5refzOdP%7EA&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-oOBjYdZE2uEwY1BGEt4zD_FJ5refzOdP%7EA&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
referrer-policy
unsafe-url
server
33XP010
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-oOBjYdZE2uEwY1BGEt4zD_FJ5refzOdP%7EA&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 0F3F
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=4aed342139a106f4&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAACqLm9CWEhrQNxpcDFAAAAAAA&expiration=1693880245&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAACqLm9CWEhrQNxpcDFAAAAAAA&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAACqLm9CWEhrQNxpcDFAAAAAAA&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
referrer-policy
unsafe-url
server
33XP018
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAACqLm9CWEhrQNxpcDFAAAAAAA&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 0F3F
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=3934349205523529802736
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=3934349205523529802736&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=3934349205523529802736&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
referrer-policy
unsafe-url
server
33XP009
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=3934349205523529802736&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.html
eus.rubiconproject.com/ Frame 0573
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:17:25 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:17:25 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
match
events-ssc.33across.com/ Frame 4118
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=7928e066-76a9-463e-af89-7ce88bea635d&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=e8def573-4079-4fed-a230-54596150311f
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=e8def573-4079-4fed-a230-54596150311f&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=e8def573-4079-4fed-a230-54596150311f&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
referrer-policy
unsafe-url
server
33XP018
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=e8def573-4079-4fed-a230-54596150311f&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 4118
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-oOBjYdZE2uEwY1BGEt4zD_FJ5refzOdP~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-oOBjYdZE2uEwY1BGEt4zD_FJ5refzOdP%7EA&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-oOBjYdZE2uEwY1BGEt4zD_FJ5refzOdP%7EA&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
referrer-policy
unsafe-url
server
33XP015
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-oOBjYdZE2uEwY1BGEt4zD_FJ5refzOdP%7EA&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 4118
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=37f863d519c90706&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAACqLm9CWEhtQNe8wDAAAAAAAA&expiration=1693880245&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAACqLm9CWEhtQNe8wDAAAAAAAA&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAACqLm9CWEhtQNe8wDAAAAAAAA&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
referrer-policy
unsafe-url
server
33XP009
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAACqLm9CWEhtQNe8wDAAAAAAAA&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 4118
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=3934349205523529802736
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=3934349205523529802736&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=3934349205523529802736&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
referrer-policy
unsafe-url
server
33XP015
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=3934349205523529802736&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F596
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1693793844913.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.25.11 Dallas, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-25-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=102118
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:17:25 GMT
expires
Tue, 05 Sep 2023 06:39:23 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 04 Sep 2023 02:17:24 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP012
x-33x-status
40000000008200000A
33across
s.seedtag.com/cs/cookiesync/ Frame 4118
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1693793844913.&ri=0010b00002MptHCAAZ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERI...
  • https://s.seedtag.com/cs/cookiesync/33across?channeluid=212259677762089
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/33across?channeluid=212259677762089
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://s.seedtag.com/cs/cookiesync/33across?channeluid=212259677762089
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
prbds2s
rtb.gumgum.com/usync/ Frame 2E9C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.203.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-203-164.compute-1.amazonaws.com
Software
nginx /
Resource Hash
538ee627800738d499a82851793a576403661b6959b865cacfe2be2c7d1f7ceb

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 04 Sep 2023 02:17:25 GMT
etag
W/"0609e0eddb06bc286220a0263500b15c3"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 44F3 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
152media
sync.quantumdex.io/usersync/ Frame 6755 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/152media
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
019aae4c5f57fe5e607f6627d3405fa299599b24a2bdfad2bfe383eb3a547b58

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8012bc6cef6fda83-MIA
content-encoding
gzip
content-type
text/html
date
Mon, 04 Sep 2023 02:17:25 GMT
server
cloudflare
Rubicon
s.seedtag.com/cs/cookiesync/ Frame 3EEF
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=seedtag&us_privacy=1---&khaos=LM494BTJ-1P-8OPA
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LM494BTJ-1P-8OPA&us_privacy=1---
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LM494BTJ-1P-8OPA&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LM494BTJ-1P-8OPA&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
693f17ec94b6fd0c82d03268b1ba23d6
Expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FCDB 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.25.11 Dallas, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-25-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=102118
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:17:25 GMT
expires
Tue, 05 Sep 2023 06:39:23 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.spotim.market/ Frame E481
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID&gdpr=0&gdpr_consent=
  • https://sync.spotim.market/csync?t=a&ep=644680&extuid=3934349205523529802736
43 B
455 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=644680&extuid=3934349205523529802736
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:24 GMT
Etag
257707a9de85b7d4
Server
Adtelligent

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 04 Sep 2023 02:17:25 GMT
location
https://sync.spotim.market/csync?t=a&ep=644680&extuid=3934349205523529802736
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/usync/ Frame DC2B 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
csync
sync.spotim.market/ Frame 7977
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=c5340d26-f955-037b-24c2-a96fc1e0ed0d
43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=482928&extuid=c5340d26-f955-037b-24c2-a96fc1e0ed0d
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:24 GMT
Server
Adtelligent
Etag
257707a9de85b7d4
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://sync.spotim.market/csync?t=a&ep=482928&extuid=c5340d26-f955-037b-24c2-a96fc1e0ed0d
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121
cs
cs-server-s2s.yellowblue.io/ Frame 7977
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005&rndcb=6763225531
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adconductor
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3547929380008100760&ssp=adconductor
  • https://sync.1rx.io/usersync/bidswitch/e8def573-4079-4fed-a230-54596150311f?gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3DRX-3559f5de-4611-4ec6-ac6c-cf2f5ef...
  • https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://s.spotim.market/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
Date
Mon, 04 Sep 2023 02:17:25 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX3559f5de46114ec6ac6ccf2f5ef1bc6c005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
sync
visitor.omnitagjs.com/visitor/ Frame 7977
Redirect Chain
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Fredir%3Dhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fuid%253D9f93135e824096b627ff609f5cdee636...
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D9f93135e824096b627ff609f5cdee636%26visitor%3D%7Buid%7D%26name%3DOPENWEB
  • https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=257707a9de85b7d4&name=OPENWEB
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=257707a9de85b7d4&name=OPENWEB
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=257707a9de85b7d4&name=OPENWEB
Date
Mon, 04 Sep 2023 02:17:24 GMT
Server
Adtelligent
Etag
257707a9de85b7d4
Content-Length
0
idl.js
assets.a-mo.net/js/ Frame 3275 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=www.shefinds.com&e=27&uid=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2239a36b676f56ac4569b253bebe7fd244c22f91c76cee060640386cb16020d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
via
1.1 f2a1384c219ffd4f6867ab3f186e613a.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-C3
age
228
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 27 Jun 2023 16:12:52 GMT
server
cloudflare
etag
W/"a61ed4db59070cd66af981cbd85859ca"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
8012bc6cc8b63376-MIA
x-amz-cf-id
GyGz7my7geVkIAVTiHPVN8X9WDwU2IqwirszPL9R2NRu2YNeZbOU1g==
expires
Mon, 04 Sep 2023 03:17:25 GMT
setuid
prebid.a-mo.net/ Frame 3275
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dadaptmx%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=adaptmx&user_id=k-3kDPGTXcsSsOt9IIysDWu4dmNYrRL7yPBhS09A&gdpr=0&gdpr_consent=
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=e8def573-4079-4fed-a230-54596150311f&gdpr=0&gdpr_consent=&us_privacy=
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=e8def573-4079-4fed-a230-54596150311f&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=e8def573-4079-4fed-a230-54596150311f&gdpr=0&gdpr_consent=&us_privacy=
Date
Mon, 04 Sep 2023 02:17:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
yahoo
prebid.a-mo.net/setuid/ Frame 3275
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-70lmELdE2uFYfjk5c.xD9t3xIJYO_ELvJyAImdQ-~A&gdpr=0
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-70lmELdE2uFYfjk5c.xD9t3xIJYO_ELvJyAImdQ-~A&gdpr=0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-70lmELdE2uFYfjk5c.xD9t3xIJYO_ELvJyAImdQ-~A&gdpr=0
date
Mon, 04 Sep 2023 02:17:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/ Frame 3275
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=LM494BTJ-1P-8OPA&gdpr=0&us_privacy=1---
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LM494BTJ-1P-8OPA&gdpr=0&us_privacy=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LM494BTJ-1P-8OPA&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Expires
0
setuid
prebid.a-mo.net/ Frame 3275
Redirect Chain
  • https://id.a-mx.com/u?&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De04b39a0-b6a4-433d-b5c7-aeb7ac81aed7%26bidder%3Damx_com%26uid%3D
  • https://prebid.a-mo.net/setuid?A=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&bidder=amx_com&uid=
0
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&bidder=amx_com&uid=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:24 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

date
Mon, 04 Sep 2023 02:17:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nSRvS8ZpfxICXS1Kju%2Bnpu37hkM875S8zNSiL5O8FGviXXkUTZNnQBaE2bKV%2Bpfj5tfV6KfN%2BL8aLtZrPUb%2BTXLmNqIiZgqvQwN%2FNXPXtJVCAp0GYg3Ktdq0N%2B4Aq8npDtj8IVVDyuZNOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
location
https://prebid.a-mo.net/setuid?A=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&bidder=amx_com&uid=
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8012bc6d3eb3dac5-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
setuid
prebid.a-mo.net/ Frame 3275
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De04b39a0-b6a4-433d-b5c7-aeb7ac81aed7%26bid...
  • https://prebid.a-mo.net/setuid?A=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&bidder=smartadserver&uid=1869577055167662355
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&bidder=smartadserver&uid=1869577055167662355
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&bidder=smartadserver&uid=1869577055167662355
date
Mon, 04 Sep 2023 02:17:24 GMT
content-length
0
setuid
ib.adnxs.com/prebid/ Frame 3275 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&do=www.shefinds.com
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
an-x-request-uuid
ccf7cc68-5676-4fb1-ba8d-26ff4913999e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame 3275 		86 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&do=www.shefinds.com
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.105 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
content-length
86
content-type
image/png
setuid
prebid-server.rubiconproject.com/ Frame 3275 		86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7&do=www.shefinds.com
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=c1729f21-84ed-3d2f-45d9-458ec7b0763f&tv=%7Bc:nawQ5J,pingTime:1,time:1852,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:698%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1852,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:698,wc:0.0.1600.1200,ac:436.1101.728.90,am:i,cc:436.1101.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1277~100%5D,as:%5B1277~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:311,fm:tOQOlQr+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18111%7C18112%7C18113%7C18114%7C18115%7C18116%7C18117%7C18118%7C1812%7C18131%7C18132%7C1814%7C1815%7C1816%7C1817%7C1818%7C181911%7C18192%7C181a1%7C181a2%7C181b%7C181c%7C181d%7C181e%7C181f%7C181g%7C181h1%7C181h2%7C181i%7C19%7C1a%7C1b1%7C1c*.930203%7C1c1%7C1c2%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:1c*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:699,sis:810%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dd1:ab44:ba2a:c71f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=c1729f21-84ed-3d2f-45d9-458ec7b0763f&tv=%7Bc:nawQ5K,pingTime:1,time:1853,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:698%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1853,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:698,wc:0.0.1600.1200,ac:436.1101.728.90,am:i,cc:436.1101.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1278~100%5D,as:%5B1278~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:311,fm:tOQOlQr+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18111%7C18112%7C18113%7C18114%7C18115%7C18116%7C18117%7C18118%7C1812%7C18131%7C18132%7C1814%7C1815%7C1816%7C1817%7C1818%7C181911%7C18192%7C181a1%7C181a2%7C181b%7C181c%7C181d%7C181e%7C181f%7C181g%7C181h1%7C181h2%7C181i%7C19%7C1a%7C1b1%7C1c*.930203%7C1c1%7C1c2%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:1c*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:699,sis:810,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dd1:ab44:ba2a:c71f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=c1729f21-84ed-3d2f-45d9-458ec7b0763f&tv=%7Bc:nawQ5K,pingTime:1,time:1853,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:698%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1853,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:698,wc:0.0.1600.1200,ac:436.1101.728.90,am:i,cc:436.1101.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1278~100%5D,as:%5B1278~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:311,fm:tOQOlQr+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18111%7C18112%7C18113%7C18114%7C18115%7C18116%7C18117%7C18118%7C1812%7C18131%7C18132%7C1814%7C1815%7C1816%7C1817%7C1818%7C181911%7C18192%7C181a1%7C181a2%7C181b%7C181c%7C181d%7C181e%7C181f%7C181g%7C181h1%7C181h2%7C181i%7C19%7C1a%7C1b1%7C1c*.930203%7C1c1%7C1c2%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:1c*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:699,sis:810,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dd1:ab44:ba2a:c71f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
usersync
usersync.gumgum.com/ Frame 2E9C
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=ef64a777-f1cd-43a8-a50e-1af8b0183d5c
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=ef64a777-f1cd-43a8-a50e-1af8b0183d5c
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=ef64a777-f1cd-43a8-a50e-1af8b0183d5c
Date
Mon, 04 Sep 2023 02:17:25 GMT
Connection
keep-alive
X-CI-RTID
3f6f18eb-f23b-43a3-8eb9-d6a95919a9a1
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 2E9C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_5acc3aaa-1709-48bc-996d-7993392c2d49&gdpr=&gdpr_consent=&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=e8def573-4079-4fed-a230-54596150311f
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=2940fdbe-e48c-4339-a0ac-04f2fd9d5fc9&user_group=1&ssp=gumgum2&bsw_param=e8def573-4079-4fed-a230-54596150311f
  • https://usersync.gumgum.com/usersync?b=bsw&i=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 04 Sep 2023 02:17:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 2E9C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=0bd72699-68df-08c4-2835-799788eb2ec6
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=0bd72699-68df-08c4-2835-799788eb2ec6
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:17:25 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=0bd72699-68df-08c4-2835-799788eb2ec6
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 2E9C
Redirect Chain
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=dit&i=di_4180617bbf17460393dff
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=dit&i=di_4180617bbf17460393dff
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=dit&i=di_4180617bbf17460393dff
date
Mon, 04 Sep 2023 02:17:24 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 2E9C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=zgn5cAUresle&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=zgn5cAUresle&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://usersync.gumgum.com/usersync?b=pln&i=zgn5cAUresle&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-5zghb
expires
-1
usersync
usersync.gumgum.com/ Frame 2E9C
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1869577055167662355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1869577055167662355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1869577055167662355
date
Mon, 04 Sep 2023 02:17:25 GMT
content-length
0
setuid
prebid-server.rubiconproject.com/ Frame 2E9C 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=gumgum&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=u_5acc3aaa-1709-48bc-996d-7993392c2d49
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
activeview
pagead2.googlesyndication.com/pcs/ Frame 4FCA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1Qec78LCO57ErdEUJenpTYsqpdm9iGBZrUOVhhWBs59RVuKp0azdQTpz8u_RtYImGpHeVbYZcXlzX18L7JtkHomzWCVUBjAmg8ut-lUIGyAZy_u-2iu67PZxZc2jV&sig=Cg0ArKJSzCeSKBvrAOWWEAE&id=lidar2&mcvt=1086&p=1101,436,1191,1164&mtos=1086,1086,1086,1086,1086&tos=1086,0,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2658108955&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693793841998&rpt=2223&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 48C1 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0d43cf6ee2a94f6120efed2bff5fd431452117ac4fde83201e9916b406266ae7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:25 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:37:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58750
Connection
keep-alive
Content-Length
10123
Expires
Mon, 04 Sep 2023 18:36:35 GMT
usync.js
eus.rubiconproject.com/ Frame 0573 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0d43cf6ee2a94f6120efed2bff5fd431452117ac4fde83201e9916b406266ae7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:25 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:37:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58750
Connection
keep-alive
Content-Length
10123
Expires
Mon, 04 Sep 2023 18:36:35 GMT
usersync
usersync.gumgum.com/ Frame 80A2
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZPU.McCo5uYAAFGFxvUAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZPU.McCo5uYAAFGFxvUAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:25 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 04 Sep 2023 02:17:25 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZPU.McCo5uYAAFGFxvUAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
26
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40105.dc2p.scaleout.jp
X-SO-IP
38.132.118.76
X-SO-Key
ZPU.McCo5uYAAFGFxvUAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"38.132.118.76","key":"ZPU.McCo5uYAAFGFxvUAAAAA","privacy_sensitive":false,"uid":"ZPU.McCo5uYAAFGFxvUAAAAA","upstream_id":"a-ad40105"}
X-SO-LB-Hostname
a-tgng40008.dc2p.scaleout.jp
X-SO-UID
ZPU.McCo5uYAAFGFxvUAAAAA
X-SO-Upstream-ID
a-ad40105
gumgum
cs.admanmedia.com/sync/ Frame B9BE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=u_5acc3aaa-1709-48bc-996d-7993392c2d49&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usersync
usersync.gumgum.com/ Frame A4E0
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=qa45XtQKCxwmfyBqSHIl&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=qa45XtQKCxwmfyBqSHIl&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:25 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 04 Sep 2023 02:17:25 GMT Mon, 04 Sep 2023 02:17:25 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=qa45XtQKCxwmfyBqSHIl&pi=gumgum
pragma
no-cache
usersync
usersync.gumgum.com/ Frame 8958
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=ZPU_MQAAAyPauwA4&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZPU_MQAAAyPauwA4&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:25 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 04 Sep 2023 02:17:25 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZPU_MQAAAyPauwA4&gdpr=&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mia-kmia1760091-MIA
x-timer
S1693793845.376756,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 50B4 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV81YWNjM2FhYS0xNzA5LTQ4YmMtOTk2ZC03OTkzMzkyYzJkNDk=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:17:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3AFD 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.25.11 Dallas, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-25-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=102118
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:17:25 GMT
expires
Tue, 05 Sep 2023 06:39:23 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
sync.quantumdex.io/ Frame 6755
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-6a35ffea-8057-313e-bfb9-3e646aac53b8
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-6a35ffea-8057-313e-bfb9-3e646aac53b8
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012bc6e3a72da83-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-6a35ffea-8057-313e-bfb9-3e646aac53b8
pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
no-store
content-length
0
expires
0
setuid
sync.quantumdex.io/ Frame 6755
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=818970230e
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=smaato&uid=818970230e
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012bc6e3a86da83-MIA
content-length
43
content-type
image/gif

Redirect headers

date
Mon, 04 Sep 2023 02:17:10 GMT
via
1.1 957a0e737a088bdc07cb5cc9dcc9e826.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
age
15
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.quantumdex.io/setuid?bidder=smaato&uid=818970230e
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
Ft2oi1Gs4vc85WFkf1P9FxXVzRtIkRWEU4HsRYM1KlZ8jfDwQ_0WkA==
setuid
sync.quantumdex.io/ Frame 6755
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5006350c-a261-44d7-84dd-dbea8f08b6e4
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5006350c-a261-44d7-84dd-dbea8f08b6e4
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012bc6e6af5da83-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5006350c-a261-44d7-84dd-dbea8f08b6e4
date
Mon, 04 Sep 2023 02:17:25 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 6755
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=between&uid=b0231eb4-a9f2-53f7-952d-4f68f1d87159
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=b0231eb4-a9f2-53f7-952d-4f68f1d87159
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012bc6e6af9da83-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=b0231eb4-a9f2-53f7-952d-4f68f1d87159
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 6755
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HQzJeBZHuGCrpGR8Q52pzqdh
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HQzJeBZHuGCrpGR8Q52pzqdh
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012bc6f3ca5da83-MIA
content-length
43
content-type
image/gif

Redirect headers

Date
Mon, 04 Sep 2023 02:17:25 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HQzJeBZHuGCrpGR8Q52pzqdh
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame 6755
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-01ceEplVPO5HtWpEGgg81M15DFaFwdnMIOLwnMU6UA
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-01ceEplVPO5HtWpEGgg81M15DFaFwdnMIOLwnMU6UA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012bc70bf4fda83-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-01ceEplVPO5HtWpEGgg81M15DFaFwdnMIOLwnMU6UA
date
Mon, 04 Sep 2023 02:17:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 6755
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4011881537103642354
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4011881537103642354
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012bc6eab95da83-MIA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
an-x-request-uuid
928320e4-09ea-401f-b316-3c8c525b9ca1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4011881537103642354
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 6755 		43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307682&extuid=0341107e-b5e8-498e-8e49-12e4a466cfbf
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:24 GMT
Server
Adtelligent
Etag
48bf29b70ce2d3f4
Content-Length
43
Content-Type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame C3C2
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&us_privacy=1---&khaos=LM494BTJ-1P-8OPA
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LM494BTJ-1P-8OPA&name=RUBICON&gdpr=0&us_privacy=1---
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LM494BTJ-1P-8OPA&name=RUBICON&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LM494BTJ-1P-8OPA&name=RUBICON&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
693f17ec94b6fd0c82d03268b1ba23d6
Expires
0
usync
ssp.api.tappx.com/cs/ Frame 81E7
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=tappx&us_privacy=1---&khaos=LM494BTJ-1P-8OPA
  • https://ssp.api.tappx.com/cs/usync?idmn=52&id=LM494BTJ-1P-8OPA&us_privacy=1---
0
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=52&id=LM494BTJ-1P-8OPA&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
Protocol
HTTP/1.1
Server
35.236.200.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.200.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:25 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ssp.api.tappx.com/cs/usync?idmn=52&id=LM494BTJ-1P-8OPA&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
Expires
0
ads
pubads.g.doubleclick.net/gampad/ Frame F13A 		156 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?env=vp&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&sz=5x5%7C640x480&iu=%2F8352%2C1017293%2Fa.shefinds%2Ffashion&url=https%3A%2F%2Fwww.shefinds.com%2F&description_url=https%3A%2F%2Fwww.shefinds.com%2F&correlator=3240526859637527&cust_params=pvuuid%3Df7b45e1c-6f9f-4680-aa2b-17488febc95b%26addir%3Dbh%252F41%252F412%252F412983%252F2498530%26site%3Dshefinds%26domain%3Dshefinds.com%26urlhash%3D177546%26ci%3Dfront%26plat%3Ddesk%26pt%3D-%26schainv10%3D1.0%252C1!pmc.com%252C1179161%252C1%252C%252C%252C%26browser%3DChrome%26pageview%3D1%26admants%3DS_11586%252CS_12972%252CS_12973%252CS_4282%252CS_4283%252CS_4289%252CS_4305%252CS_4307%252CS_4700%252CS_6554%252CS_6555%252CS_6651%252CS_6655%252CS_7003%252CS_7075%252CS_8275%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_3005184_PG%252CIAS_3005161_PG%252CIAS_3005111_PG%252CIAS_3008366_PG%252CIAS_3007987_PG%252CIAS_3005069_PG%252CIAS_3006637_PG%252CIAS_3005151_PG%252CIAS_3005175_PG%252CIAS_3008596_PG%252CIAS_3005146_PG%252CIAS_1508023_PG%26fr%3Dtrue%26permutive%3D21967%252C32638%252C32745%252C33093%252C33097%252C33495%252C33515%252C34895%252C35238%252C38317%252C38334%252C60188%252C60189%252C61650%252C61680%252C61710%252C64902%252C72125%252C73308%252C73711%252C87946%252C88067%252C95993%252C99938%252C101194%252C105086%252C106672%252C107679%252C116913%252C116916%252C124918%252C128770%252C128795%252C132398%252C137974%252C144198%252C149161%26videocodecgroup%3Dall%26player_type%3DfloatDesktop%26autoplay%3Dtrue%26closable_player%3Dy%26inview%3Dtrue%26player_height%3D900%26player_width%3D1600%26st%3Dvideo%26loc%3Doutstr%26inst%3D-%26us_privacy%3D1---%26consent_required%3D0&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2343642265&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&sid=D3AD0CB5-D020-4B02-9003-60F2DBF06105&a3p=EhkKCnVpZGFwaS5jb20YyN7r76UxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMje6--lMUgAUgIIZA..&nel=0&eid=44770822%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&ref=https%3A%2F%2Fwww.shefinds.com%2F&top=https%3A%2F%2Fwww.shefinds.com%2F&loc=https%3A%2F%2Fwww.shefinds.com%2F&dt=1693793845418&cookie=ID%3Da46a29fc17244e46%3AT%3D1693793841%3ART%3D1693793841%3AS%3DALNI_Mab8Hp8IQh6jPtgdAECxbwfEU24DQ&gpic=UID%3D00000d8fc381fc6f%3AT%3D1693793841%3ART%3D1693793841%3AS%3DALNI_MYpcLClJbX_Alv0IrXxc11Zh3Hnyg&scor=2070140587433378&ged=ve4_td1_tt0_pd1_la1000_er901.20.1051.320_vi0.0.1200.1600_vp100_eb24299
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 7430 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
e81c9ada7ba39df6c7a207b6ec9fb73bdfcda1f76742a841929411e3a9e967b4

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1920
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:17:25 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
setuid
sync.quantumdex.io/ Frame FCD2
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8012bc6e6ae7da83-MIA
content-length
43
content-type
image/gif
date
Mon, 04 Sep 2023 02:17:25 GMT
server
cloudflare

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:17:25 GMT
ETag
OPTOUT
Expires
0
Location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Pragma
no-cache
Transfer-Encoding
chunked
sync
eb2.3lift.com/ Frame 73BC 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
82a0f42a40f4bcd71f5dc49c6cdb53a34a0d3a9b02c010e316a564fbe3f8cf75

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1074
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:17:25 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1BB3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.25.11 Dallas, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-25-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=102118
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:17:25 GMT
expires
Tue, 05 Sep 2023 06:39:23 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-server-s2s.yellowblue.io/ Frame D22D 		1000 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
4a26d2993e207085e1665f8c40a8081fdc93a7e250fdbdf008dac5e86e567257

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://sync.quantumdex.io/
content-length
1000
content-type
text/html
date
Mon, 04 Sep 2023 02:17:25 GMT
server
istio-envoy
x-envoy-upstream-service-time
4
/
onetag-sys.com/usync/ Frame DD54 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usermatch
ssum-sec.casalemedia.com/ Frame 69D3 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fuid%3D&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693793844570&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
cd6b7a9eba18dcbe5574a126d7474cd7d2581b9683e7a681722acb5328ecd179

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1936
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:17:25 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
cm
us-u.openx.net/w/1.0/ Frame 5E58 		788 B
516 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693793844570&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
39234ab5c96830187377fab2529fffc4b2d9d81c94193f5359dd8b8cea2f92f5

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
497
content-type
text/html
date
Mon, 04 Sep 2023 02:17:25 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame 0613 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693793844570&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/ Frame D4F0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/richaudience&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AAEzzU7J6nwAACbk4ScR2w
95 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AAEzzU7J6nwAACbk4ScR2w
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693793844570&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
date
Mon, 04 Sep 2023 02:13:23 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AAEzzU7J6nwAACbk4ScR2w
Date
Mon, 04 Sep 2023 02:17:25 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/ Frame D4F0
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=1869577055167662355
95 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=1869577055167662355
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693793844570&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
date
Mon, 04 Sep 2023 02:13:23 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=1869577055167662355
date
Mon, 04 Sep 2023 02:17:25 GMT
content-length
0
/
sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/ Frame D4F0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=7928e066-76a9-463e-af89-7ce88bea635d
95 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=7928e066-76a9-463e-af89-7ce88bea635d
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693793844570&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
date
Mon, 04 Sep 2023 02:13:23 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=7928e066-76a9-463e-af89-7ce88bea635d
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
sync
eb2.3lift.com/ Frame D5C2 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
c8ff3d0e54cc92d06d99f48717483cd782d2a289553cd414a0326e1ba2288a6e

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1248
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:17:25 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ffc68024-a2e7-4a95-bea0-6c8d4ae882e8
https://prebid.a-mo.net/ Frame 3275 		177 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://prebid.a-mo.net/ffc68024-a2e7-4a95-bea0-6c8d4ae882e8
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9527e66c27c555b138b1ee07509481cbb4068f4878b76515fd778f9c27b02e46

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length
177
Content-Type
async_usersync
ib.adnxs.com/ Frame 2460 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
an-x-request-uuid
327b0326-fa5e-4d3a-aa7e-0b2ce1796706
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0038 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
an-x-request-uuid
779f1640-9b00-4dc1-a824-e9e5238c4c19
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
sync.richaudience.com/a9b03dc9bdef0bcb818e9c4110ca0368/ Frame 5E58 		95 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a9b03dc9bdef0bcb818e9c4110ca0368/?uid=1e47cb03-18f4-07e4-1473-e4416dfc4cca
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
date
Mon, 04 Sep 2023 02:13:23 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
709996.gif
id.rlcdn.com/ Frame 5E58 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sd
us-u.openx.net/w/1.0/ Frame 5E58
Redirect Chain
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=50471763-5852-15a4-b867-228965766f42
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=0kfrvsng9khw0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072960&val=0kfrvsng9khw0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://us-u.openx.net/w/1.0/sd?id=537072960&val=0kfrvsng9khw0
cache-control
no-cache
cf-ray
8012bc6eefa28db2-MIA
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 5E58
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=e364b60c-12b0-0cdc-39db-f23ba48921b1&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZPU-NcFaWZMhnQFsPQK1N_1u
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZPU-NcFaWZMhnQFsPQK1N_1u
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 04 Sep 2023 02:17:25 GMT
server
Aorta/20230817.d884ef624
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZPU-NcFaWZMhnQFsPQK1N_1u
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
5cc5b13a59d9
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame 5E58
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=I7wI1elMibypOiXNk6IVOg==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5E58
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=ef64a777-f1cd-43a8-a50e-1af8b0183d5c
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=ef64a777-f1cd-43a8-a50e-1af8b0183d5c
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=ef64a777-f1cd-43a8-a50e-1af8b0183d5c
Date
Mon, 04 Sep 2023 02:17:25 GMT
Connection
keep-alive
X-CI-RTID
88cc62e4-299b-44a1-a25d-b936d2ba7556
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 5E58
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
setuid
ib.adnxs.com/prebid/ Frame 73BC 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=3934349205523529802736
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
an-x-request-uuid
7e025052-2616-47a1-9fa0-13167185d5a7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 73BC 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3934349205523529802736
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
an-x-request-uuid
c4d6f7fe-ab67-42a1-888a-dbd744dd104c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 73BC
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=ef64a777-f1cd-43a8-a50e-1af8b0183d5c&dongle=d54f&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=ef64a777-f1cd-43a8-a50e-1af8b0183d5c&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=ef64a777-f1cd-43a8-a50e-1af8b0183d5c&dongle=d54f&gdpr=0&gdpr_consent=
Date
Mon, 04 Sep 2023 02:17:25 GMT
Connection
keep-alive
X-CI-RTID
cffaed1d-556c-4dbb-bb13-012138f01537
Content-Length
149
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 73BC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=7671167391070426394&dongle=d407&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=7671167391070426394&dongle=d407&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=7671167391070426394&dongle=d407&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
xuid
eb2.3lift.com/ Frame 73BC
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=pJzQ7WI8Qm9vWQAlMsLp&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5OBFHUUJXK5ETQ...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=pJzQ7WI8Qm9vWQAlMsLp
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=pJzQ7WI8Qm9vWQAlMsLp
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:26 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=pJzQ7WI8Qm9vWQAlMsLp
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 73BC
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-eb067bed-7771-5702-6904-f1a213a26691$ip$38.132.118.76&dongle=4430
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-eb067bed-7771-5702-6904-f1a213a26691$ip$38.132.118.76&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-eb067bed-7771-5702-6904-f1a213a26691$ip$38.132.118.76&dongle=4430
Date
Mon, 04 Sep 2023 02:17:25 GMT
Connection
keep-alive
Content-Length
139
Content-Type
text/html; charset=utf-8
sync
sync.srv.stackadapt.com/ Frame 73BC 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.40.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-40-211.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:25 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
sync.srv.stackadapt.com/ Frame 73BC 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=114&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.40.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-40-211.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:25 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame 73BC
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3646&xuid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&dongle=1fa5&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3646&xuid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://eb2.3lift.com/xuid?mid=3646&xuid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&dongle=1fa5&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 73BC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3934349205523529802736
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
/
csync.loopme.me/ Frame D22D 		0
0
cksync.php
contextual.media.net/ Frame D22D 		53 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.120.23 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-120-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 04 Sep 2023 02:17:25 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Mon, 04 Sep 2023 02:17:25 GMT
cs
cs-server-s2s.yellowblue.io/ Frame D22D
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3547929380008100760
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=546B0175-D6AA-46B9-A0AD-C2A930BF5276
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=546B0175-D6AA-46B9-A0AD-C2A930BF5276
date
Mon, 04 Sep 2023 02:17:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
cs
cs-server-s2s.yellowblue.io/ Frame D22D
Redirect Chain
  • https://sync.1rx.io/usersync2/rise?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005&rndcb=1624172726
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adconductor
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3547929380008100760&ssp=adconductor
  • https://sync.1rx.io/usersync/bidswitch/e8def573-4079-4fed-a230-54596150311f?gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3DRX-3559f5de-4611-4ec6-ac6c-cf2f5ef...
  • https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:26 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
Date
Mon, 04 Sep 2023 02:17:25 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX3559f5de46114ec6ac6ccf2f5ef1bc6c005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
setuid
sync.quantumdex.io/ Frame D22D 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=rise&uid=kDfme2pzCp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012bc6e8b42da83-MIA
content-length
43
content-type
image/gif
/
onetag-sys.com/usync/ Frame 7E8A 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
setuid
ib.adnxs.com/prebid/ Frame D5C2 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=3934349205523529802736
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
an-x-request-uuid
7ed48dd0-5a9d-47be-83ea-c9aad15bd0bc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame D5C2 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3934349205523529802736
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
an-x-request-uuid
cefec14b-dff8-468c-affd-a8713f372bb5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame D5C2
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=ef64a777-f1cd-43a8-a50e-1af8b0183d5c&dongle=d54f&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=ef64a777-f1cd-43a8-a50e-1af8b0183d5c&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=ef64a777-f1cd-43a8-a50e-1af8b0183d5c&dongle=d54f&gdpr=0&gdpr_consent=
Date
Mon, 04 Sep 2023 02:17:25 GMT
Connection
keep-alive
X-CI-RTID
bcc4100e-c095-44b5-97aa-364fbcd003fd
Content-Length
149
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame D5C2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=7671167391070426394&dongle=d407&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=7671167391070426394&dongle=d407&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=7671167391070426394&dongle=d407&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
xuid
eb2.3lift.com/ Frame D5C2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=pJzQ7WI8Qm9vWQAlMsLp&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5OBFHUUJXK5ETQ...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=pJzQ7WI8Qm9vWQAlMsLp
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=pJzQ7WI8Qm9vWQAlMsLp
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:26 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=pJzQ7WI8Qm9vWQAlMsLp
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame D5C2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-eb067bed-7771-5702-6904-f1a213a26691$ip$38.132.118.76&dongle=4430
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-eb067bed-7771-5702-6904-f1a213a26691$ip$38.132.118.76&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-eb067bed-7771-5702-6904-f1a213a26691$ip$38.132.118.76&dongle=4430
Date
Mon, 04 Sep 2023 02:17:25 GMT
Connection
keep-alive
Content-Length
139
Content-Type
text/html; charset=utf-8
sync
sync.srv.stackadapt.com/ Frame D5C2 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.40.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-40-211.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:25 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
sync.srv.stackadapt.com/ Frame D5C2 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=114&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.40.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-40-211.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:25 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame D5C2
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3646&xuid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&dongle=1fa5&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3646&xuid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:24 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://eb2.3lift.com/xuid?mid=3646&xuid=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&dongle=1fa5&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame D5C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3934349205523529802736
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
setuid
prebid-server.rubiconproject.com/ Frame D5C2 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=triplelift&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=3934349205523529802736
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
match
events-ssc.33across.com/ Frame 48C1
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&us_privacy=1---&khaos=LM494BTJ-1P-8OPA
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LM494BTJ-1P-8OPA
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LM494BTJ-1P-8OPA&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LM494BTJ-1P-8OPA&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LM494BTJ-1P-8OPA&ts=1693793845&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
rum
dsum.casalemedia.com/ Frame 7430
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://rtb2-useast.marketiq.com/sync?exchange=685&ssp=index&bsw_param=e8def573-4079-4fed-a230-54596150311f
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.marketiq.com%2Fsync%3Fexchange%3D685%26ssp%3Dindex%26bsw_param%3De8def573-4079-4fed-a230-54596150311f
  • https://rtb2-useast.marketiq.com/sync?adkuid=A8961146309600924623&exchange=685&ssp=index&bsw_param=e8def573-4079-4fed-a230-54596150311f
  • https://x.bidswitch.net/sync?dsp_id=458&user_id=A8961146309600924623&expires=5&ssp=index&bsw_param=e8def573-4079-4fed-a230-54596150311f
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&us_privacy=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 04 Sep 2023 02:17:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 7430
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZPU.MAL8NXL8cEAE-8TFkQAA%26938&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=d32fa22b-0d5e-4f29-9a14-567781a29849-tuctbeec3b5
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=d32fa22b-0d5e-4f29-9a14-567781a29849-tuctbeec3b5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=d32fa22b-0d5e-4f29-9a14-567781a29849-tuctbeec3b5
date
Mon, 04 Sep 2023 02:17:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
63755
crum
dsum-sec.casalemedia.com/ Frame 7430
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104813317142
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104813317142
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
572
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104813317142
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8012bc704b404c08-MIA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7430
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://stags.bluekai.com/site/23178?id=pJzQ7WI8Qm9vWQAlMsLp&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD24CKPJITO...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=pJzQ7WI8Qm9vWQAlMsLp
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=pJzQ7WI8Qm9vWQAlMsLp
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:26 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=pJzQ7WI8Qm9vWQAlMsLp
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7430
Redirect Chain
  • https://rtb.adentifi.com/CookieIndex
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=188&external_user_id=cuid_3003c761-4ac9-11ee-ba9f-12fa6b58ae11
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=188&external_user_id=cuid_3003c761-4ac9-11ee-ba9f-12fa6b58ae11
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=188&external_user_id=cuid_3003c761-4ac9-11ee-ba9f-12fa6b58ae11
date
Mon, 04 Sep 2023 02:17:25 GMT
content-type
text/plain
usermatchredir
ssum-sec.casalemedia.com/ Frame 7430
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 7430 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
35FPWTRXQ83S7RSY1C2S
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 7430 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.98.139.150 Chicago, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693793845776002-469
setuid
sync.quantumdex.io/ Frame 7430 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012bc6f3ca4da83-MIA
content-length
43
content-type
image/gif
31327
i6.liadm.com/s/ Frame 69D3
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZPU.MAL8NXL8cEAE-8TFkQAA%26938&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZPU.MAL8NXL8cEAE-8TFkQAA%26938&gpp_sid=&us_privacy=&gpdr=
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZPU.MAL8NXL8cEAE-8TFkQAA%26938&gpp_sid=&us_privacy=&gpdr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fuid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:4bc9:ac6a:bf5b:3f86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:26 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZPU.MAL8NXL8cEAE-8TFkQAA%26938&gpp_sid=&us_privacy=&gpdr=
Date
Mon, 04 Sep 2023 02:17:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
crum
dsum-sec.casalemedia.com/ Frame 69D3
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1869577055167662355&gdpr=0&gdpr_consent=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1869577055167662355&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fuid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1869577055167662355&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:17:25 GMT
content-length
0
ibs:dpid=23728&dpuuid=ZPU.MAL8NXL8cEAE-8TFkQAA%26938
dpm.demdex.net/ Frame 69D3 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZPU.MAL8NXL8cEAE-8TFkQAA%26938?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fuid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.117.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-117-77.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-0357bbe6b.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
QGc/uVYtTac=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 69D3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://stags.bluekai.com/site/23178?id=pJzQ7WI8Qm9vWQAlMsLp&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD24CKPJITO...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=pJzQ7WI8Qm9vWQAlMsLp
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=pJzQ7WI8Qm9vWQAlMsLp
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fuid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:26 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=pJzQ7WI8Qm9vWQAlMsLp
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 69D3 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fuid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.98.139.150 Chicago, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693793845757068-636
tp_out
d.adroll.com/cm/index/ Frame 69D3 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fuid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2204:330d:d91c:ff43:9dc5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame 69D3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fuid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 69D3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fuid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
2600:1f18:4e9:5a05:92c5:57a0:36d6:5a53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
date
Mon, 04 Sep 2023 02:17:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
sync.richaudience.com/2066127a3f7c6635eb4f6cac536feb5a/ Frame 69D3 		95 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/2066127a3f7c6635eb4f6cac536feb5a/?uid=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fuid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
date
Mon, 04 Sep 2023 02:13:23 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
csi
csi.gstatic.com/ Frame F13A 		0
0
event
collector.sheknows.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.95.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-95-230.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Mon, 04 Sep 2023 02:17:25 GMT
event
collector.sheknows.com/ 		3 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.95.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-95-230.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
257c1be96ae69f4b01c2c69bdb6d78605f59175819fb007d0bf245bf48444c4a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:25 GMT
access-control-allow-headers
Content-Type
content-length
3
access-control-max-age
86400
access-control-allow-methods
POST
content-type
application/json; charset=UTF-8
csi
csi.gstatic.com/ Frame F13A 		0
0
pbs.gif
sync.colossusssp.com/ Frame 4FCA 		0
0
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dsmaato%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account...
  • https://prebid-server.rubiconproject.com/setuid?bidder=smaato&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=818970230e
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=smaato&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=818970230e
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:17:26 GMT
via
1.1 957a0e737a088bdc07cb5cc9dcc9e826.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://prebid-server.rubiconproject.com/setuid?bidder=smaato&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=818970230e
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
QTseKOc7hi2o4PB-fOHsX8FpRue2EXjJThewbTIYMXd6AKo4rVjFmA==
/
de.tynt.com/deb/ Frame A322
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26g...
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_cons...
2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
877214c78908383addcd126a4bafd538cc8830b6a391e66ff4133f30ad0485a5

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2238
content-type
text/html
date
Mon, 04 Sep 2023 02:17:26 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 04 Sep 2023 02:17:25 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP012
x-33x-status
8340000A
cm
us-u.openx.net/w/1.0/ Frame 3236
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1693793846656.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privac...
1 KB
632 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ebc33e3ae327481cd8a693113493a76dd99680fd4746dd985c7568f8dc4ee272

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
613
content-type
text/html
date
Mon, 04 Sep 2023 02:17:26 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 04 Sep 2023 02:17:26 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP014
x-33x-status
40000000008200000A
setuid
prebid-server.rubiconproject.com/ Frame A322
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1693793846656.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=212259677762089
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=212259677762089
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:26 GMT
referrer-policy
unsafe-url
server
33XP016
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=212259677762089
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame A322
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=1---
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1696385846%26external_user_id%3D7928e066-76a9-463e-af89-7ce88bea635d
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1696385846&external_user_id=7928e066-76a9-463e-af89-7ce88bea635d
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1696385846&external_user_id=7928e066-76a9-463e-af89-7ce88bea635d
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:26 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:26 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1696385846&external_user_id=7928e066-76a9-463e-af89-7ce88bea635d
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame A322
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1693793846656.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=1---&cb=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D2%26external_user_id%3D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=1---&bidder_id=2&external_user_id=ZPU.MAL8NXL8cEAE-8TFkQAA%26938
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=1---&bidder_id=2&external_user_id=ZPU.MAL8NXL8cEAE-8TFkQAA%26938
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:26 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://events-ssc.33across.com/match?liv=h&us_privacy=1---&bidder_id=2&external_user_id=ZPU.MAL8NXL8cEAE-8TFkQAA%26938
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
match
events-ssc.33across.com/ Frame A322
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D45%26xu%3D%7BuserId%7D
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=45&xu=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&ts=1693793846&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&ts=1693793846&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:26 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:26 GMT
referrer-policy
unsafe-url
server
33XP017
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&ts=1693793846&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame A322
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy=1---
  • https://ssc-cms.33across.com/ps/?xi=120&xu=6wZ77XdxVwJpBPGiE6JmkSaEdkw&us_privacy=1---
  • https://events-ssc.33across.com/match?bidder_id=120&external_user_id=6wZ77XdxVwJpBPGiE6JmkSaEdkw&ts=1693793846&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=120&external_user_id=6wZ77XdxVwJpBPGiE6JmkSaEdkw&ts=1693793846&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:26 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:26 GMT
referrer-policy
unsafe-url
server
33XP016
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=120&external_user_id=6wZ77XdxVwJpBPGiE6JmkSaEdkw&ts=1693793846&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame A322
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1693793846656.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://events-ssc.33across.com/match?liv=h&us_privacy=1---&bidder_id=90&external_user_id=4011881537103642354
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=1---&bidder_id=90&external_user_id=4011881537103642354
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:26 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:26 GMT
an-x-request-uuid
0deb743c-8d21-4cc4-9397-a2122280c769
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://events-ssc.33across.com/match?liv=h&us_privacy=1---&bidder_id=90&external_user_id=4011881537103642354
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame A4F4 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
events-ssc.33across.com/ Frame 3236 		68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=1---&bidder_id=70&external_user_id=8a818e87-9e41-007d-2379-66aa4aefbddf
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:27 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png
sd
us-u.openx.net/w/1.0/ Frame 3236
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=3SV3kkOj1QCZ9y5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=3SV3kkOj1QCZ9y5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:26 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0a395b4112339a1fc@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=3SV3kkOj1QCZ9y5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 3236
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3547929380008100760
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3547929380008100760
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3547929380008100760
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sd
us-u.openx.net/w/1.0/ Frame 3236
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=N9KNTTKD2Egs1d1BZ97GGTPeiUEsgI4ZMIKl80Nv
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=N9KNTTKD2Egs1d1BZ97GGTPeiUEsgI4ZMIKl80Nv
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=N9KNTTKD2Egs1d1BZ97GGTPeiUEsgI4ZMIKl80Nv
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3236
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=4a128e3b-88fd-4575-854f-3b7c5c958939&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=e8def573-4079-4fed-a230-54596150311f&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 04 Sep 2023 02:17:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame 3236
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=968907269421605264
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=968907269421605264
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=968907269421605264
Date
Mon, 04 Sep 2023 02:17:27 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame 3236
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=C0079F51A67C45978E5DF77E05DE4DD6
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=C0079F51A67C45978E5DF77E05DE4DD6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 04 Sep 2023 02:17:27 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=C0079F51A67C45978E5DF77E05DE4DD6
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 03 Sep 2023 02:17:27 GMT
52164
i.liadm.com/s/ Frame 3236
Redirect Chain
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=fc5c5e6d-7710-0ae3-0dc8-957cca2dee6f
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=d3cf66ec-fc8a-455f-b615-5cc76c73542a&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=e8def573-4079-4fed-a230-54596150311f
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=d3cf66ec-fc8a-455f-b615-5cc76c73542a
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=liveintent&bsw_custom_parameter=e8def573-4079-4fed-a230-54596150311f
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=e8def573-4079-4fed-a230-54596150311f&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=liveintent&bsw_param=e8def573-4079-4fed-a230-54596150311f
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=e8def573-4079-4fed-a230-54596150311f
43 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=e8def573-4079-4fed-a230-54596150311f
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Server
107.23.73.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-73-10.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:27 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
//i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=e8def573-4079-4fed-a230-54596150311f
Date
Mon, 04 Sep 2023 02:17:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
g.pixel
aa.agkn.com/adscores/ Frame 3236 		43 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212314908&puid=e0686297-0f06-0b03-250c-e5f0c07dbda6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-84.ewr50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
via
1.1 ea450411fc852f7d373f7efbe784dd74.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
HlCLlbTw7Z3nWu2elYkde-k9QkFHzXPYGpd7Yr_PMyvCK5nBjzzAGA==
expires
0
/
bpi.rtactivate.com/tag/ Frame 3236 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=50019&user_id=62c5a916-9f42-02ee-29e5-4673b2434a51
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.113.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-113-183.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:27 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
37274
stags.bluekai.com/site/ Frame 3236 		62 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/37274?limit=1&id=dbfeda4f-75bd-0d13-35b9-f65edbeb4f33
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1---&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.8.236 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-8-236.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control
max-age=0, no-cache, no-store
content-length
62
bk-server
8f87
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
onetag-sys.com/usync/ Frame 4059 		2 KB
890 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
7c45763728e602590c8b9af7e53b289720a6813359a6ca7430605cd0e3b4e495
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
807
content-type
text/html
strict-transport-security
max-age=15552000
setuid
prebid-server.rubiconproject.com/ Frame 4059 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-SPS2TCRBW2&gtm=45je38u0&_p=258654665&cid=1910143410.1693793839&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1693793839&sct=1&seg=0&dl=https%3A%2F%2Fwww.shefinds.com%2F&dt=Women%E2%80%99s%20Fashion%2C%20Beauty%20%26%20Lifestyle%20%E2%80%93%20SHEfinds&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SPS2TCRBW2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.php
ssp.api.tappx.com/cs/ Frame D5B9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.236.200.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.200.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
8eaf1ea51b2a9c5044e0a54508da7babb470ae065bea3c756e9805ca695695b3

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:17:27 GMT
server
nginx
transfer-encoding
chunked
/
csync.loopme.me/ Frame D5B9 		0
0
usync
ssp.api.tappx.com/cs/ Frame D5B9
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=skJudSCZ30&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D108%26type%3Diframe%26id%3D%5BPDID%5D%26auxuid%3D
  • https://ssp.api.tappx.com/cs/usync?idmn=108&type=iframe&id=77b813dd-875f-4c75-8e07-1zz1693793603&auxuid=
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=108&type=iframe&id=77b813dd-875f-4c75-8e07-1zz1693793603&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
35.236.200.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.200.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ssp.api.tappx.com/cs/usync?idmn=108&type=iframe&id=77b813dd-875f-4c75-8e07-1zz1693793603&auxuid=
date
Mon, 04 Sep 2023 02:13:25 GMT
server
nginx
x-powered-by
PHP/8.2.4
content-type
text/html; charset=UTF-8
usync
ssp.api.tappx.com/cs/ Frame D5B9
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D162%26type%3Diframe%26id%3D%5BRX_UUID%5D%26auxuid%3D
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly&rndcb=7291739752
  • https://sync.1rx.io/usersync/rubicon/LM494BTJ-1P-8OPA
  • https://sync.targeting.unrulymedia.com/csync/RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005?redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D162%26type%3Diframe%26id%3DRX-3559f5de-4611-4ec6...
  • https://ssp.api.tappx.com/cs/usync?idmn=162&type=iframe&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005&auxuid=
0
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=162&type=iframe&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
35.236.200.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.200.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

Location
https://ssp.api.tappx.com/cs/usync?idmn=162&type=iframe&id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005&auxuid=
Date
Mon, 04 Sep 2023 02:17:27 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX3559f5de46114ec6ac6ccf2f5ef1bc6c005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
setuid
prebid-server.rubiconproject.com/ Frame D5B9 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=tappx&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=c2d1ed5a-b593-47b8-b198-d7ba5702d8fef1a
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1068 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158111&userIdMacro=(PM_UID)&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D76%26type%3Diframe%26id%3D%28PM_UID%29%26auxuid%3D
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.25.11 Dallas, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-25-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=102116
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:17:27 GMT
expires
Tue, 05 Sep 2023 06:39:23 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user-sync
sync.adkernel.com/ Frame 0C10 		764 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
0e0ce38f564b89baf2c8279a8bfcc861d3e1ee2558d63867c096072aafd4f6a5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
764
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Sep 2023 02:17:27 GMT
Pragma
no-cache
Server
nginx
PugMaster
image6.pubmatic.com/AdServer/ Frame 1068 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=44665588&p=158111&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158111&userIdMacro=(PM_UID)&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D76%26type%3Diframe%26id%3D%28PM_UID%29%26auxuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4ec5073d967f504b4516485024e032aba6da70ceb6319b556ed854d0d8095dec

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:17:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 16E4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=6wZ77XdxVwJpBPGiE6JmkSaEdkw&gdpr=0&gdpr_consent=
42 B
382 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=6wZ77XdxVwJpBPGiE6JmkSaEdkw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158111&userIdMacro=(PM_UID)&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D76%26type%3Diframe%26id%3D%28PM_UID%29%26auxuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 04 Sep 2023 02:17:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Sep 2023 02:17:27 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=6wZ77XdxVwJpBPGiE6JmkSaEdkw&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame C7C2
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3SV3kkOj1QCZ9y5&gdpr=0&gdpr_consent=
42 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3SV3kkOj1QCZ9y5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158111&userIdMacro=(PM_UID)&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D76%26type%3Diframe%26id%3D%28PM_UID%29%26auxuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 04 Sep 2023 02:17:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 04 Sep 2023 02:17:26 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:3SV3kkOj1QCZ9y5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0ee70030db19b748d@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 49EE
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
42 B
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158111&userIdMacro=(PM_UID)&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D76%26type%3Diframe%26id%3D%28PM_UID%29%26auxuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 04 Sep 2023 02:17:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:17:26 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 186F
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968907269421605264
42 B
290 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968907269421605264
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158111&userIdMacro=(PM_UID)&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D76%26type%3Diframe%26id%3D%28PM_UID%29%26auxuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 03 Sep 2023 21:07:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Mon, 04 Sep 2023 02:17:27 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968907269421605264
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 311D
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=38aa4246-e467-4cc5-9f7c-952976286688&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=546B0175-D6AA-46B9-A0AD-C2A930BF5276
42 B
489 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158111&userIdMacro=(PM_UID)&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D76%26type%3Diframe%26id%3D%28PM_UID%29%26auxuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.215.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-215-87.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:27 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 04 Sep 2023 02:17:27 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=546B0175-D6AA-46B9-A0AD-C2A930BF5276
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 7CB1
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU7a960d576c444aa68d904f18f36ecd5a
42 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU7a960d576c444aa68d904f18f36ecd5a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158111&userIdMacro=(PM_UID)&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D76%26type%3Diframe%26id%3D%28PM_UID%29%26auxuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 04 Sep 2023 02:17:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:17:27 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU7a960d576c444aa68d904f18f36ecd5a
pragma
no-cache
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame D9B4
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=822873238760
42 B
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=822873238760
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158111&userIdMacro=(PM_UID)&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D76%26type%3Diframe%26id%3D%28PM_UID%29%26auxuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 04 Sep 2023 02:17:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=822873238760
i.match
a.tribalfusion.com/ Frame 898B 		43 B
487 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158111&userIdMacro=(PM_UID)&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D76%26type%3Diframe%26id%3D%28PM_UID%29%26auxuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
8012bc7b1acd4c08-MIA
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 04 Sep 2023 02:17:27 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
/
csync.loopme.me/ Frame 011D 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 0DD3
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=s7nypE8-D5-hKIUNNT71ZA
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=s7nypE8-D5-hKIUNNT71ZA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158111&userIdMacro=(PM_UID)&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D76%26type%3Diframe%26id%3D%28PM_UID%29%26auxuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 03 Sep 2023 21:01:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:17:27 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=s7nypE8-D5-hKIUNNT71ZA
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
usync
ssp.api.tappx.com/cs/ Frame 5CEA 		0
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=76&type=iframe&id=546B0175-D6AA-46B9-A0AD-C2A930BF5276&auxuid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158111&userIdMacro=(PM_UID)&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D76%26type%3Diframe%26id%3D%28PM_UID%29%26auxuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.236.200.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.200.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:17:27 GMT
server
nginx
transfer-encoding
chunked
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 1068 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.222.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-222-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:27 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
0256dd88-3f76-46bc-bc85-e9b49d672d56
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-0d7aa0c878a0d0a24
362588.gif
idsync.rlcdn.com/ Frame 1068
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
  • https://idsync.rlcdn.com/362588.gif?partner_uid=7928e066-76a9-463e-af89-7ce88bea635d
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362588.gif?partner_uid=7928e066-76a9-463e-af89-7ce88bea635d
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:27 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://idsync.rlcdn.com/362588.gif?partner_uid=7928e066-76a9-463e-af89-7ce88bea635d
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=546B0175-D6AA-46B9-A0AD-C2A930BF5276/gdpr=0/ Frame 1068 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=546B0175-D6AA-46B9-A0AD-C2A930BF5276/gdpr=0/gdpr_consent=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.22.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-22-13.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.7.172
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 1068 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:27 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
ixmatch.html
js-sec.indexww.com/um/ Frame 7624 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
27
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8012bc7b4836336d-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:17:27 GMT
expires
Mon, 04 Sep 2023 06:17:27 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9A14 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:17:27 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame E143 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
70928
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:17:27 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 12 Aug 2023 06:34:33 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
993, 188267
X-Served-By
cache-lga13626-LGA, cache-mia-kmia1760057-MIA
X-Timer
S1693793848.663542,VS0,VE0
user-sync
sync.adkernel.com/ Frame 0C10
Redirect Chain
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D200784%26dsp%3D631495%26t%3Dimage%26uid%3D%24UID
  • https://sync.adkernel.com/user-sync?zone=200784&dsp=631495&t=image&uid=4011881537103642354
42 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=200784&dsp=631495&t=image&uid=4011881537103642354
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:27 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
an-x-request-uuid
e1055f20-1253-4772-bf43-536371526da9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
//sync.adkernel.com/user-sync?zone=200784&dsp=631495&t=image&uid=4011881537103642354
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/usync/ Frame D217 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
152mediaweb
sync.quantumdex.io/usersync/ Frame 4FB5 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/152mediaweb
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
913d38380db416080920f675f8e314314c00480f2eebb7733ba247dff8b89570

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8012bc7b7b57da83-MIA
content-encoding
gzip
content-type
text/html
date
Mon, 04 Sep 2023 02:17:27 GMT
server
cloudflare
usermatch
ssum-sec.casalemedia.com/ Frame 8E81 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
5f3a0799e9cd82c9eda11896c8f6908200e0803f110c3ab687183081904d367d

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
2013
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:17:27 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
setuid
sync.quantumdex.io/ Frame 4FB5
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HQzJeBZHuGCrpGR8Q52pzqdh
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HQzJeBZHuGCrpGR8Q52pzqdh
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012bc7d2eeada83-MIA
content-length
43
content-type
image/gif

Redirect headers

Date
Mon, 04 Sep 2023 02:17:27 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HQzJeBZHuGCrpGR8Q52pzqdh
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame 4FB5
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=818970230e
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=smaato&uid=818970230e
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012bc7c8dceda83-MIA
content-length
43
content-type
image/gif

Redirect headers

date
Mon, 04 Sep 2023 02:17:27 GMT
via
1.1 957a0e737a088bdc07cb5cc9dcc9e826.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.quantumdex.io/setuid?bidder=smaato&uid=818970230e
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
8DSsFFyXVUHlOqohVi9VLDAEGuRQ1ddTq9uFUY3nBe58gWEsWQ4dVQ==
setuid
sync.quantumdex.io/ Frame 4FB5
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=between&uid=b0231eb4-a9f2-53f7-952d-4f68f1d87159
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=b0231eb4-a9f2-53f7-952d-4f68f1d87159
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012bc7c8dc6da83-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=b0231eb4-a9f2-53f7-952d-4f68f1d87159
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 4FB5
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-01ceEplVPO5HtWpEGgg81M15DFaFwdnMIOLwnMU6UA
43 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-01ceEplVPO5HtWpEGgg81M15DFaFwdnMIOLwnMU6UA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012bc7e997dda83-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-01ceEplVPO5HtWpEGgg81M15DFaFwdnMIOLwnMU6UA
date
Mon, 04 Sep 2023 02:17:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 4FB5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4011881537103642354
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4011881537103642354
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012bc7c9dd5da83-MIA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
an-x-request-uuid
35049fff-51a5-4783-80f8-b6c02b07b6bc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4011881537103642354
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 4FB5
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5006350c-a261-44d7-84dd-dbea8f08b6e4
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5006350c-a261-44d7-84dd-dbea8f08b6e4
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012bc7c8dc3da83-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5006350c-a261-44d7-84dd-dbea8f08b6e4
date
Mon, 04 Sep 2023 02:17:27 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 4FB5
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-6a35ffea-8057-313e-bfb9-3e646aac53b8
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-6a35ffea-8057-313e-bfb9-3e646aac53b8
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012bc7c8dcbda83-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-6a35ffea-8057-313e-bfb9-3e646aac53b8
pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
cache-control
no-store
content-length
0
expires
0
user-sync
sync.adkernel.com/ Frame 4FB5 		42 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?dsp=61&t=image&uid=0341107e-b5e8-498e-8e49-12e4a466cfbf
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:27 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42
usermatch
ssum-sec.casalemedia.com/ Frame 9825 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
e0fc75c305f7913bfa27f6363972a0beb24f896a201bac6edc96fff936a0dadb

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:17:27 GMT
Expires
0
Keep-Alive
timeout=1, max=497
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 489C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.25.11 Dallas, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-25-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=102116
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:17:27 GMT
expires
Tue, 05 Sep 2023 06:39:23 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
sync.quantumdex.io/ Frame 8474
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8012bc7c8dbeda83-MIA
content-length
43
content-type
image/gif
date
Mon, 04 Sep 2023 02:17:27 GMT
server
cloudflare

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:17:27 GMT
ETag
OPTOUT
Expires
0
Location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Pragma
no-cache
Transfer-Encoding
chunked
/
onetag-sys.com/usync/ Frame E0FA 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 1B0F 		654 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
31589236a2280c05ce492d743cfbfe02687704f2f8419f1a54f850733f1c1d43

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://sync.quantumdex.io/
content-length
654
content-type
text/html
date
Mon, 04 Sep 2023 02:17:27 GMT
server
istio-envoy
x-envoy-upstream-service-time
9
sync
eb2.3lift.com/ Frame 4E62 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
6969bdf88a5cce710189e26a5b582a593cbfc5d6c5c0c4d1c29bc70566837677

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1214
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:17:27 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
crum
dsum-sec.casalemedia.com/ Frame 8E81
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=822873281840
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=822873281840
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=822873281840
Content-Length
0
ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8E81 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:92c5:57a0:36d6:5a53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ibs:dpid=23728&dpuuid=ZPU.MAL8NXL8cEAE-8TFkQAA%26938
dpm.demdex.net/ Frame 8E81 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZPU.MAL8NXL8cEAE-8TFkQAA%26938?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.117.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-117-77.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-056fb80c8.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
3NbIQ3m4T2I=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
usermatchredir
ssum-sec.casalemedia.com/ Frame 8E81
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
csync.loopme.me/ Frame 8E81 		0
0
user-registering
ads.stickyadstv.com/ Frame 8E81 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.98.139.150 Chicago, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:27 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693793847802090-485
tp_out
d.adroll.com/cm/index/ Frame 8E81 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2204:330d:d91c:ff43:9dc5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:27 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 8E81 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1---&gdpr=&gdpr_consent=&id=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
68GDBFHS6SGN13K00VX8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 8E81 		43 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZPU.MAL8NXL8cEAE-8TFkQAA%26938=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
16568
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8012bc7c1b7e3708-MIA
content-length
43
expires
Tue, 05 Sep 2023 02:17:27 GMT
async_usersync
ib.adnxs.com/ Frame E143 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
an-x-request-uuid
307a1b44-cdf8-4688-93e8-0c6b81a3505a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 9825 		43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPU.MAL8NXL8cEAE-8TFkQAA%26938&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.98.139.150 Chicago, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:27 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693793847878067-458
ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9825 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:92c5:57a0:36d6:5a53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
tp_out
d.adroll.com/cm/index/ Frame 9825 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2204:330d:d91c:ff43:9dc5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:27 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame 9825
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
192.40.36.238 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELIkRVbpQp-BvmnhejmWe9Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 9825 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
36N1RJ8GFF6AQV55FV77
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ibs:dpid=23728&dpuuid=ZPU.MAL8NXL8cEAE-8TFkQAA%26938
dpm.demdex.net/ Frame 9825 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZPU.MAL8NXL8cEAE-8TFkQAA%26938?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.117.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-117-77.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-04db09df7.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
TYqNQ2WWRxg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
csync.loopme.me/ Frame 9825 		0
0
ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9825
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
2600:1f18:4e9:5a05:92c5:57a0:36d6:5a53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
date
Mon, 04 Sep 2023 02:17:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 9825 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012bc7c8dc2da83-MIA
content-length
43
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 9A14 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.121.87 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-121-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0d43cf6ee2a94f6120efed2bff5fd431452117ac4fde83201e9916b406266ae7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:27 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:37:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58748
Connection
keep-alive
Content-Length
10123
Expires
Mon, 04 Sep 2023 18:36:35 GMT
xuid
eb2.3lift.com/ Frame 4E62
Redirect Chain
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=-EKJ4P0T3OXjRdnsqE7CtPxOjezjEIq0_xKE9JeM
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=-EKJ4P0T3OXjRdnsqE7CtPxOjezjEIq0_xKE9JeM
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=-EKJ4P0T3OXjRdnsqE7CtPxOjezjEIq0_xKE9JeM
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
xuid
eb2.3lift.com/ Frame 4E62
Redirect Chain
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent=
  • https://triplelift-match.dotomi.com/match/bounce/current?DotomiTest=23a1aa33e7ec0706&is_secure=true&networkId=74572&version=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAABp91Ff6SlJQNp76bpAAAAAAA&expiration=1693880247&is_secure=true&gdpr_consent=&gdpr=0
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAABp91Ff6SlJQNp76bpAAAAAAA&expiration=1693880247&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAABp91Ff6SlJQNp76bpAAAAAAA&expiration=1693880247&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
xuid
eb2.3lift.com/ Frame 4E62
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAEzzU7J6nwAACbk4ScR2w&dongle=bzwx&gdpr=0
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AAEzzU7J6nwAACbk4ScR2w&dongle=bzwx&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AAEzzU7J6nwAACbk4ScR2w&dongle=bzwx&gdpr=0
Date
Mon, 04 Sep 2023 02:17:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 4E62
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3690&xuid=789c64f5-3e31-4100-b68c-6bef558fd551&dongle=3995&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3690&xuid=789c64f5-3e31-4100-b68c-6bef558fd551&dongle=3995&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Mon, 04 Sep 2023 02:17:27 GMT
Server
MT3 1031 59fd23a master iad iad-pixel-x18 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eb2.3lift.com/xuid?mid=3690&xuid=789c64f5-3e31-4100-b68c-6bef558fd551&dongle=3995&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 04 Sep 2023 02:17:26 GMT
xuid
eb2.3lift.com/ Frame 4E62
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3657&xuid=ZPU_MQAAAyPauwA4&dongle=3c0a&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3657&xuid=ZPU_MQAAAyPauwA4&dongle=3c0a&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

x-served-by
cache-mia-kmia1760091-MIA
pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
via
1.1 varnish
server
Varnish
x-timer
S1693793848.768719,VS0,VE0
x-cache
HIT
location
https://eb2.3lift.com/xuid?mid=3657&xuid=ZPU_MQAAAyPauwA4&dongle=3c0a&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
xuid
eb2.3lift.com/ Frame 4E62
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4945&xuid=d3abac0a-72dc-4079-b6bf-3a54511c4e93&dongle=31ac&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4945&xuid=d3abac0a-72dc-4079-b6bf-3a54511c4e93&dongle=31ac&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
//eb2.3lift.com/xuid?mid=4945&xuid=d3abac0a-72dc-4079-b6bf-3a54511c4e93&dongle=31ac&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:17:27 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
xuid
eb2.3lift.com/ Frame 4E62
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=C0079F51A67C45978E5DF77E05DE4DD6&dongle=yf3
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=C0079F51A67C45978E5DF77E05DE4DD6&dongle=yf3
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 04 Sep 2023 02:17:27 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://eb2.3lift.com/xuid?mid=7969&xuid=C0079F51A67C45978E5DF77E05DE4DD6&dongle=yf3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 03 Sep 2023 02:17:27 GMT
xuid
eb2.3lift.com/ Frame 4E62
Redirect Chain
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6547&xuid=qa45XtQKCxwmfyBqSHIl&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6547&xuid=qa45XtQKCxwmfyBqSHIl&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=6547&xuid=qa45XtQKCxwmfyBqSHIl&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT, Mon, 04 Sep 2023 02:17:27 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 4E62
Redirect Chain
  • https://rtb.adentifi.com/CookieSyncTripleLift?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2715&dongle=1c5c&xuid=cuid_3003c761-4ac9-11ee-ba9f-12fa6b58ae11
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2715&dongle=1c5c&xuid=cuid_3003c761-4ac9-11ee-ba9f-12fa6b58ae11
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=2715&dongle=1c5c&xuid=cuid_3003c761-4ac9-11ee-ba9f-12fa6b58ae11
date
Mon, 04 Sep 2023 02:17:27 GMT
content-type
text/plain
xuid
eb2.3lift.com/ Frame 4E62
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6019&xuid=3SV3kkOj1QCZ9y5&dongle=465e&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6019&xuid=3SV3kkOj1QCZ9y5&dongle=465e&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:17:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:17:27 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-091c1306f472977d0@us-east-1d@dxedge-app-us-east-1-prod-asg
Location
https://eb2.3lift.com/xuid?mid=6019&xuid=3SV3kkOj1QCZ9y5&dongle=465e&gdpr=0&gdpr_consent=
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
/
csync.loopme.me/ Frame 1B0F 		0
0
cksync.php
contextual.media.net/ Frame 1B0F 		53 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.120.23 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-120-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 04 Sep 2023 02:17:28 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Mon, 04 Sep 2023 02:17:28 GMT
setuid
sync.quantumdex.io/ Frame 1B0F 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=rise&uid=kDfme2pzCp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012bc7c9dddda83-MIA
content-length
43
content-type
image/gif
/
onetag-sys.com/usync/ Frame A4C0 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
PugMaster
image6.pubmatic.com/AdServer/ Frame 489C 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=67979007&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d5be0b1f64463b905aaecaaaa6e61ffaadbd734cecca5edb16464bf5058068a6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:17:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame E628
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1508%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=6816780443
  • https://sync.1rx.io/usersync3/centro/1508/9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553?zcc=0&sspret=1&rndcb=6816780443
  • https://sync.targeting.unrulymedia.com/csync/RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
42 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 04 Sep 2023 02:17:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:17:28 GMT
ETag
RX3559f5de46114ec6ac6ccf2f5ef1bc6c005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Transfer-Encoding
chunked
cm
ipac.ctnsnet.com/int/ Frame E1C1 		43 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 04 Sep 2023 02:17:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame BAB0
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=b70f714c-1bc3-4302-a8ca-81ae5d5dae7b
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=b70f714c-1bc3-4302-a8ca-81ae5d5dae7b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:17:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 04 Sep 2023 02:17:28 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=b70f714c-1bc3-4302-a8ca-81ae5d5dae7b
strict-transport-security
max-age=15724800; includeSubDomains
pub
matching.truffle.bid/sync/ Frame 3C94 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 04 Sep 2023 02:17:28 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame 1395 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:28 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-f25e2111612c@version_1.568v2
X-core-time
1ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame FCD6
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C0079F51A67C45978E5DF77E05DE4DD6&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C0079F51A67C45978E5DF77E05DE4DD6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:17:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 04 Sep 2023 02:17:27 GMT
expires
Sun, 03 Sep 2023 02:17:27 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C0079F51A67C45978E5DF77E05DE4DD6&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame F770
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7470802481858437332&uid=Q747080248185843...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7470802481858437332
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7470802481858437332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 04 Sep 2023 02:17:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=23130
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:17:28 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7470802481858437332
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
setuid
sync.quantumdex.io/ Frame 5DCB 		43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8012bc7d2ee6da83-MIA
content-length
43
content-type
image/gif
date
Mon, 04 Sep 2023 02:17:27 GMT
server
cloudflare
/
bpi.rtactivate.com/tag/ Frame 489C 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.113.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-113-183.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:27 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
75145
i.liadm.com/s/ Frame 489C 		43 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.73.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-73-10.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:27 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
2
Content-Type
image/gif
qmap
sync.crwdcntrl.net/ Frame 489C 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.22.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-22-13.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:27 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.3.66
content-length
49
expires
0
/
io.narrative.io/ Frame 489C
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:546B0175-D6AA-46B9-A0AD-C2A930BF5276
  • https://io.narrative.io/?io.narrative.guid.v2=31dc30e0-4ac9-11ee-b039-16c962239a11&companyId=673&id=pubmatic_id:546B0175-D6AA-46B9-A0AD-C2A930BF5276
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=31dc30e0-4ac9-11ee-b039-16c962239a11&companyId=673&id=pubmatic_id:546B0175-D6AA-46B9-A0AD-C2A930BF5276
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
HTTP/1.1
Server
34.204.212.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-212-37.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:28 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=31dc30e0-4ac9-11ee-b039-16c962239a11&companyId=673&id=pubmatic_id:546B0175-D6AA-46B9-A0AD-C2A930BF5276
Date
Mon, 04 Sep 2023 02:17:28 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 489C
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4011881537103642354
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4011881537103642354
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 04 Sep 2023 02:17:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:28 GMT
an-x-request-uuid
44a7f35d-660e-4e1b-8363-e83ade512b3f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4011881537103642354
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 489C
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0233db94-73f6-4b7d-96d6-70bb25b59c43&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0233db94-73f6-4b7d-96d6-70bb25b59c43&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 04 Sep 2023 02:17:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0233db94-73f6-4b7d-96d6-70bb25b59c43&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 04 Sep 2023 02:17:28 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame A14F 		625 B
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=95002897&p=157743&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dc870500192cede964fc31b5b13f0d4c946798a7cda089f6677df08711cb40c5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 04 Sep 2023 02:17:27 GMT
content-length
625
content-type
text/html; charset=UTF-8
pubmatic
s.seedtag.com/cs/cookiesync/ Frame 7DC1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Sep 2023 02:17:28 GMT
server
openresty
via
1.1 google
p
a.audrte.com/ Frame A14F
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=546B0175-D6AA-46B9-A0AD-C2A930BF5276
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MWk1VWZGTkkzU2RRYVNQWC1EUy1aU3dpZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=3547929380008100760&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
HTTP/1.1
Server
44.206.88.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-88-126.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:28 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 04 Sep 2023 02:17:28 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
g.pixel
aa.agkn.com/adscores/ Frame A14F 		43 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-84.ewr50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:28 GMT
via
1.1 ea450411fc852f7d373f7efbe784dd74.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
IDnXmuCh22cnx2UsqZB34TA0caCEmkRp6Z4ybIC02vq5IqSuqeBkRw==
expires
0
info
uipglob.semasio.net/pubmatic/1/ Frame A14F 		0
0
2981
tags.bluekai.com/site/ Frame A14F
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=546B0175-D6AA-46B9-A0AD-C2A930BF5276&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e979fbba7253bef3/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=84caeabe7dca810754df0c83f721d6ba&gdpr=0
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=28f8cc7909dee48f
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=NG1tRFl1Mkg5OVlEQjRQQQ%3D%3D
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEK4prbhu-mMwmu2MBk9e2WM&google_cver=1
62 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEK4prbhu-mMwmu2MBk9e2WM&google_cver=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H2
Server
23.219.8.236 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-8-236.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 04 Sep 2023 02:17:29 GMT
content-length
62
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEK4prbhu-mMwmu2MBk9e2WM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame EBBD 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:28 GMT
Expires
0
Pragma
no-cache
usync
ssp.api.tappx.com/cs/ Frame 279E 		0
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=76&type=iframe&id=546B0175-D6AA-46B9-A0AD-C2A930BF5276&auxuid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158111&userIdMacro=(PM_UID)&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D76%26type%3Diframe%26id%3D%28PM_UID%29%26auxuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.236.200.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.200.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:17:28 GMT
server
nginx
transfer-encoding
chunked
setuid
prebid-server.rubiconproject.com/ Frame 4FCA
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dsmaato%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=smaato&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=818970230e
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=smaato&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=818970230e
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:17:28 GMT
via
1.1 957a0e737a088bdc07cb5cc9dcc9e826.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://prebid-server.rubiconproject.com/setuid?bidder=smaato&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=818970230e
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
FIrUHb5RUK77nUmBw26lqNsI1qQxS2zgcwa5wo89c0_0qZ9JEyMAoQ==
csync
sync.spotim.market/ Frame 7CBA 		43 B
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=448580&extuid=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:27 GMT
Etag
257707a9de85b7d4
Server
Adtelligent
match
events-ssc.33across.com/ Frame 2082 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Mon, 04 Sep 2023 02:17:28 GMT
via
1.1 google
match
events-ssc.33across.com/ Frame D355 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Mon, 04 Sep 2023 02:17:28 GMT
via
1.1 google
usersync
usersync.gumgum.com/ Frame EE8F 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:17:28 GMT
Expires
0
Pragma
no-cache
setuid
sync.quantumdex.io/ Frame 55D7 		43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=546B0175-D6AA-46B9-A0AD-C2A930BF5276
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8012bc81c8fcda83-MIA
content-length
43
content-type
image/gif
date
Mon, 04 Sep 2023 02:17:28 GMT
server
cloudflare
setuid
prebid-server.rubiconproject.com/ Frame 4FCA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58401/sync?redir=true&gdpr=&gdpr_consent=
  • https://prebid-server.rubiconproject.com/setuid?bidder=yahooAdvertising&uid=y-Lbur4j1E2uEm00sMIgscSHowiZjLDx1J~A
86 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=yahooAdvertising&uid=y-Lbur4j1E2uEm00sMIgscSHowiZjLDx1J~A
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

location
https://prebid-server.rubiconproject.com/setuid?bidder=yahooAdvertising&uid=y-Lbur4j1E2uEm00sMIgscSHowiZjLDx1J~A
date
Mon, 04 Sep 2023 02:17:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
async_usersync
ib.adnxs.com/ Frame E143 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:28 GMT
an-x-request-uuid
0194ddb2-3566-4b7a-a106-759d8bf5a50e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
de.tynt.com/deb/ Frame 9F63
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_...
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%...
2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
1c813f41d56ed01031d68f8c525674de0f575c0c260905b922aee2715f225116

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1845
content-type
text/html
date
Mon, 04 Sep 2023 02:17:28 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 04 Sep 2023 02:17:28 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP015
x-33x-status
8340000A
setuid
prebid-server.rubiconproject.com/ Frame 9F63
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1693793848818.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gd...
  • https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=212259677762089
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=212259677762089
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:28 GMT
referrer-policy
unsafe-url
server
33XP009
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=212259677762089
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
ad78321e103d19bf85068e7bf407c77f.gif
cs.admanmedia.com/ Frame 9F63 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/ad78321e103d19bf85068e7bf407c77f.gif?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D121%26us_privacy%3D%26xu%3D%5BUID%5D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:17:29 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
match
events-ssc.33across.com/ Frame 9F63
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc1MDI2NzU4Mi90LzI/url/https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D44%26ts%3D1693793848818.3%26us_privacy%3D%26xu%3D%24!%7BTURN_UUID%7D
  • https://ssc-cms.33across.com/ps/?xi=44&ts=1693793848818.3&us_privacy=&xu=7671167391070426394
  • https://events-ssc.33across.com/match?bidder_id=44&external_user_id=7671167391070426394&ts=1693793849&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=44&external_user_id=7671167391070426394&ts=1693793849&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:29 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:28 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=44&external_user_id=7671167391070426394&ts=1693793849&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 9F63
Redirect Chain
  • https://sync.1rx.io/usersync2/33across?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D43%26ts%3D123%26us_privacy%3D1---%26xu%3D%5BRX_UUID%5D
  • https://sync.targeting.unrulymedia.com/csync/RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D43%26ts%3D123%26us_privacy%3D1---%26xu%3DRX-3559f5de...
  • https://ssc-cms.33across.com/ps/?xi=43&ts=123&us_privacy=1---&xu=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
  • https://events-ssc.33across.com/match?bidder_id=43&external_user_id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005&ts=1693793849&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=43&external_user_id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005&ts=1693793849&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:29 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:28 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=43&external_user_id=RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005&ts=1693793849&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
/
csync.loopme.me/ Frame 9F63 		0
0
match
events-ssc.33across.com/ Frame 9F63
Redirect Chain
  • https://pxl.iqm.com/i/ck/ttacross?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D123%26ts%3D1693793848818.6%26us_privacy%3D%26xu%3D%5BPUID%5D
  • https://ssc-cms.33across.com/ps/?xi=123&ts=1693793848818.6&us_privacy=&xu=4333c3a9-09d8-4906-a740-6f06cc0edf20
  • https://events-ssc.33across.com/match?bidder_id=123&external_user_id=4333c3a9-09d8-4906-a740-6f06cc0edf20&ts=1693793849&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=123&external_user_id=4333c3a9-09d8-4906-a740-6f06cc0edf20&ts=1693793849&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:29 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:28 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=123&external_user_id=4333c3a9-09d8-4906-a740-6f06cc0edf20&ts=1693793849&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 9F63
Redirect Chain
  • https://cs.mobfox.com/4601c426c7c74dd7172eb80111ccb2bf.gif?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D126%26us_privacy%3D%26xu%3D%5BUID%5D
  • https://ssc-cms.33across.com/ps/?xi=126&us_privacy=&xu=d0cd7073-0b72-4a83-80f5-0eb2bb391d01
  • https://events-ssc.33across.com/match?bidder_id=126&external_user_id=d0cd7073-0b72-4a83-80f5-0eb2bb391d01&ts=1693793850&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=126&external_user_id=d0cd7073-0b72-4a83-80f5-0eb2bb391d01&ts=1693793850&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:30 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:30 GMT
referrer-policy
unsafe-url
server
33XP008
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=126&external_user_id=d0cd7073-0b72-4a83-80f5-0eb2bb391d01&ts=1693793850&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=c1729f21-84ed-3d2f-45d9-458ec7b0763f&tv=%7Bc:nawR6g,pingTime:5,time:5729,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:698%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5729,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:698,wc:0.0.1600.1200,ac:436.1101.728.90,am:i,cc:436.1101.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5154~100%5D,as:%5B5154~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:219,fm:tOQOlQr+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18111%7C18112%7C18113%7C18114%7C18115%7C18116%7C18117%7C18118%7C1812%7C18131%7C18132%7C1814%7C1815%7C1816%7C1817%7C1818%7C181911%7C18192%7C181a1%7C181a2%7C181b%7C181c%7C181d%7C181e%7C181f%7C181g%7C181h1%7C181h2%7C181i%7C19%7C1a%7C1b1%7C1c*.930203%7C1c1%7C1c2%7C1d%7C1e%7C1f%7C1g%7C1h,idMap:1c*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:699,sis:810%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dd1:ab44:ba2a:c71f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:29 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
SPug
simage4.pubmatic.com/AdServer/ Frame 1068 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158111&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158111&userIdMacro=(PM_UID)&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D76%26type%3Diframe%26id%3D%28PM_UID%29%26auxuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 21:09:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 489C 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame A14F 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157743&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync
ssp.api.tappx.com/cs/ Frame 0E69 		0
429 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=1111&type=iframe&id=A8961146309600924623&auxuid=
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.236.200.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.200.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:17:30 GMT
server
nginx
transfer-encoding
chunked
usync
ssp.api.tappx.com/cs/ Frame 0C10 		0
429 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=1111&type=iframe&id=A8961146309600924623&auxuid=
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.236.200.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.200.236.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:17:31 GMT
server
nginx
transfer-encoding
chunked
ads
securepubads.g.doubleclick.net/gampad/ 		10 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1810965812199201&correlator=3634086214542414&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=8352%3A1017293%2Ca.shefinds%2Cfashion&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&rcs=1&ists=1&eri=1&sc=1&cookie=ID%3Da46a29fc17244e46%3AT%3D1693793841%3ART%3D1693793841%3AS%3DALNI_Mab8Hp8IQh6jPtgdAECxbwfEU24DQ&gpic=UID%3D00000d8fc381fc6f%3AT%3D1693793841%3ART%3D1693793841%3AS%3DALNI_MYpcLClJbX_Alv0IrXxc11Zh3Hnyg&abxe=1&dt=1693793852252&lmt=1693827032&adxs=0&adys=6547&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.shefinds.com%2F&vis=1&psz=1600x1200&msz=0x0&fws=128&ohw=0&psts=AOrYGsk0uPv8DjMOPoQAJMenbgkwJyUj_GJXMfSWh2Pb6wGqdYF2H917JTZ52GidEff5gajvXHvxLQ8QjYtDBY0&ga_vid=1910143410.1693793839&ga_sid=1693793841&ga_hid=258654665&ga_fc=true&ga_cid=1769427027.1693793840&a3p=EhkKCnVpZGFwaS5jb20YyN7r76UxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMje6--lMUgAUgIIZA..&dlt=1693793838472&idt=1874&ppid=df2469eb-d7dd-4959-a9af-da995344024c&prev_scp=oop%3Dcontent-belt-2%26divid%3Dskm-ad-outstream-test%26st%3Dinlineoop%26inview%3Dtrue%26loc%3D1%26impuuid%3D59f6c6ec-82cf-4a15-b5c4-9a60f83891dd%26inst%3D1%26stinst%3D1%26optimera%3DNULL%26id%3D2cf79978-4ac9-11ee-bef5-0ac9557753d3%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40&cust_params=permutive%3D21967%252C32638%252C32745%252C33093%252C33097%252C33495%252C33515%252C34895%252C35238%252C38317%252C38334%252C60188%252C60189%252C61650%252C61680%252C61710%252C64902%252C72125%252C73308%252C73711%252C87946%252C88067%252C95993%252C99938%252C101194%252C105086%252C106672%252C107679%252C116913%252C116916%252C124918%252C128770%252C128795%252C132398%252C137974%252C144198%252C149161%26puid%3De463507a-8e46-46e3-900a-c55cf86d3648%26ptime%3D1693793840355%26prmtvsdk%3Dweb%26pvuuid%3Df7b45e1c-6f9f-4680-aa2b-17488febc95b%26addir%3Dbh%252F41%252F412%252F412983%252F2498530%26site%3Dshefinds%26domain%3Dshefinds.com%26urlhash%3D177546%26ci%3Dfront%26plat%3Ddesk%26pt%3D-%26schainv10%3D1.0%252C1!pmc.com%252C1179161%252C1%252C%252C%252C%26browser%3DChrome%26pageview%3D1%26admants%3DS_11586%252CS_12972%252CS_12973%252CS_4282%252CS_4283%252CS_4289%252CS_4305%252CS_4307%252CS_4700%252CS_6554%252CS_6555%252CS_6651%252CS_6655%252CS_7003%252CS_7075%252CS_8275%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_3005184_PG%252CIAS_3005161_PG%252CIAS_3005111_PG%252CIAS_3008366_PG%252CIAS_3007987_PG%252CIAS_3005069_PG%252CIAS_3006637_PG%252CIAS_3005151_PG%252CIAS_3005175_PG%252CIAS_3008596_PG%252CIAS_3005146_PG%252CIAS_1508023_PG%26fr%3Dtrue%26videocodecgroup%3Dall%26refresh%3Dy%26boom_session%3D108d789d1c38002&adks=3131419738&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c98884c2ffa1e05766474e52c250a0af9e63e92e2811c8cececef91b2b038fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5342
x-xss-protection
0
google-lineitem-id
6299570095
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138432605763
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
collector.sheknows.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.95.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-95-230.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Mon, 04 Sep 2023 02:17:32 GMT
event
collector.sheknows.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.95.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-95-230.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Mon, 04 Sep 2023 02:17:32 GMT
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ Frame 1EA2 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-71.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 9dcf1f784090d97aac2d38aa49e628e2.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1403243
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
TOBI9wSPT8Zk40xmkbm1Mz7R_rhrPmLNFsR9X_qqGdLh5O10vcAR6A==
ad.js
clipcentric-a.akamaihd.net/ad/B=312/F=1594692/C=1059343/P=24664/A=335463/L=84547/V=44526/ST=1682457080/S=SG55JwVA/ Frame 1EA2 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clipcentric-a.akamaihd.net/ad/B=312/F=1594692/C=1059343/P=24664/A=335463/L=84547/V=44526/ST=1682457080/S=SG55JwVA/ad.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.0.13 -, , ASN (),
Reverse DNS
Software
Apache/2.4.56 /
Resource Hash
c465bda13b6603e33307b4f9b986e1393320ae5411bc35cb2f914b39ec85643e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:32 GMT
content-encoding
br
last-modified
Thu Jan 1 00:00:00 1970
server
Apache/2.4.56
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=3600
content-length
30766
skeleton.js
pixel.adsafeprotected.com/rjss/st/1463401/71225013/ Frame 1EA2 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/1463401/71225013/skeleton.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.46.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-46-70.compute-1.amazonaws.com
Software
/
Resource Hash
f6b6de99d9dca003b0a92ea48e892cf1a0cf2d5e4bf36d8d639795f0e228c964

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:32 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
adServerESI.aspx
secure.insightexpressai.com/adServer/ Frame 1EA2 		35 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.insightexpressai.com/adServer/adServerESI.aspx?script=false&bannerID=11473639&rnd=624582475&redir=https://secure.insightexpressai.com/adserver/1pixel.gif
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:1885::1ec4 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
22816a00dfe9fcdc30063d22717ab9cbab3aeb2a8e9844e9d774d256dc48b7c8
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Mon, 04 Sep 2023 02:17:32 GMT
P3P
CP="NOI DSP COR NID CUR ADMa OUR STP STA"
Connection
keep-alive
Content-Length
35
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
unsafe-url
Vary
Accept-Encoding
X-Frame-Options
ALLOWALL
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache
Feature-Policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
Expires
Mon, 04 Sep 2023 02:17:32 GMT
event
collector.sheknows.com/ 		3 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.95.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-95-230.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
257c1be96ae69f4b01c2c69bdb6d78605f59175819fb007d0bf245bf48444c4a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:32 GMT
access-control-allow-headers
Content-Type
content-length
3
access-control-max-age
86400
access-control-allow-methods
POST
content-type
application/json; charset=UTF-8
event
collector.sheknows.com/ 		3 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.95.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-95-230.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
257c1be96ae69f4b01c2c69bdb6d78605f59175819fb007d0bf245bf48444c4a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:17:32 GMT
access-control-allow-headers
Content-Type
content-length
3
access-control-max-age
86400
access-control-allow-methods
POST
content-type
application/json; charset=UTF-8
main.19.8.439.js
static.adsafeprotected.com/ Frame 1EA2 		207 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.439.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:246c:d800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 13:44:02 GMT
x-amz-version-id
jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding
gzip
via
1.1 bde769d41da514ce261f05fde0f91e2c.cloudfront.net (CloudFront)
x-amz-cf-pop
PIT50-P1
age
2205212
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:42 GMT
server
AmazonS3
etag
W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
xPMhpTbTG2z5Eb4AhDBU3M6rX8bVy1GRRbH7gYc2WwS_xT2PXuB7gA==
truncated
/ Frame 1EA2 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f73d3456c09f91208671934c797088c1fa9ac2bbfcdd793408714dcd29ee44d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
E=in
tr.clipcentric.com/s/B=312/F=1594692/C=1059343/P=24664/A=335463/L=84547/V=44526/S=8vY2Nys9/Z=1/I=116.971324.1693793852989/U=www.shefinds.com/T=9/M=w/D=d/ Frame 1EA2 		35 B
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.clipcentric.com/s/B=312/F=1594692/C=1059343/P=24664/A=335463/L=84547/V=44526/S=8vY2Nys9/Z=1/I=116.971324.1693793852989/U=www.shefinds.com/T=9/M=w/D=d/E=in
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.84.17 -, , ASN (),
Reverse DNS
Software
Apache/2.4.56 /
Resource Hash
6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:33 GMT
cache-control
no-cache
server
Apache/2.4.56
content-length
35
content-type
image/gif
iU24CeEM
clipcentric-a.akamaihd.net/file/1595963/ad_q85/1682456180/ Frame 1EA2 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clipcentric-a.akamaihd.net/file/1595963/ad_q85/1682456180/iU24CeEM?f=auto
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.0.13 -, , ASN (),
Reverse DNS
Software
Apache/2.4.56 /
Resource Hash
33137246c4635a064eea5ac65eaa8127d515684868ebafaa8aa6061564d6dd1a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.shefinds.com/
Origin
https://www.shefinds.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:33 GMT
last-modified
Tue, 25 Apr 2023 20:57:22 GMT
server
Apache/2.4.56
x-frame-options
SAMEORIGIN
content-type
image/avif
access-control-allow-origin
*
cache-control
private, max-age=31536000
content-length
40203
KEh_6YTS
clipcentric-a.akamaihd.net/file/1594702/master/1682372002/ Frame 1EA2 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clipcentric-a.akamaihd.net/file/1594702/master/1682372002/KEh_6YTS?f=auto
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.0.13 -, , ASN (),
Reverse DNS
Software
Apache/2.4.56 /
Resource Hash
b30d4e5704f221c1bdfe62c6a7daff1b63eec071f9a4477dedaa78b12c9c70d0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:33 GMT
last-modified
Mon, 24 Apr 2023 21:33:26 GMT
server
Apache/2.4.56
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31536000
content-length
1446
ad.html
clipcentric-a.akamaihd.net/user-10/resources/ Frame DA34 		93 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clipcentric-a.akamaihd.net/user-10/resources/ad.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.0.13 -, , ASN (),
Reverse DNS
Software
Apache/2.4.56 /
Resource Hash
e571945dec453fbc4c8177ad3af3f176dc562cf51fe40a10529b69e0b2b1e577

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=2592000
content-encoding
gzip
content-length
86
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:17:33 GMT
etag
"5d-5caba064d2480"
expires
Sat, 30 Sep 2023 21:05:00 GMT
last-modified
Sun, 29 Aug 2021 22:13:22 GMT
server
Apache/2.4.56
unused62
8096267
vary
Accept-Encoding
skeleton.js
static.adsafeprotected.com/ Frame 1EA2
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/1463401/71225013/skeleton.js?adsafe_url=https%3A%2F%2Fwww.shefinds.com%2F&adsafe_type=abedfq&adsafe_jsinfo=,id:97f159bb-6c63-6eac-bc28-7283e06aac88,c:nawS9v...
  • https://static.adsafeprotected.com/skeleton.js
17 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Server
2600:9000:246c:d800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 00:59:33 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 bde769d41da514ce261f05fde0f91e2c.cloudfront.net (CloudFront)
x-amz-cf-pop
PIT50-P1
age
2942281
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
EdCPrOk1FIg3iaK-tk__c3dLeincttJLRfbEHoAG7h1iWotIvmWYmg==

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:33 GMT
server
nginx
x-server-name
app18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 344D 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:246c:d800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 03:25:40 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 bde769d41da514ce261f05fde0f91e2c.cloudfront.net (CloudFront)
x-amz-cf-pop
PIT50-P1
age
3019914
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
8qj68NjFw-Yqmp7jatOKCWE-n_Dw81IyHwWqFeWaIEsvjEPQQRmpjg==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1463401&asId=97f159bb-6c63-6eac-bc28-7283e06aac88&tv=%7Bc:nawS9Z,pingTime:-2,time:214,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:21,bdZ:80,beA:315,beZ:317,mfA:443,cmA:444,inA:444,inZ:445,prA:445,prZ:495,si:499,poA:503,poZ:515,cmZ:515,mfZ:515,loA:523,loZ:525,ltA:529,ltZ:529,mdA:318,mdZ:418%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:183%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:214,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:183,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B85~0%5D,as:%5B85~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tOQOlQr+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18111%7C18112%7C181131%7C181132%7C181133%7C181134%7C181135%7C181136%7C181137%7C181138%7C18114%7C18115%7C18116%7C18117%7C18118%7C1812%7C18131%7C18132%7C1814%7C1815%7C1816%7C1817%7C1818%7C181911%7C18192%7C181a1%7C181a2%7C181b%7C181c%7C181d%7C181e%7C181f%7C181g%7C181h1%7C181h2%7C181i%7C19%7C1a%7C1b1%7C1b2%7C1c.930203%7C1c1%7C1c2%7C1c3%7C1c41%7C1c42%7C1c43%7C1c44%7C1c45%7C1c461%7C1c5%7C1c611%7C1c612%7C1c613%7C1c614%7C1c615%7C1c616%7C1c617%7C1c618%7C1c619%7C1c61a%7C1c61b%7C1c62%7C1c71%7C1c8%7C1c9%7C1ca%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1j11%7C1j12%7C1j131%7C1j14%7C1k1%7C1k2%7C1l%7C1m1%7C1m2%7C1m31%7C1m41%7C1m42%7C1m43%7C1m51%7C1m521%7C1m6111%7C1m612%7C1m613%7C1m62%7C1m63%7C1m64%7C1m65%7C1m66%7C1m7%7C1m8%7C1m9%7C1n%7C1o%7C1p1%7C1q1%7C1q21%7C1q3%7C1q4%7C1q51%7C1q521%7C1q6%7C1r%7C1s1%7C1t*.1463401-71225013%7C1t1%7C1u,idMap:1t*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:184,slid:%5Bgoogle_ads_iframe_/83521017293/a.shefinds/fashion_3,google_ads_iframe_/83521017293/a.shefinds/fashion_3__container__,skm-ad-outstream-test%5D,sinceFw:26,readyFired:true%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dd1:ab44:ba2a:c71f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:33 GMT
server
nginx
x-server-name
dt25.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
KEh_6YTS
clipcentric-a.akamaihd.net/file/1594702/master/1682372002/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clipcentric-a.akamaihd.net/file/1594702/master/1682372002/KEh_6YTS?f=auto
Requested by
Host: clipcentric-a.akamaihd.net
URL: https://clipcentric-a.akamaihd.net/ad/B=312/F=1594692/C=1059343/P=24664/A=335463/L=84547/V=44526/ST=1682457080/S=SG55JwVA/ad.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.0.13 -, , ASN (),
Reverse DNS
Software
Apache/2.4.56 /
Resource Hash
b30d4e5704f221c1bdfe62c6a7daff1b63eec071f9a4477dedaa78b12c9c70d0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:33 GMT
last-modified
Mon, 24 Apr 2023 21:33:26 GMT
server
Apache/2.4.56
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
private, max-age=31536000
content-length
1446
view
securepubads.g.doubleclick.net/pcs/ Frame 1EA2 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstczTY9nxbmbDxPMK1kSjZOdgm7sZnFVrdCLjwDlqGBzjLbGP2u6_mi_OCkSYCMNBSOSd3pyUE6rwvkLQfCBmb9Ug0Ckuvk9ryeRGHCjpssf3EVpbnjFXy6ISfCKu1CjqZsEnhyvQZxM0iBdGddd7K08LeC1AajobSzAHULSDHlwRXYseE3W25DnV23DnEUOa7Q7RJsnr6Yl_XNT1Vu8F_1bIQ58aoZhc_FLThplQ9nd_J9PikROkV-TlQ-iyLNx0C5xIrnJQzv4Pyn3NmkYJJglGEzM05NKmrqs0OckDq2QmO5T8fOAKvvEIndiHakHYzihS-JV7gf-DA&sai=AMfl-YRcPzFSgztX0mNB_iMhnIzNmSOxYRrdC11igMgmy6FNhfG0P-DIMKrncmiDbvRJPeydxLFCNGCjD7C31HWgL_GBh9gi-DKtEoqEYWNSi0-6RdLAoJlojq_1F8BPufTvyUOI2xO7z1W3knOKDjEii6s&sig=Cg0ArKJSzFv9XLpsdqDVEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
B29841104.366248166;dc_pre=CJC_0ufxj4EDFeEXiAkdDpMHgg;dc_trk_aid=556964966;dc_trk_cid=191251502;ord=624582475;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1
ad.doubleclick.net/ddm/trackimp/N1026613.3562758SHEMEDIA/ Frame 1EA2
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1026613.3562758SHEMEDIA/B29841104.366248166;dc_trk_aid=556964966;dc_trk_cid=191251502;ord=624582475;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=...
  • https://ad.doubleclick.net/ddm/trackimp/N1026613.3562758SHEMEDIA/B29841104.366248166;dc_pre=CJC_0ufxj4EDFeEXiAkdDpMHgg;dc_trk_aid=556964966;dc_trk_cid=191251502;ord=624582475;dc_lat=;dc_rdid=;tag_f...
42 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1026613.3562758SHEMEDIA/B29841104.366248166;dc_pre=CJC_0ufxj4EDFeEXiAkdDpMHgg;dc_trk_aid=556964966;dc_trk_cid=191251502;ord=624582475;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Server
142.251.163.148 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:33 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1026613.3562758SHEMEDIA/B29841104.366248166;dc_pre=CJC_0ufxj4EDFeEXiAkdDpMHgg;dc_trk_aid=556964966;dc_trk_cid=191251502;ord=624582475;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
E=im,fi,wi
tr.clipcentric.com/s/B=312/F=1594692/C=1059343/P=24664/A=335463/L=84547/V=44526/S=8vY2Nys9/Z=1/I=116.971324.1693793852989/U=www.shefinds.com/T=264/M=w/D=d/ Frame 1EA2 		35 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.clipcentric.com/s/B=312/F=1594692/C=1059343/P=24664/A=335463/L=84547/V=44526/S=8vY2Nys9/Z=1/I=116.971324.1693793852989/U=www.shefinds.com/T=264/M=w/D=d/E=im,fi,wi
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.84.17 -, , ASN (),
Reverse DNS
Software
Apache/2.4.56 /
Resource Hash
6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:33 GMT
cache-control
no-cache
server
Apache/2.4.56
content-length
35
content-type
image/gif
E=fq
tr.clipcentric.com/s/B=312/F=1594692/C=1059343/P=24664/A=335463/L=84547/V=44526/S=8vY2Nys9/Z=1/I=116.971324.1693793852989/U=www.shefinds.com/T=0/M=w/D=d/Q=f.1_c.1_p.1_a.1_l.1_v.1_fc.1_fp.1_fl.1_cp.... Frame 1EA2 		35 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.clipcentric.com/s/B=312/F=1594692/C=1059343/P=24664/A=335463/L=84547/V=44526/S=8vY2Nys9/Z=1/I=116.971324.1693793852989/U=www.shefinds.com/T=0/M=w/D=d/Q=f.1_c.1_p.1_a.1_l.1_v.1_fc.1_fp.1_fl.1_cp.1_cl.1_pa.1_pl.1_pv.1_al.1_av.1_lv.1/E=fq
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.84.17 -, , ASN (),
Reverse DNS
Software
Apache/2.4.56 /
Resource Hash
6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:33 GMT
cache-control
no-cache
server
Apache/2.4.56
content-length
35
content-type
image/gif
E=ls:super%20push.0,li
tr.clipcentric.com/s/B=312/F=1594692/C=1059343/P=24664/A=335463/L=84547/V=44526/S=8vY2Nys9/Z=1/I=116.971324.1693793852989/U=www.shefinds.com/T=265/M=w/D=d/ Frame 1EA2 		35 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.clipcentric.com/s/B=312/F=1594692/C=1059343/P=24664/A=335463/L=84547/V=44526/S=8vY2Nys9/Z=1/I=116.971324.1693793852989/U=www.shefinds.com/T=265/M=w/D=d/E=ls:super%20push.0,li
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.84.17 -, , ASN (),
Reverse DNS
Software
Apache/2.4.56 /
Resource Hash
6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:33 GMT
cache-control
no-cache
server
Apache/2.4.56
content-length
35
content-type
image/gif
E=ls:collapse%20ad%20graphic.0
tr.clipcentric.com/s/B=312/F=1594692/C=1059343/P=24664/A=335463/L=84547/V=44526/S=8vY2Nys9/Z=1/I=116.971324.1693793852989/U=www.shefinds.com/T=278/M=w/D=d/ Frame 1EA2 		35 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.clipcentric.com/s/B=312/F=1594692/C=1059343/P=24664/A=335463/L=84547/V=44526/S=8vY2Nys9/Z=1/I=116.971324.1693793852989/U=www.shefinds.com/T=278/M=w/D=d/E=ls:collapse%20ad%20graphic.0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.84.17 -, , ASN (),
Reverse DNS
Software
Apache/2.4.56 /
Resource Hash
6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:33 GMT
cache-control
no-cache
server
Apache/2.4.56
content-length
35
content-type
image/gif
E=ls:full%20size%20container.0
tr.clipcentric.com/s/B=312/F=1594692/C=1059343/P=24664/A=335463/L=84547/V=44526/S=8vY2Nys9/Z=1/I=116.971324.1693793852989/U=www.shefinds.com/T=280/M=w/D=d/ Frame 1EA2 		35 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.clipcentric.com/s/B=312/F=1594692/C=1059343/P=24664/A=335463/L=84547/V=44526/S=8vY2Nys9/Z=1/I=116.971324.1693793852989/U=www.shefinds.com/T=280/M=w/D=d/E=ls:full%20size%20container.0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.84.17 -, , ASN (),
Reverse DNS
Software
Apache/2.4.56 /
Resource Hash
6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:33 GMT
cache-control
no-cache
server
Apache/2.4.56
content-length
35
content-type
image/gif
E=ls:full%20page%20graphic.0
tr.clipcentric.com/s/B=312/F=1594692/C=1059343/P=24664/A=335463/L=84547/V=44526/S=8vY2Nys9/Z=1/I=116.971324.1693793852989/U=www.shefinds.com/T=280/M=w/D=d/ Frame 1EA2 		35 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.clipcentric.com/s/B=312/F=1594692/C=1059343/P=24664/A=335463/L=84547/V=44526/S=8vY2Nys9/Z=1/I=116.971324.1693793852989/U=www.shefinds.com/T=280/M=w/D=d/E=ls:full%20page%20graphic.0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.84.17 -, , ASN (),
Reverse DNS
Software
Apache/2.4.56 /
Resource Hash
6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:33 GMT
cache-control
no-cache
server
Apache/2.4.56
content-length
35
content-type
image/gif
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1463401&asId=97f159bb-6c63-6eac-bc28-7283e06aac88&tv=%7Bc:nawSdv,time:432,type:e,im:%7Bimprf:%7Bttecl:699,ecd:216,tsecr:1%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:432,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:183,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B303~0%5D,as:%5B303~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:145,fm:tOQOlQr+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18111%7C18112%7C181131%7C181132%7C181133%7C181134%7C181135%7C181136%7C181137%7C181138%7C18114%7C18115%7C18116%7C18117%7C18118%7C1812%7C18131%7C18132%7C1814%7C1815%7C1816%7C1817%7C1818%7C181911%7C18192%7C181a1%7C181a2%7C181b%7C181c%7C181d%7C181e%7C181f%7C181g%7C181h1%7C181h2%7C181i%7C19%7C1a%7C1b1%7C1b2%7C1c.930203%7C1c1%7C1c2%7C1c3%7C1c41%7C1c42%7C1c43%7C1c44%7C1c45%7C1c461%7C1c5%7C1c611%7C1c612%7C1c613%7C1c614%7C1c615%7C1c616%7C1c617%7C1c618%7C1c619%7C1c61a%7C1c61b%7C1c62%7C1c71%7C1c8%7C1c9%7C1ca%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1j11%7C1j12%7C1j131%7C1j14%7C1k1%7C1k2%7C1l%7C1m1%7C1m2%7C1m31%7C1m41%7C1m42%7C1m43%7C1m51%7C1m521%7C1m6111%7C1m612%7C1m613%7C1m62%7C1m63%7C1m64%7C1m65%7C1m66%7C1m7%7C1m8%7C1m9%7C1n%7C1o%7C1p1%7C1q1%7C1q21%7C1q3%7C1q4%7C1q51%7C1q521%7C1q6%7C1r%7C1s1%7C1t*.1463401-71225013%7C1t1%7C1u,idMap:1t*,rmeas:1,rend:0,renddet:IMG.us,siq:184,sis:405%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dd1:ab44:ba2a:c71f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:17:33 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		0
0
events
api.permutive.com/v2.0/batch/ 		0
0
dt
dt.adsafeprotected.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d3ezl4ajpp2zy8.cloudfront.net
URL
https://d3ezl4ajpp2zy8.cloudfront.net/shefindsmedia-lifestyle_tag.js
Domain
as-sec.casalemedia.com
URL
https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2F&v=3
Domain
sync.colossusssp.com
URL
https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BUID%5D
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11555&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redirect=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21511%26id%3D%7Bdevice_id%7D
Domain
as-sec.casalemedia.com
URL
https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2F&v=3
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?source=249286
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11227&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D109%26type%3Diframe%26id%3D%7Bdevice_id%7D%26auxuid%3D
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent=
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user_id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lm494fbr&c=156629994009&slotId=78314997004.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lm494frw&c=156629994009&slotId=78314997004.5&uet=2&ghmsh_eids=44770822%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735
Domain
sync.colossusssp.com
URL
https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BUID%5D
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11227&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D109%26type%3Diframe%26id%3D%7Bdevice_id%7D%26auxuid%3D
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=546B0175-D6AA-46B9-A0AD-C2A930BF5276&sInitiator=external&gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11575&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D122%26us_privacy%3D%26xu%3D%7Bviewer_token%7D
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=1463401&asId=97f159bb-6c63-6eac-bc28-7283e06aac88&tv=%7Bc:nawStb,time:1404,type:e,env:%7Bnr_p:1%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1404,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:183,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1275~0%5D,as:%5B1275~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:113,fm:tOQOlQr+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18111%7C18112%7C181131%7C181132%7C181133%7C181134%7C181135%7C181136%7C181137%7C181138%7C18114%7C18115%7C18116%7C18117%7C18118%7C1812%7C18131%7C18132%7C1814%7C1815%7C1816%7C1817%7C1818%7C181911%7C18192%7C181a1%7C181a2%7C181b%7C181c%7C181d%7C181e%7C181f%7C181g%7C181h1%7C181h2%7C181i%7C19%7C1a%7C1b1%7C1b2%7C1c.930203%7C1c1%7C1c2%7C1c3%7C1c41%7C1c42%7C1c43%7C1c44%7C1c45%7C1c461%7C1c5%7C1c611%7C1c612%7C1c613%7C1c614%7C1c615%7C1c616%7C1c617%7C1c618%7C1c619%7C1c61a%7C1c61b%7C1c62%7C1c71%7C1c8%7C1c9%7C1ca%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1j11%7C1j12%7C1j131%7C1j14%7C1k1%7C1k2%7C1l%7C1m1%7C1m2%7C1m31%7C1m41%7C1m42%7C1m43%7C1m51%7C1m521%7C1m6111%7C1m612%7C1m613%7C1m62%7C1m63%7C1m64%7C1m65%7C1m66%7C1m7%7C1m8%7C1m9%7C1n%7C1o%7C1p1%7C1q1%7C1q21%7C1q3%7C1q4%7C1q51%7C1q521%7C1q6%7C1r%7C1s1%7C1t*.1463401-71225013%7C1t1%7C1u,idMap:1t*,rmeas:1,rend:0,renddet:IMG.us,siq:184,sis:405%7D&br=c
Domain
api.permutive.com
URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=2aed5ae2-5875-450b-9e5e-34ac932123da
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=1463401&asId=97f159bb-6c63-6eac-bc28-7283e06aac88&tv=%7Bc:nawSJi,time:2403,type:e,env:%7Bnr_vidqua_4_so_1:2%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:2403,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:183,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2275~0%5D,as:%5B2275~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:113,fm:tOQOlQr+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18111%7C18112%7C181131%7C181132%7C181133%7C181134%7C181135%7C181136%7C181137%7C181138%7C18114%7C18115%7C18116%7C18117%7C18118%7C1812%7C18131%7C18132%7C1814%7C1815%7C1816%7C1817%7C1818%7C181911%7C18192%7C181a1%7C181a2%7C181b%7C181c%7C181d%7C181e%7C181f%7C181g%7C181h1%7C181h2%7C181i%7C19%7C1a%7C1b1%7C1b2%7C1c.930203%7C1c1%7C1c2%7C1c3%7C1c41%7C1c42%7C1c43%7C1c44%7C1c45%7C1c461%7C1c5%7C1c611%7C1c612%7C1c613%7C1c614%7C1c615%7C1c616%7C1c617%7C1c618%7C1c619%7C1c61a%7C1c61b%7C1c62%7C1c71%7C1c8%7C1c9%7C1ca%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1j11%7C1j12%7C1j131%7C1j14%7C1k1%7C1k2%7C1l%7C1m1%7C1m2%7C1m31%7C1m41%7C1m42%7C1m43%7C1m51%7C1m521%7C1m6111%7C1m612%7C1m613%7C1m62%7C1m63%7C1m64%7C1m65%7C1m66%7C1m7%7C1m8%7C1m9%7C1n%7C1o%7C1p1%7C1q1%7C1q21%7C1q3%7C1q4%7C1q51%7C1q521%7C1q6%7C1r%7C1s1%7C1t*.1463401-71225013%7C1t1%7C1u,idMap:1t*,rmeas:1,rend:0,renddet:IMG.us,siq:184,sis:405%7D&br=c

Verdicts & Comments Add Verdict or Comment

451 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| documentPictureInPicture object| marfeel object| mrf boolean| isMobileDevice function| $ function| jQuery function| validateEmail function| mobileMoveRight function| mobileMoveLeft function| ccbForcedQueries function| editorialForcedQueries function| resize_single_cols function| sfCustomFBShare function| putPersonCreate function| form_subscribe function| isElementInViewport object| Sha1 object| __core-js_shared__ object| _bt object| email_subscr function| get_cookie string| BOOMTRAIN_API_KEY_1 string| BOOMTRAIN_API_KEY_2 function| gtag object| dataLayer function| fbAsyncInit object| blogherads function| fbq function| _fbq object| _mag function| hj object| _hjSettings function| kwa object| se object| fs object| _qevents function| lightboxjs function| lightboxlib string| sbiajaxurl function| validatewEmail function| setCookie function| getCookie function| setMyCookie object| cookieOverlay object| cookieBottom object| $lightboxOverlay object| $lightboxBottom number| windowHeight number| windowWidth object| $lightboxOverlayContent object| $lightboxOverlayContentHTML object| $lightboxOverlayClose object| $lightboxOverlayImage undefined| lightboxOverlayImageWidth undefined| lightboxOverlayImageHeight object| visit object| expire object| $lightboxBottomContent object| $lightboxBottomContentHTML object| $lightboxBottomClose object| $lightboxBottomImage undefined| lightboxBottomImageWidth undefined| lightboxBottomImageHeight object| PARSELY object| __pmc_atlas_mg_webpack_jsonp__ object| MoatUA object| __pmc_atlasmg_pbjs object| _pbjsGlobals function| __uspapi object| regeneratorRuntime function| runWidgets object| FB function| amazon_assoc_ir_f_call_associates_ads function| amazon_assoc_ir_f_call function| amzn_assoc_ad_spec_type object| amzn_assoc_ad_spec object| amzn_assoc_ad_async_spec object| adUnitDeliveryNetwork object| slotCounter function| cmManager object| amzn_assoc_cm boolean| amzn_assoc_enable_abs object| amzn_assoc_internal_params function| assocUtilsMaker object| amzn_assoc_utils object| amzn_assoc_ad object| blockedMarketPlacesJson object| blockedViewerCountriesJson function| amzn_assoc_jsonp_callback_adunit_0 function| amzn_assoc_client_cb_0 object| google_tag_manager object| google_tag_data object| mobileMargins object| BAMX function| P function| Composable object| BAMX_EVENT_DATA object| NRTV_EVENT_DATA object| NRTV_LINKMATE_DATA object| NRTV_CLICKMATE_DATA object| googletag object| gaGlobal object| DataLayer function| ___RMCMPW object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules string| _skmPageViewId object| _comscore number| rhombusSiteId object| permutive string| GoogleAnalyticsObject function| ga object| pmc_atlasmg_ga4_datalayer function| quantserve function| __qc object| ezt object| _qoptions object| _aps boolean| apstagLOADED object| apstag object| DIGIOH_API object| LIGHTBOX_API boolean| SENT_LIGHTBOX_PV undefined| jQuery171010820857658037153_1693793839458 object| __buffer object| headertag object| TCD0zQ2 function| TCD0zQ3 object| xop object| hvb88vuhgxs object| 1meuibv6zy80 object| GlobalSnowplowNamespace function| snowplowKW object| diagPixSentCodes object| __iasPET object| __iasAdRefreshConfig object| gaplugins object| gaData string| p1223358051 string| p1223358106 number| p1223358107 function| p1223358165 function| oAddDVTag_ function| oGetPageStats_ function| p1223358136 function| oGetSlotRenderedLineItemIdByDivId_ function| p1223358131 function| p1223358128 function| oDeleteHardcodeRefresh_ function| oRefreshHardcode_ function| p1223358125 function| oProdKPageViews_ function| oCheckDump_ function| oCheckProdK_ function| p1223358108 function| p1223358104 function| p1223358161 function| p1223358102 function| p1223358114 function| p1223358111 function| p1223358109 function| p1223358085 function| p1223358090 function| p1223358076 function| p1223358075 function| p1223358073 function| p1223358066 function| oEnableNullChecklistener_ function| p1223358118 function| p1223358057 function| oPageUnload function| p1223357986 function| p1223357991 function| oSetDataParam function| p1223358110 number| p1223357976 string| p1223357977 object| p1223357978 object| p1223357979 boolean| p1223357980 number| p1223357982 number| p1223357983 object| p1223358004 string| p1223358046 number| p1223357987 object| p1223358054 string| p1223358022 string| p1223358023 object| p1223358060 number| p1223358061 boolean| p1223358065 number| p1223358067 boolean| p1223358069 boolean| p1223358119 boolean| p1223358094 boolean| p1223358121 boolean| oObserverChanges_ boolean| p1223358120 boolean| p1223358122 boolean| oAudienceListenerEnabled_ object| p1223358071 string| oDevice string| p1223358159 number| p1223358162 string| oParentHostname_ string| oParentPathname_ boolean| p1223358072 boolean| p1223358074 number| p1223358089 boolean| p1223358091 number| p1223358092 object| p1223358081 object| oAdSlots_ object| otkjs boolean| p1223358112 boolean| p1223358113 object| optimeraInsights string| p1223358123 object| oLoadedAdImpressionDivs_ object| oTrackSlots_ object| p1223358134 object| p1223358135 boolean| oEnableInfiniteScrollUrls_ boolean| p1223358130 object| p1223358133 object| p1223358137 boolean| oHasStnVideo_ object| p1223358160 boolean| oActivateK_ object| oRPMCids_ object| oRPMHosts_ string| oUniqueId_ object| oDumpedDivs_ object| p1223358164 boolean| p1223358166 string| p1223358031 function| p1223357984 string| p1223357985 boolean| p1223358053 boolean| p1223358033 object| p1223358032 number| p1223358035 undefined| p1223358139 undefined| p1223358140 object| opbjs object| oaudLibjs object| ovpjs number| p1223358034 object| oDv object| oVa object| mly1Oy function| mly1OI object| xblacklist function| kso_0_0x180919 function| kso_0_0x2e98 function| RhScanner function| kso_0_0x1ffd object| krg_so string| sc_rid object| SocialCanvas object| socialCanvas object| CtJL7S2 function| CtJL7S3 function| xblocker number| p1223357988 object| prodKObj string| oUrl_ object| COMSCORE object| ns_p object| ggeac object| google_js_reporting_queue object| Snowplow object| jQuery171010820857658037153 object| apscustom function| setImmediate function| clearImmediate object| ats number| oIndex4_ number| p1223358003 object| scpbjsChunk object| scpbjs object| mnet undefined| google_measure_js_timing object| Criteo object| lotame_sync_16576 function| ha object| ID5 object| __id5_instances object| hadron boolean| __halo_loaded__ function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_na object| sync16576_wa object| sync16576_xa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_L function| sync16576_M function| sync16576_J function| sync16576_la function| sync16576_ma function| sync16576_N function| sync16576_O function| sync16576_oa function| sync16576_P function| sync16576_pa function| sync16576_qa function| sync16576_ra function| sync16576_Q function| sync16576_sa function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_R function| sync16576_S function| sync16576_ya function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_za function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Da function| sync16576_Aa function| sync16576_1 function| sync16576_Ca function| sync16576_Ba function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Fa function| sync16576_Ga function| sync16576_Ia function| sync16576_Ea function| sync16576_7 function| sync16576_Ha function| sync16576_Ka function| sync16576_Ja function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_La function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_$ function| sync16576_Pa function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa object| PublisherCommonId object| au number| google_unique_id object| auvars function| docReady object| autag object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_140 object| Criteo_identitytag_140 object| __uid2SecureSignalProvider object| __uid2 object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 boolean| DFPMessageEnabled function| Tapad object| __IntegralASExec number| google_global_correlator object| closure_lm_495407

398 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIgAIQmJPs76UxCgoIgQIQ-IHs76UxCgoIhwIQ9_jr76UxCgkICRD3-OvvpTEKCQhJEPiB7O-lMQoJCAsQ-IHs76UxCgoIiwIQmJPs76UxCgoIjAIQ9_jr76UxCgoIzgEQ-IHs76UxCgoIjgEQmJPs76UxCgoIkQIQ-IHs76UxCgoIkgIQ-IHs76UxCgoIlAIQmJPs76UxCgoI1gEQmJPs76UxCgkIGxD4gezvpTEKCgidAhCYk-zvpTEKCgjeARD4gezvpTEKCQhfEPf46--lMQoJCB8Q9_jr76UxCgoIoQEQ9_jr76UxCgoI4gEQ9_jr76UxCgoI4wEQmJPs76UxCgoI5gEQ9_jr76UxCgoI5wEQmJPs76UxCgoIrAIQ-IHs76UxCgoIrQIQ-IHs76UxCgoItAIQ9_jr76UxCgkIORCYk-zvpTEKCQg6EPf46--lMQoKCP8BEJiT7O-lMQ==
i6.liadm.com/s Name: _li_ss
Value: CgA
i.liadm.com/s Name: _li_ss
Value: ChkKCQj_____BxCCFgoFCAsQ-BUKBQgMEIIW
.shefinds.com/ Name: btIdentify
Value: d39439bd-14a5-4275-8034-f50a6399855f
.shefinds.com/ Name: _bti
Value: %7B%22bsin%22%3A%22%22%7D
.shefinds.com/ Name: _bts
Value: 4f2e9b72-b2fc-4dbc-abbd-7e0785689a3d
.lightboxcdn.com/ Name: _cfuvid
Value: 92Yw8F8hhmWLU_SAHoYW21MoKywhv1IgPzh60vnuO94-1693793838865-0-604800000
www.shefinds.com/ Name: cookie_two
Value: here
.shefinds.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.shefinds.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1693793839031%2C%22slts%22:0}
.shefinds.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=239153f5d357777b9edc030cbb4bfaaf%22%2C%22session_count%22:1%2C%22last_session_ts%22:1693793839031}
.shefinds.com/ Name: pmc_atlasmg_id
Value: df2469eb-d7dd-4959-a9af-da99d334de3d
.shefinds.com/ Name: __td_signed
Value: true
.shefinds.com/ Name: _td
Value: 3a344566-469e-4696-9ea4-327c06730194
.shefinds.com/ Name: __td_blockEvents
Value: false
.shefinds.com/ Name: _fbp
Value: fb.1.1693793839435.1043375870
.narrativ.com/ Name: uid_bam
Value: 1818697286878933585
.shefinds.com/ Name: kw.session_ts
Value: 1693793839624
.shefinds.com/ Name: kw.pv_session
Value: 1
.shefinds.com/ Name: _hjSessionUser_368258
Value: eyJpZCI6ImJiYzBmYjk0LTk2NDktNTcxYS1iZjkyLTkxNDkxZDBmOWUyYiIsImNyZWF0ZWQiOjE2OTM3OTM4Mzk2NTQsImV4aXN0aW5nIjpmYWxzZX0=
.shefinds.com/ Name: _hjFirstSeen
Value: 1
.shefinds.com/ Name: _hjIncludedInSessionSample_368258
Value: 0
.shefinds.com/ Name: _hjSession_368258
Value: eyJpZCI6Ijg5NWYwZjBmLWY1MzMtNDY3OC04NzExLWNkN2IzMjE4NDdjOCIsImNyZWF0ZWQiOjE2OTM3OTM4Mzk2NTUsImluU2FtcGxlIjpmYWxzZX0=
.shefinds.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
.shefinds.com/ Name: _gid
Value: GA1.2.1769427027.1693793840
.shefinds.com/ Name: _gat_pmcBoomerang
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: A8IYqj_5CE-3mYHs3eSSw9o
.adsrvr.org/ Name: TDID
Value: 7928e066-76a9-463e-af89-7ce88bea635d
.liadm.com/ Name: lidid
Value: d3cf66ec-fc8a-455f-b615-5cc76c73542a
.rkdms.com/ Name: sessionid
Value: h-c66d554be220949c547c15c5ec64ddfa_t-1693793839
.shefinds.com/ Name: permutive-id
Value: e463507a-8e46-46e3-900a-c55cf86d3648
.lightboxapi.azurewebsites.net/ Name: TiPMix
Value: 93.19479144744611
.lightboxapi.azurewebsites.net/ Name: x-ms-routing-name
Value: self
.3d2fb0bd-52fc-4b75-aaf5-2d436c172540.prmutv.co/ Name: pxid
Value: 04426e2d-b621-46d2-90cc-564464620de1
.shefinds.com/ Name: _sp_ses.20dc
Value: *
.shefinds.com/ Name: _sp_id.20dc
Value: 9470e18d-8523-4c94-abc8-3dcc77d09e3e.1693793840.1.1693793840.1693793840.4a3fc116-1f39-4540-b348-a3f0d0efa5b3
.scorecardresearch.com/ Name: UID
Value: 1DC1f425dd9a3e6f55d81ed1693793840
.quantserve.com/ Name: mc
Value: 64f53e30-369f8-a28b9-fea1d
www.shefinds.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.shefinds.com/ Name: _lr_retry_request
Value: true
www.shefinds.com/ Name: _lr_env_src_ats
Value: false
.shefinds.com/ Name: _ga_CGRZHQ8KQD
Value: GS1.1.1693793840.1.0.1693793840.60.0.0
.shefinds.com/ Name: __qca
Value: P0-621095924-1693793839382
www.shefinds.com/ Name: _lr_geo_location
Value: US
www.shefinds.com/ Name: _lr_geo_location_state
Value: FL
.gumgum.com/ Name: cs
Value: true
.justpremium.com/ Name: jpxumaster
Value: r-dad2e94d-5bdd-43fd-83d7-963b6bf43e4b-158060-635452036
.justpremium.com/ Name: jpxsession
Value: r-ec0d2ce2-23b0-457f-95a3-e0ff92d3ffcb-158060-635528405
.justpremium.com/ Name: jpxuuid
Value: r-c9811622-93af-44c7-b87b-378461cd0df0-158060-635561753
.gumgum.com/ Name: vst
Value: u_5acc3aaa-1709-48bc-996d-7993392c2d49
.lijit.com/ Name: ljt_reader
Value: HQzJeBZHuGCrpGR8Q52pzqdh
.yahoo.com/ Name: A3
Value: d=AQABBDA-9WQCEPeEwIw2Hq69UJ4B8ZYPQBQFEgEBAQGP9mT_ZNxH0iMA_eMAAA&S=AQAAAsErNfPMQcCGY0__A9ytGLk
.kargo.com/ Name: ktcid
Value: abacee79-2299-0435-1266-26455dfb7c67
.shefinds.com/ Name: lotame_domain_check
Value: shefinds.com
.a-mo.net/ Name: amuid2
Value: e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7
.prebid.a-mo.net/ Name: sd_amuid2
Value: e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7
.casalemedia.com/ Name: CMID
Value: ZPU.MAL8NXL8cEAE-8TFkQAA
.casalemedia.com/ Name: CMPS
Value: 938
.casalemedia.com/ Name: CMPRO
Value: 938
.rubiconproject.com/ Name: khaos
Value: LM494BTJ-1P-8OPA
.seedtag.com/ Name: st_uid
Value: 78ba3b26-23bc-4e4c-befb-dab3d6a398be
.seedtag.com/ Name: st_ssp
Value: Y291bnRyeV9uYW1lPVVuaXRlZCBTdGF0ZXMmY291bnRyeV9pc28yPVVTJmNvdW50cnlfaXNvMz1VU0EmcmVnaW9uX25hbWU9RmxvcmlkYSZyZWdpb25faXNvMj1GTCZjaXR5X25hbWU9TWlhbWkmbG9uZ2l0dWRlPS04MC4zOTI3JmxhdGl0dWRlPTI1LjkwOTImbWV0cm89NTI4JnppcD0zMzAxOA==
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 84caeabe7dca810754df0c83f721d6ba
.shefinds.com/ Name: _cc_id
Value: 84caeabe7dca810754df0c83f721d6ba
.shefinds.com/ Name: panoramaId_expiry
Value: 1693880240814
.undertone.com/ Name: UTID_ENC
Value: 4bywjpflk0hcx6zrrym79v937
.undertone.com/ Name: UTID
Value: 492e50f022874344a9db824ccc7e44c3
.brand-display.com/ Name: _knxq_
Value: b56d40b5-7773-1242-2f6aa0d4.1693793840.0.1693793840.1693793840
.shefinds.com/ Name: _au_1d
Value: AU1D-0100-001693793841-FI5KD5ET-NTNO
.shefinds.com/ Name: _au_last_seen_pixels
Value: eyJhcG4iOjE2OTM3OTM4NDEsInR0ZCI6MTY5Mzc5Mzg0MSwicHViIjoxNjkzNzkzODQxLCJydWIiOjE2OTM3OTM4NDEsInRhcGFkIjoxNjkzNzkzODQxLCJhZHgiOjE2OTM3OTM4NDEsImdvbyI6MTY5Mzc5Mzg0MSwic21hcnQiOjE2OTM3OTM4NDEsImFtbyI6MTY5Mzc5Mzg0MSwic29uIjoxNjkzNzkzODQxfQ%3D%3D
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adform.net/ Name: C
Value: 1
.adnxs.com/ Name: uuid2
Value: 4011881537103642354
.tapad.com/ Name: TapAd_TS
Value: 1693793841103
.tapad.com/ Name: TapAd_DID
Value: 8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec
.shefinds.com/ Name: _ga
Value: GA1.2.1910143410.1693793839
.adform.net/ Name: uid
Value: 3547929380008100760
.doubleclick.net/ Name: IDE
Value: AHWqTUmoxQIO--dyjBIfNVu2Qt_ocxncTOn1v503aGNPTrb_-Wo5yXM3YOVzt3ZWxeY
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 546B0175-D6AA-46B9-A0AD-C2A930BF5276
.openx.net/ Name: i
Value: 2f46bdb0-e94d-0f65-1598-a192249c1c7d|1693793841
.3lift.com/ Name: tluid
Value: 3934349205523529802736
.simpli.fi/ Name: suid
Value: C0079F51A67C45978E5DF77E05DE4DD6
.smartadserver.com/ Name: pid
Value: 1869577055167662355
.yieldmo.com/ Name: yieldmo_id
Value: 3Rc7eqqnn7qDpk7WJcMz%7C1693785600000%7C0
.ads.yieldmo.com/ Name: re_sync
Value: unl%3D1177085%7Ctapad%3D1177085%7Cpub%3D1177085%7Cdv360%3D1177085%7Can%3D1177085
.smaato.net/ Name: SCM
Value: 818970230e
.smaato.net/ Name: SCMaps
Value: 818970230e
.yellowblue.io/ Name: wrvUserID
Value: kDfme2pzCp_s
.go.sonobi.com/ Name: __uis
Value: 6275276a-1c31-4f7d-a3ea-7cf382941856
.criteo.com/ Name: uid
Value: 6b3993bb-7262-427d-8897-2ad913a7b869
.minutemedia-prebid.com/ Name: wrvUserID
Value: MffyelMzkp_mm
.turn.com/ Name: uid
Value: 7671167391070426394
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjKxVLIyNLM0NTAwNjEx1FGyNEflG6FyTYzRlJsg82sBhzUQBw%3D%3D
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 38aa4246-e467-4cc5-9f7c-952976286688
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZPU_MQAAAyPauwA4
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: e1da7c6c72aae66b
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.contextweb.com/ Name: V
Value: zgn5cAUresle
.advertising.com/ Name: A3
Value: d=AQABBDE-9WQCELysOIOx066MJ9uItaQjgsYFEgEBAQGP9mT_ZNxH0iMA_eMAAA&S=AQAAAhJE-wLsUrNsedq6VKgWr6Y
.bidswitch.net/ Name: c
Value: 1693793841
.bidswitch.net/ Name: tuuid_lu
Value: 1693793841
.openx.net/ Name: univ_id
Value: 537072971|7928e066-76a9-463e-af89-7ce88bea635d|1693793841451096
.360yield.com/ Name: tuuid_lu
Value: 1693793841
.360yield.com/ Name: tuuid
Value: d28fcfe5-3705-4821-8ffc-49f439ce1b44
.deepintent.com/ Name: CDIUSER
Value: di_4180617bbf17460393dff
.ads.yieldmo.com/ Name: ptran
Value: 4011881537103642354
.bfmio.com/ Name: __169_cid
Value: 7671167391070426394
.ipredictive.com/ Name: cu
Value: ef64a777-f1cd-43a8-a50e-1af8b0183d5c|1693793841525
.technoratimedia.com/ Name: tads_uidp_44
Value: LM42VD7V-14-LYXQ
.technoratimedia.com/ Name: tads_uidp_88
Value: 802478536240090136476
.technoratimedia.com/ Name: tads_uidp_45
Value: 33EAD8FF-CDBC-4FB2-8DA7-00F4584842DA
.technoratimedia.com/ Name: tads_uidp_46
Value: 2808652138611183062
.technoratimedia.com/ Name: tads_uidp_48
Value: 4e29f957-8bcf-4dd8-bc1b-49b147223133
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAGqa71rfRgjQNAi8W9AAAAAAA
.technoratimedia.com/ Name: tads_uidp_90
Value: dd6efeea-2c59-4a87-b0ac-dbac85afd4f7
.technoratimedia.com/ Name: tads_uidp_91
Value: 2048915037081700588brt56841675014149615267a0
.technoratimedia.com/ Name: tads_uidp_70
Value: 1622253365053-949194170222-008367-009-004841
.technoratimedia.com/ Name: tads_uidp_50
Value: 84d493ce-1c26-4075-8843-67d68b072782
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-5575f3e1-308b-4f0d-adcb-0dda5fb76792-005
.technoratimedia.com/ Name: tads_uidp_77
Value: zS8c7EWLh5dma92bBrejlbnMAna2NyZdREopAPanuD8
.technoratimedia.com/ Name: tads_uidp_79
Value: 0a8dd11e-745a-4322-b095-303767e6450f
.technoratimedia.com/ Name: tads_uidp_37
Value: bf21a4d8-a510-3880-aba4-ca1e92ccdee5
.technoratimedia.com/ Name: tads_uidp_16
Value: 1543803565212
.technoratimedia.com/ Name: tads_uidp_7
Value: 337d18e7-d735-4638-a9f1-f54b074e6fa8
.technoratimedia.com/ Name: tads_uidp_80
Value: y-OgLWj4xE2uFZz.E2cD3PuDEl7wRaaOtK~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZPUVMLiiIgAsQztXceSw0wAA&2769
.technoratimedia.com/ Name: tads_uidp_61
Value: 212259490056733
.technoratimedia.com/ Name: tads_uidp_83
Value: XDRyPC3y39Ya
.technoratimedia.com/ Name: tads_uidp_62
Value: 3367849441523995000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: 2LfBo8Dbdfbvq11b21_7X3qvTUj_CVvI
.technoratimedia.com/ Name: tads_uid
Value: 325EFEFEE69D4CC091A3A44A64B0FD63
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230206233052+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1687042535605
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-eb067bed-7771-5702-6904-f1a213a26691.CCcTqXk3GKuZgSvnWo0K4Glf6e4zwUAkLnWLfrZZZ%2BE
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-eb067bed-7771-5702-6904-f1a213a26691.CCcTqXk3GKuZgSvnWo0K4Glf6e4zwUAkLnWLfrZZZ%2BE
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A6wZ77XdxVwJpBPGiE6JmkSaEdkw.mgS%2BNT3y1%2FJXugZDDwCVQYPSpfHaiFs05nMOYWF0jVw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A6wZ77XdxVwJpBPGiE6JmkSaEdkw.mgS%2BNT3y1%2FJXugZDDwCVQYPSpfHaiFs05nMOYWF0jVw
.outbrain.com/ Name: obuid
Value: 1e655a16-c129-40ca-a02f-393ec808db4d
.33across.com/ Name: 33x_ps
Value: u%3D212259677762089%3As1%3D1693793841528%3Ats%3D1693793841528
.omnitagjs.com/ Name: ayl_visitor
Value: 91b287752595b0928c3fe9c48677b9d0
.zemanta.com/ Name: zuid
Value: pJzQ7WI8Qm9vWQAlMsLp
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-6a35ffea-8057-313e-bfb9-3e646aac53b8
.blismedia.com/ Name: b
Value: 64F53E3127AFA2DFC8376295BLIS
.bidswitch.net/ Name: tuuid
Value: e8def573-4079-4fed-a230-54596150311f
.sitescout.com/ Name: ssi
Value: 9709dbeb-411f-4392-b1bb-00afbb473d81#1693793841560
.krxd.net/ Name: _kuid_
Value: PxmljCBt
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: b0231eb4-a9f2-53f7-952d-4f68f1d87159
.betweendigital.com/ Name: ss
Value: 1
.bfmio.com/ Name: __106_cid
Value: 7928e066-76a9-463e-af89-7ce88bea635d
.bfmio.com/ Name: __bfio_sync
Value: 5A52D76ACE22F09D8C3916DC043C149D
.bfmio.com/ Name: __io_cid
Value: 7928e066-76a9-463e-af89-7ce88bea635d
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILOkp0tJIG5yA_iq_H4rDZAgPpUGIdiJeXPMFI9-aN6zEHwYBCCx_NSnBjABOgRDMKv5QgRJFbFs.PjoGoUIzm2bYkIA69AVFa21ZJorI5Kw60x%2FP7sxhz90
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILOkp0tJIG5yA_iq_H4rDZAgPpUGIdiJeXPMFI9-aN6zEHwYBCCx_NSnBjABOgRDMKv5QgRJFbFs.PjoGoUIzm2bYkIA69AVFa21ZJorI5Kw60x%2FP7sxhz90
.id5-sync.com/ Name: callback
Value:
.media.net/ Name: visitor-id
Value: 3367954411524477000V10
.media.net/ Name: data-ris
Value: {{APID}}~~25
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.demdex.net/ Name: demdex
Value: 37325644865334343530996390913382611896
.admixer.net/ Name: am-uid
Value: 2c13604cc4584d1995e49827a64c2897
.shefinds.com/ Name: cto_bundle
Value: jJYQjV8zamFiQzJPVEdVT0RxdFV3JTJGYjUyWG4lMkIxSUQ1UkxPUm1xMnNoZ0E3c3dzVjJOQk9iMkRtZWElMkJsU0FQUmFrRDV6a0FkWnFpZzl2JTJCcXQydHJRV3lsZG9KWlRFZGxpWFZiTEpZMWtJalVyWUlQTHN2aEExODIlMkJuODE2MjNlJTJGJTJCWjRadGVHY0lrOCUyQklLaGFLQzRlQk9HN0JBJTNEJTNE
.undertone.com/ Name: UID_EXT_46
Value: 7928e066-76a9-463e-af89-7ce88bea635d
.undertone.com/ Name: UID_EXT_57
Value: ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
.undertone.com/ Name: UID_EXT_39
Value: b787e5ce-4065-0cf1-25cb-76bdb7170fd2
.undertone.com/ Name: UID_EXT_56
Value: y-70lmELdE2uFYfjk5c.xD9t3xIJYO_ELvJyAImdQ-~A
.eqads.com/ Name: EQUser
Value: UID=954cc683-4c37-4611-8406-3ce451d1e04b
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.bfmio.com/ Name: __166_cid
Value: 2c13604cc4584d1995e49827a64c2897
.bluekai.com/ Name: bku
Value: ikG99eWI2VEjbJxJ
.bidr.io/ Name: bito
Value: AAEzzU7J6nwAACbk4ScR2w
.bidr.io/ Name: bitoIsSecure
Value: ok
.dpm.demdex.net/ Name: dpm
Value: 37325644865334343530996390913382611896
.undertone.com/ Name: UID_EXT_47
Value: LM494BTJ-1P-8OPA
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:C0079F51A67C45978E5DF77E05DE4DD6&KRTB&23486-uid:C0079F51A67C45978E5DF77E05DE4DD6&KRTB&23489-uid:C0079F51A67C45978E5DF77E05DE4DD6
.shefinds.com/ Name: __gads
Value: ID=a46a29fc17244e46:T=1693793841:RT=1693793841:S=ALNI_Mab8Hp8IQh6jPtgdAECxbwfEU24DQ
.shefinds.com/ Name: __gpi
Value: UID=00000d8fc381fc6f:T=1693793841:RT=1693793841:S=ALNI_MYpcLClJbX_Alv0IrXxc11Zh3Hnyg
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEBIFCuL02ctOmxY2EnZKdvU&KRTB&23025-CAESEBIFCuL02ctOmxY2EnZKdvU&KRTB&23386-CAESEBIFCuL02ctOmxY2EnZKdvU
.creativecdn.com/ Name: u
Value: qa45XtQKCxwmfyBqSHIl
.creativecdn.com/ Name: ts
Value: 1693793841
.bfmio.com/ Name: __168_cid
Value: AAEzzU7J6nwAACbk4ScR2w
.pippio.com/ Name: did
Value: coXl8zVLgVTx3Ttr
.pippio.com/ Name: didts
Value: 1693793841
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CLH81KcGEgYIgr0rEAA=
.server.cpmstar.com/ Name: USER_ID
Value: W%3b%fb%c9%82%1b%ee%27%7d%ad%ef(Sp%7c
.sharethrough.com/ Name: stx_user_id
Value: 5006350c-a261-44d7-84dd-dbea8f08b6e4
.addthis.com/ Name: ouid
Value: 64f53e3100014be4196dc1dfa6dfe0c3ccba575fa41b61c7f1ba
.addthis.com/ Name: uid
Value: 64f53e3144b85b9d
.addthis.com/ Name: na_id
Value: 2023090402172174000286384242
.mathtag.com/ Name: uuid
Value: 789c64f5-3e31-4100-b68c-6bef558fd551
.linkedin.com/ Name: bcookie
Value: "v=2&667cdc18-efde-43ba-8a02-140ee43a8429"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3037:u=1:x=1:i=1693793841:t=1693880241:v=2:sig=AQE_lIiohFhHobw3NssoFOAMZhxql7Wy"
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-7928e066-76a9-463e-af89-7ce88bea635d&KRTB&22918-7928e066-76a9-463e-af89-7ce88bea635d&KRTB&23031-7928e066-76a9-463e-af89-7ce88bea635d
.mfadsrvr.com/ Name: tuuid
Value: d3abac0a-72dc-4079-b6bf-3a54511c4e93
.mfadsrvr.com/ Name: c
Value: 1693793841
.storygize.net/ Name: U
Value: f3ecbccc-aea0-40f7-af63-e68aebb6f2f1
.socdm.com/ Name: SOC
Value: ZPU.McCo5uYAAFGFxvUAAAAA
.shefinds.com/ Name: _ga_SPS2TCRBW2
Value: GS1.1.1693793839.1.0.1693793842.0.0.0
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!5930-2!5930-3!5930
.undertone.com/ Name: UID_EXT_54
Value: 9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553
.ads.yieldmo.com/ Name: ptrunl
Value: RX-a8ae4ae0-6744-40a6-89da-320e02e0e33f-005
.mfadsrvr.com/ Name: tuuid_lu
Value: 1693793842
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.linkedin.com/ Name: li_sugr
Value: a2159579-e179-46ac-a581-32e54fcaa8a9
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005%22%7D
.bfmio.com/ Name: __178_cid
Value: f3ecbccc-aea0-40f7-af63-e68aebb6f2f1
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7671167391070426394&KRTB&23150-7671167391070426394
.prebid.a-mo.net/ Name: _sv3_13
Value: 1
www.shefinds.com/ Name: TAPAD
Value: %7B%22id%22%3A%2239732a02-dfc5-4de3-a73e-56ae815ec634%22%7D
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAACqLm9CWEhUAMIhyVHAAAAAAA&KRTB&22713-AAACqLm9CWEhUAMIhyVHAAAAAAA&KRTB&22715-AAACqLm9CWEhUAMIhyVHAAAAAAA&KRTB&23519-AAACqLm9CWEhUAMIhyVHAAAAAAA
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.prebid.a-mo.net/ Name: __amc
Value: 2_1693793840_1693793844
.lijit.com/ Name: _ljtrtb_92
Value: 4011881537103642354
.doubleclick.net/ Name: DSID
Value: NO_DATA
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-ef64a777-f1cd-43a8-a50e-1af8b0183d5c&KRTB&23011-ef64a777-f1cd-43a8-a50e-1af8b0183d5c&KRTB&23355-ef64a777-f1cd-43a8-a50e-1af8b0183d5c
.c.bing.com/ Name: MR
Value: 0
.bing.com/ Name: MUID
Value: 2FE5B59149F96A8C1EB9A61348E56B5E
.justpremium.com/ Name: jpxumatched
Value: gg
.tappx.com/ Name: TXUSERID
Value: c2d1ed5a-b593-47b8-b198-d7ba5702d8fef1a
.contextweb.com/ Name: ccpa
Value: 1---
.mookie1.com/ Name: id
Value: 10599855045206035720
.mookie1.com/ Name: mdata
Value: 1|10599855045206035720|1693793844680
.mookie1.com/ Name: ov
Value: 34a900e47906552c1d1506447f28f8ef
.clientgear.com/ Name: mkuuid
Value: mka1c417f5f6be44b981c906350ba5cfaf
.undertone.com/ Name: UID_EXT_53
Value: 546B0175-D6AA-46B9-A0AD-C2A930BF5276
.tynt.com/ Name: uid
Value: 6O+bRWT1PjRb990MMKt2dQ==
.company-target.com/ Name: tuuid_lu
Value: 1693793844|ix:0
.company-target.com/ Name: tuuid
Value: 0a80450f-9a45-46a8-b0ba-1e6a38dde008
.googleadservices.com/ Name: ar_debug
Value: 1
.bfmio.com/ Name: __187_cid
Value: 546B0175-D6AA-46B9-A0AD-C2A930BF5276
.creative-serving.com/ Name: tuuid
Value: e809844b-aeaa-4e32-a1cb-4bc5246812a0
.creative-serving.com/ Name: c
Value: 1693793844
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_4180617bbf17460393dff
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-eG5vbn0_OmtjaT9iKGIkOnxia2JjPGw6fz5nywKv&KRTB&19420-eG5vbn0_OmtjaT9iKGIkOnxia2JjPGw6fz5nywKv&KRTB&22979-eG5vbn0_OmtjaT9iKGIkOnxia2JjPGw6fz5nywKv&KRTB&23403-eG5vbn0_OmtjaT9iKGIkOnxia2JjPGw6fz5nywKv
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzsDQwNzKzNDEyNDMwNTIzEeIz1C0xLEortMwK880JqgAAAmtnySQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzsDQwNzKzNDEyNDMwNTIzEeIz1C0xLEortMwK880JqgAAAmtnySQAAAA
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_3003c761-4ac9-11ee-ba9f-12fa6b58ae11
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4011881537103642354&KRTB&23339-4011881537103642354
.adgrx.com/ Name: ADGRX_UID
Value: 30046c42-4ac9-11ee-ba0a-6250e198ad71
.adkernel.com/ Name: SSPZ
Value: 200784
.adkernel.com/ Name: DSP2F_63
Value: 546302
.adkernel.com/ Name: DSP2F_40
Value: 631495
.adkernel.com/ Name: ADKUID
Value: A8961146309600924623
.adx.opera.com/ Name: UID
Value: OPU7a960d576c444aa68d904f18f36ecd5a
.w55c.net/ Name: wfivefivec
Value: 3SV3kkOj1QCZ9y5
ads.avct.cloud/ Name: uuid
Value: 4a128e3b-88fd-4575-854f-3b7c5c958939
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJ3y8H-Z5fQoBJ1OG8nA4nQ3PIkOIQUZucPPH0IJMnGKq5IxWIWr2TH1ea5QC4TM1
.smilewanted.com/ Name: sw_user_params_infos
Value: 8sdRREvsw7LjLys0YvGw8zcpXOPP9Vh1Mq7gAGi2HqrC4DFwO0QSb4ghkQ26wT5J4VzUYoWUzNtscs3VHAedrAXTlCrENRdWhjYxmJ2OPMhi0ft4PJMvFCug5PZLZweeTMEMvHASWqwcV6z%2FIVuC5Q%3D%3D
.creative-serving.com/ Name: tuuid_lu
Value: 1693793845
.mxptint.net/ Name: mxpim
Value: R33645_10874B36B_F6275555.1.000000000000000064F53E35
.tappx.com/ Name: TXCSDMN_50
Value: 3547929380008100760
.tappx.com/ Name: TXCSDMN_32
Value: 4011881537103642354
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-30046c42-4ac9-11ee-ba0a-6250e198ad71&KRTB&23275-30046c42-4ac9-11ee-ba0a-6250e198ad71
.tappx.com/ Name: TXCSDMN_28
Value: 3934349205523529802736
.postrelease.com/ Name: visitor
Value: 3411b08f-c53d-4f81-a57c-759cc8a2dbdb
.postrelease.com/ Name: status
Value: 1
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
a.clickcertain.com/ Name: _ccpx_u
Value: 5ba5167a%2da1f7%2d4992%2da28e%2df709ca5f9046
.w55c.net/ Name: matchcasale
Value: 5
.tappx.com/ Name: TXCSDMN_80
Value: 5006350c-a261-44d7-84dd-dbea8f08b6e4
.thrtle.com/ Name: mc
Value: eyJpZCI6IjE1YzU1YzkyLWZiMjYtNDlhYi05YzFkLTY2ZjA5Njg1MDQ0ZCIsImwiOjE2OTM3OTM4NDUxMTYsInQiOjF9
pool.admedo.com/ Name: tuuid
Value: 2940fdbe-e48c-4339-a0ac-04f2fd9d5fc9
pool.admedo.com/ Name: c
Value: 1693793845
pool.admedo.com/ Name: tuuid_lu
Value: 1693793845
.richaudience.com/ Name: pdid
Value: 77b813dd-875f-4c75-8e07-1zz1693793603
.tappx.com/ Name: TXCSDMN_253
Value: d28fcfe5-3705-4821-8ffc-49f439ce1b44
.tappx.com/ Name: TXCSDMN_45
Value: 1869577055167662355
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33645_10874B36B_F6275555&KRTB&23092-R33645_10874B36B_F6275555
.tappx.com/ Name: TXCSDMN_1135
Value: OPU7a960d576c444aa68d904f18f36ecd5a
.tappx.com/ Name: TXCSDMN_13
Value: HQzJeBZHuGCrpGR8Q52pzqdh
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-e8def573-4079-4fed-a230-54596150311f
.smartadserver.com/ Name: csync
Value: 147:5006350c-a261-44d7-84dd-dbea8f08b6e4
.quantumdex.io/ Name: uid
Value: 0341107e-b5e8-498e-8e49-12e4a466cfbf
.richaudience.com/ Name: cmpsync
Value: 1
.a-mx.com/ Name: amuid2
Value: e04b39a0-b6a4-433d-b5c7-aeb7ac81aed7
.tappx.com/ Name: TXCSDMN_724
Value: b0231eb4-a9f2-53f7-952d-4f68f1d87159
.c.appier.net/ Name: _auid
Value: s7nypE8-D5-hKIUNNT71ZA
.tappx.com/ Name: TXCSDMN_58
Value: 212259677762089
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiZTA0YjM5YTAtYjZhNC00MzNkLWI1YzctYWViN2FjODFhZWQ3IiwiZXhwaXJlcyI6IjIwMjMtMDktMThUMDI6MTc6MjUuMzc1MDQ5MTEzWiJ9fX0=
.prebid.a-mo.net/ Name: _sv3_6
Value: 1
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22141%22%3A%2220230904%22%2C%22142%22%3A%2220230904%22%7D
.smaato.net/ Name: SCMp
Value: 818970230e
.prebid.a-mo.net/ Name: _sv3_14
Value: 1
.spotim.market/ Name: vmuid
Value: 257707a9de85b7d4
.spotim.market/ Name: a644680
Value: 3934349205523529802736
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1mnx|4is.0.CAESEAxQmIhGF8zzjaf4HKYK258|7dW.0.1|2N.0.AAACqLm9CWEgwgMARrNJAAAAAAA|8nK.0.1|7bq.0.1|7dN.0.AAEzzU7J6nwAACbk4ScR2w|8i8.0.1|8o4.0.1
.360yield.com/ Name: umeh
Value: !79,0,1756001845,-1
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.spotim.market/ Name: a482928
Value: c5340d26-f955-037b-24c2-a96fc1e0ed0d
.tappx.com/ Name: TXCSDMN_728
Value: s7nypE8-D5-hKIUNNT71ZA
.prebid.a-mo.net/ Name: _sv3_12
Value: 1
.a.usbrowserspeed.com/ Name: tuid
Value: 6df96d36-59c6-4c81-aaef-9ae4cf972eb5
.adnxs.com/ Name: anj
Value: dTM7k!M40<Erk#WF']wIg2In<f6.!=!]tbP6j2F-.o%/6/guKFUZ.=2<[uBnY7M6JAjcgYQ9Z(]HRadBaWgppT)PRFOojK-QVlSV8CJ2[<QHImI.FB-I2BL>+SmW8A?n)IVQr)8+Ll8a*rzB7d/Q1*@'s>TK_h7h
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiZTA0YjM5YTAtYjZhNC00MzNkLWI1YzctYWViN2FjODFhZWQ3IiwiZXhwaXJlcyI6IjIwMjMtMTItMDNUMDI6MTc6MjVaIn0sInRyaXBsZWxpZnRfbmF0aXZlIjp7InVpZCI6IjM5MzQzNDkyMDU1MjM1Mjk4MDI3MzYiLCJleHBpcmVzIjoiMjAyMy0xMi0wM1QwMjoxNzoyNVoifX0sImJpcnRoZGF5IjoiMjAyMy0wOS0wNFQwMjoxNzoyNVoifQ==
.richaudience.com/ Name: avcid-opx-uid
Value: 1e47cb03-18f4-07e4-1473-e4416dfc4cca
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAEzzU7J6nwAACbk4ScR2w
.media6degrees.com/ Name: clid
Value: 2s0fvp101170kfrvsng9khw0000000016u011001901
.media6degrees.com/ Name: acs
Value: 012020k1s0fvp1xzt10
.richaudience.com/ Name: avcid-ttd-uid
Value: 7928e066-76a9-463e-af89-7ce88bea635d
.clickagy.com/ Name: cb
Value: ZPU-NcFaWZMhnQFsPQK1N_1u
aorta.clickagy.com/ Name: chs
Value: [{"ch":"4","t":"2023-09-04 02:17:25"}]
.adtelligent.com/ Name: vmuid
Value: 48bf29b70ce2d3f4
.adtelligent.com/ Name: a307682
Value: 0341107e-b5e8-498e-8e49-12e4a466cfbf
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553&KRTB&23418-9709dbeb-411f-4392-b1bb-00afbb473d81-64f53e31-5553
.richaudience.com/ Name: avcid-sma-uid
Value: 1869577055167662355
.richaudience.com/ Name: avcid-inx-uid
Value: ZPU-MAL8NXL8cEAE_8TFkQAAA6oAAAIB
.richaudience.com/ Name: avcid-bsx-uid
Value: AAEzzU7J6nwAACbk4ScR2w
.taboola.com/ Name: t_gid
Value: d32fa22b-0d5e-4f29-9a14-567781a29849-tuctbeec3b5
.tappx.com/ Name: TXCSDMN_52
Value: LM494BTJ-1P-8OPA
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3547929380008100760&KRTB&23263-3547929380008100760&KRTB&23481-3547929380008100760
.360yield.com/ Name: um
Value: !79,EC4h.srF8hiCqaQA4vG9RK9Y0F4khS8UbZV0tqgwDolRHJqfW3BnESl2cbCcyd1P9qgNkyFmHY4s4n2d,1701569845
.lijit.com/ Name: _ljtrtb_85
Value: AAEzzU7J6nwAACbk4ScR2w
.marketiq.com/ Name: ADK_EX_685
Value: 1
.marketiq.com/ Name: ADKUID
Value: A8961146309600924623
.lijit.com/ Name: ljtrtb
Value: eJwVzMsOgjAUBNB%2F6dpFX7e3ddfQEoK6EAKiSwlCIhAjGgzGf7ds58zMl3CyJRGlaGJgVmEkwaD24GJET8F56ZwiGyJN6C3tCLUtns3UNyEz61ZSxrRmIJBRoSQXIANpCGStX5YCUzXO1kbXu8zrjM%2FrmQhauduQlP0wfbrksD9nzr1fedmi7OLk0pTpidePY%2BV35PcHGxAr0Q%3D%3D
.openx.net/ Name: pd
Value: v2|1693793841.2.2.1|vPvMgakWgy.iKbwuYhEgKg2.wvmmvJeSwrf8.g6fYn8wDwtmKvuoqvRwi
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.bluekai.com/ Name: bkdc
Value: phx
.agkn.com/ Name: ab
Value: 0001%3AaX61IIJ50SHd7I121t0WgCEfo9ciKSL1
.w55c.net/ Name: matchopenx
Value: 5
.tappx.com/ Name: TXCD
Value: 1693793847
.go.sonobi.com/ Name: __uir_i5td
Value: 91306907335418662
.go.sonobi.com/ Name: __uin_i5td
Value: 7928e066-76a9-463e-af89-7ce88bea635d
.go.sonobi.com/ Name: HAPLB8G
Value: s86192|ZPU+O
.adkernel.com/ Name: DSP2F_61
Value: 634266
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlsbmlsYWJuamyyC5lvaGSwigXBN7E0MQUAActRpjAAAAA
.rlcdn.com/ Name: rlas3
Value: b1MGTeYuESqTMgLjtCklmf3YA9E9zv/RcCt7Xa9/Qww=
.rlcdn.com/ Name: pxrc
Value: CLH81KcGEgUI6AcQABIFCOhHEAASBgi66gEQAxIGCMLqARAGEgYIuOsBEAM=
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-968907269421605264
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-6wZ77XdxVwJpBPGiE6JmkSaEdkw&KRTB&23334-6wZ77XdxVwJpBPGiE6JmkSaEdkw&KRTB&23417-6wZ77XdxVwJpBPGiE6JmkSaEdkw&KRTB&23426-6wZ77XdxVwJpBPGiE6JmkSaEdkw
.tribalfusion.com/ Name: ANON_ID
Value: a2nvvvP3rT7CiAyPqDM6FeLusikZcUossnFZbJL6tGZbFZdcYJVO7UPdPSsTW7MidAuFs5W0cfHgrrXUQ9NZamG2KtpOUVNyGZdjxcYOQajiwbYjAtQaZcv
.rubiconproject.com/ Name: audit
Value: 1|i7WLabMcVxJ+8DFyTpfhdKS5Bv7H1ouoxdnNVF8ci14pFQkGbpMNqHg4p0/XeChSIF8eIGNzHYLhj2poL1WT8mjYHTlS9mMvXPPiDSkqe4G3EQAtKAzdJEiL/Q+AxqkR
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsI7s7cpOO9ljwQBRIXCghwdWJtYXRpYxILCLyZ2KjjvZY8EAUSFAoFdGFwYWQSCwiisdO9472WPBAFEhIKA2FhbRILCIrTrOKpi4s8EAUSFgoHc3Z4OXQ1MBILCKKC7sLjvZY8EAUSGAoJYmlkc3dpdGNoEgsI6Mq_y-O9ljwQBRgBIAEoAjILCMCIzI76vZY8EAU4AVoIbGl2ZXJhbXBgAg..
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU7a960d576c444aa68d904f18f36ecd5a&KRTB&23485-OPU7a960d576c444aa68d904f18f36ecd5a
.tappx.com/ Name: TXCSDMN_108
Value: 77b813dd-875f-4c75-8e07-1zz1693793603
.tappx.com/ Name: TXCSDMN_76
Value: 546B0175-D6AA-46B9-A0AD-C2A930BF5276
.betweendigital.com/ Name: ut
Value: ZPU-NwAKnsA3QYTtpUcoN23z0cxqji77iNLIiQ==
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:3SV3kkOj1QCZ9y5&KRTB&23421-uid:3SV3kkOj1QCZ9y5
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-38aa4246-e467-4cc5-9f7c-952976286688&KRTB&23340-38aa4246-e467-4cc5-9f7c-952976286688&KRTB&23498-38aa4246-e467-4cc5-9f7c-952976286688
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-546B0175-D6AA-46B9-A0AD-C2A930BF5276&KRTB&23413-546B0175-D6AA-46B9-A0AD-C2A930BF5276&KRTB&23479-546B0175-D6AA-46B9-A0AD-C2A930BF5276&KRTB&23505-546B0175-D6AA-46B9-A0AD-C2A930BF5276
.dotomi.com/ Name: DotomiTest
Value: 23a1aa33e7ec0706
.mfadsrvr.com/ Name: ssh
Value: !triplelift,1693793847!minutemedia,1693793842
.quantserve.com/ Name: d
Value: EK0BIwHvKfijCJiTCuu4EJ9AjcrRAA
.pubmatic.com/ Name: SyncRTB3
Value: 1695081600%3A35%7C1696377600%3A224%7C1694649600%3A63%7C1694995200%3A96_238_3_176_5_48_166_104_220_264_56_99_243_8_231_233_55_22_250_239_178_81_46_54_204_249_21_165_240_214_234_71_13%7C1698969600%3A69%7C1694390400%3A2_223_38_15
.w55c.net/ Name: matchtriplelift
Value: 5
beacon.lynx.cognitivlabs.com/ Name: ss
Value: lwMHa5cK3TvPacgQZiwlhcZdkdm8dE2wjoDlyontIRlvVfJk3IuTsXteD1P3yH%2FBXt2NCi170ueADtqw0WUgpw%3D%3D
.tappx.com/ Name: TXCSDMN_162
Value: RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
.ctnsnet.com/ Name: cid_b79657261c214518a2ca3e61adc9be89
Value: 1
ads.playground.xyz/ Name: connect.sid
Value: s%3ATfvJ5M5IC_HM96tALJsoUH7pQdcU9stN.YAGJYNpSWCSf0Opahm7IT53imN%2BiSYQj7%2Fo4tbs%2FxG0
.acuityplatform.com/ Name: auid
Value: 822873238760
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRRc/MFWgmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUUXPzBVoI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5Mzc5Mzg0NTYxNywiMjQiOjE2OTM3OTM4NDE2MTQsIjI2IjoxNjkzNzkzODQ1NTMyLCIzOSI6MTY5Mzc5Mzg0MTYxNCwiNyI6MTY5Mzc5Mzg0MTYxNCwiODAiOjE2OTM3OTM4NDQ0OTcsIjgxIjoxNjkzNzkzODQ1Mzc5LCI2NCI6MTY5Mzc5Mzg0ODAzNX0
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-822873238760&KRTB&23428-822873238760
io.narrative.io/ Name: io.narrative.guid.v2
Value: 31dc30e0-4ac9-11ee-b039-16c962239a11
.id5-sync.com/ Name: id5
Value: d57e32c0-edb1-7d38-9afc-70222db91bce#1693793841403#5
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7470802481858437332P
.owneriq.net/ Name: pmc
Value: 1
.inmobi.com/ Name: idsp_c
Value: b70f714c-1bc3-4302-a8ca-81ae5d5dae7b
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 18
.pubmatic.com/ Name: DPSync3
Value: 1694995200%3A256_201_263_228_262_258_236_235_259_245_261_260_226_219%7C1694390400%3A253_265_252%7C1694822400%3A257%7C1693872000%3A248_255
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1693815448120
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-s7nypE8-D5-hKIUNNT71ZA
.seedtag.com/ Name: st_cs
Value: MojYJKmHImkGlPWwv/kQr9Vg+WGhOo0iRQxWRQLy7YPW9GEaA/ukzdz47bAPkl6+NLc54kd8AL81Nhtkf3HsiqeUEDz2Kh+ZMA0FskSrN1EcfBO+XZYvo7eOq+FAtR0Jt8O7xU+P65GzbT/hQJKta+i5qQFFsg0UkxfnD5UioCu8O4Escj1kdBT06Yw2kHi/+iJjE+F+wGlXunIMUMMmBhTO1ObYrZIU+lyil4c6YMnC88DPhEQqiu8UizXOyzg6IN3gMhiGGRSwRzWmLgQEOjVLBtk0yDysoVdqzV5TwRHnWot46RFm1EWsbsWFhBM43Vr+4jevAeGMz5fT9jGy+H3EfJe+oxsQOT1HyJov4ZgVcuOp6zJB9Kn2qA7kLnCOgFBR4pjbfGIRYaAnp1Qk0nYOqCerjRcPmVt1ngP3l/PutTx8KVcPmAUD/xdJSNYSrPweCQDJoRqoehA8zrwV4L1JDitCPOJTajUhh4wv08+wgY7ap+dCX2bLL+b6n38ajec0ZAN4KFg7gSWiEb3R8AZ/YMmMnlxzLg9eYBRG82ZLUg3XS3raDnyFlM+eArNkTH4fIYBi/ARXEjWZLPEKs9ODwIN0LonInBAj9J7FzsNFrtRdeOJFIlsvxvd00VQkOuRhbEqXM/8Axh1V4UWFjqWB4kAVgsAN4E+2r4O4xobuFJFfPp+Ch6r3sQCMtGDSB0DjQ2HT/hRyhD7gOQxr+JmqPba7BdFJdTrvVWU3LhB5mEz3L2+vt28H4CWwd290BBy6F2996yTIp76c11JSvknykW75/Xrw/w77RSz++eLFA2F+W20rSvIGZgq8o11JOfW+eNiFmKJWWtlN4ue5Pt2cPUGHcCDes888DiwPtQ/KUNbc+Xdg3NpT5vairnKl6X+CyRG8TmjeJBIfucIdCuGWwvrtf0g1oLsW1zYD0Kk=
.seedtag.com/ Name: st_csd
Value: 1693793848163:1693793848163
.lijit.com/ Name: _ljtrtb_58
Value: 546B0175-D6AA-46B9-A0AD-C2A930BF5276
.adsby.bidtheatre.com/ Name: __kuid
Value: 0233db94-73f6-4b7d-96d6-70bb25b59c43.463007848
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005&KRTB&17107-RX-3559f5de-4611-4ec6-ac6c-cf2f5ef1bc6c-005
.pubmatic.com/ Name: PugT
Value: 1693793848
.audrte.com/ Name: arcki2
Value: 1i5UfFNI3SdQaSPX-DS-ZSwig!20220908!1693793848318!ip#38.132.118.76
.audrte.com/ Name: arcki2_pubmatic
Value: 546B0175-D6AA-46B9-A0AD-C2A930BF5276!20220908!1693793848322
.id5-sync.com/ Name: 3pi
Value: 2#1693793843125#2019845294#4011881537103642354|3#1693793842327#1014062894#789c64f5-3e31-4100-b68c-6bef558fd551|264#1693793847122#-122027173#7928e066-76a9-463e-af89-7ce88bea635d|203#1693793847322#551527831#6b3993bb-7262-427d-8897-2ad913a7b869|108#1693793846438#956260618|429#1693793845855#-743445693#546B0175-D6AA-46B9-A0AD-C2A930BF5276|434#1693793843983#1380961921|502#1693793847122#1821902838|441#1693793846252#1761113494#u_5acc3aaa-1709-48bc-996d-7993392c2d49|1242#1693793848320#706182271|155#1693793845300#1199511427#AAEzzU7J6nwAACbk4ScR2w|124#1693793846038#546210666|796#1693793846711#-2110787348|1246#1693793844645#706182271
.audrte.com/ Name: arcki2_ddp2
Value: 1i5UfFNI3SdQaSPX-DS-ZSwig!20220908!1693793848469
.onaudience.com/ Name: cookie
Value: e979fbba7253bef3
.onaudience.com/ Name: done_redirects104
Value: 1
.audrte.com/ Name: arcki2_adform
Value: 3547929380008100760!20220908!1693793848597
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2dq2:1969~2dq2:175w~2dq2:18z8~2dq2:18za~2dq2:192z~2dq2:190u~2dq2:196y~2dq2:1929~2dq2"
.onaudience.com/ Name: done_redirects109
Value: 1
.spotim.market/ Name: a448580
Value: 546B0175-D6AA-46B9-A0AD-C2A930BF5276
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22e3358483bc%22%2C%22f%22%3A1%2C%22ts%22%3A1693793848818%7D%2C%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1693793844913%7D%2C%7B%22p%22%3A%22632381c622%22%2C%22f%22%3A1%2C%22ts%22%3A1693793848818%7D%2C%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1693793844913%7D%2C%7B%22p%22%3A%221fbac30d28%22%2C%22f%22%3A1%2C%22ts%22%3A1693793846656%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1693793844913%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1693793846656%7D%2C%7B%22p%22%3A%22a3ec099f1a%22%2C%22f%22%3A1%2C%22ts%22%3A1693793848818%7D%2C%7B%22p%22%3A%22b09a7ad68f%22%2C%22f%22%3A1%2C%22ts%22%3A1693793848818%7D%2C%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1693793846656%7D%2C%7B%22p%22%3A%22029cc11ae7%22%2C%22f%22%3A1%2C%22ts%22%3A1693793846656%7D%2C%7B%22p%22%3A%220f90caf3cf%22%2C%22f%22%3A1%2C%22ts%22%3A1693793848818%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1693793844913%7D%2C%7B%22p%22%3A%2295c591d034%22%2C%22f%22%3A1%2C%22ts%22%3A1693793848818%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1693793844913%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1693793846656%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1693793844913%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1693793846656%7D%5D
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsibWVkaWFuZXQiOnsidWlkIjoiMzM2Nzk1NDQxMTUyNDQ3NzAwMFYxMCIsImV4cGlyZXMiOiIyMDIzLTA5LTE4VDAyOjE3OjIyLjg4Mzk2Njg0WiJ9LCJndW1ndW0iOnsidWlkIjoidV81YWNjM2FhYS0xNzA5LTQ4YmMtOTk2ZC03OTkzMzkyYzJkNDkiLCJleHBpcmVzIjoiMjAyMy0wOS0xOFQwMjoxNzoyNS40ODg1NzE4NThaIn0sIjMzYWNyb3NzIjp7InVpZCI6IjIxMjI1OTY3Nzc2MjA4OSIsImV4cGlyZXMiOiIyMDIzLTA5LTE4VDAyOjE3OjI4Ljk1ODQ0MDQxOFoifSwidHJpcGxlbGlmdCI6eyJ1aWQiOiIzOTM0MzQ5MjA1NTIzNTI5ODAyNzM2IiwiZXhwaXJlcyI6IjIwMjMtMDktMThUMDI6MTc6MjUuNzczMTc2MDg3WiJ9LCJydWJpY29uIjp7InVpZCI6IkxNNDk0QlRKLTFQLThPUEEiLCJleHBpcmVzIjoiMjAyMy0wOS0xOFQwMjoxNzoyMC44OTE5MjYwMDRaIn0sInRhcHB4Ijp7InVpZCI6ImMyZDFlZDVhLWI1OTMtNDdiOC1iMTk4LWQ3YmE1NzAyZDhmZWYxYSIsImV4cGlyZXMiOiIyMDIzLTA5LTE4VDAyOjE3OjI3LjM4NDAzNzE1NVoifSwieWFob29BZHZlcnRpc2luZyI6eyJ1aWQiOiJ5LUxidXI0ajFFMnVFbTAwc01JZ3NjU0hvd2laakxEeDFKfkEiLCJleHBpcmVzIjoiMjAyMy0wOS0xOFQwMjoxNzoyOC42ODg1OTcxODlaIn0sIm9wZW54Ijp7InVpZCI6ImM1MzQwZDI2LWY5NTUtMDM3Yi0yNGMyLWE5NmZjMWUwZWQwZCIsImV4cGlyZXMiOiIyMDIzLTA5LTE4VDAyOjE3OjIzLjg1NzkzODg5NloifSwiaXgiOnsidWlkIjoiWlBVLk1BTDhOWEw4Y0VBRS04VEZrUUFBJjkzOCIsImV4cGlyZXMiOiIyMDIzLTA5LTE4VDAyOjE3OjIwLjg5NjQxMDA2M1oifSwic21hYXRvIjp7InVpZCI6IjgxODk3MDIzMGUiLCJleHBpcmVzIjoiMjAyMy0wOS0xOFQwMjoxNzoyOC41NjgzMDk4MTlaIn19fQ==
.pxl.iqm.com/ Name: ttacross
Value: MTY5NTAwMzQ0OTAwNA==
.pxl.iqm.com/ Name: iqm.retarget.uid
Value: 4333c3a9-09d8-4906-a740-6f06cc0edf20
.pubmatic.com/ Name: SPugT
Value: 1693793850
.tappx.com/ Name: TXCSDMN_1111
Value: A8961146309600924623

99 Console Messages

Source Level URL
Text
network error URL: https://d3ezl4ajpp2zy8.cloudfront.net/shefindsmedia-lifestyle_tag.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Message:
Failed to load resource: the server responded with a status of 403 (FORBIDDEN)
network error URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Message:
Failed to load resource: the server responded with a status of 403 (FORBIDDEN)
network error URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Message:
Failed to load resource: the server responded with a status of 403 (FORBIDDEN)
network error URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Message:
Failed to load resource: the server responded with a status of 403 (FORBIDDEN)
network error URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Message:
Failed to load resource: the server responded with a status of 403 (FORBIDDEN)
network error URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Message:
Failed to load resource: the server responded with a status of 403 (FORBIDDEN)
javascript error URL: https://www.shefinds.com/
Message:
Access to XMLHttpRequest at 'https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2F&v=3' from origin 'https://www.shefinds.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2F&v=3
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&halo_id=060kihgfc676faj6hbef6ekceadlebk8k98yusqoj021oew0sgmo0myimek0mgy4y
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://ids.ad.gt/api/v1/t_match?tdid=7928e066-76a9-463e-af89-7ce88bea635d&id=AU1D-0100-001693793841-FI5KD5ET-NTNO
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001693793841-FI5KD5ET-NTNO
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&google_gid=CAESELLoPY9fw-eN3etguzwUmVc&google_cver=1&google_ula=450542624,0
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&adnxs_id=4011881537103642354&gdpr=0
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://ids.ad.gt/api/v1/pbm_match?pbm=546B0175-D6AA-46B9-A0AD-C2A930BF5276&id=AU1D-0100-001693793841-FI5KD5ET-NTNO
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&rub=LM494BTJ-1P-8OPA&gdpr=0
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://ids.ad.gt/api/v1/amo_match?turn_id=8528246354618352674&id=AU1D-0100-001693793841-FI5KD5ET-NTNO
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&tapad_id=8fd0fa3c-0c09-4649-a67d-5a9e4dc339ec
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001693793841-FI5KD5ET-NTNO&uid=6275276a-1c31-4f7d-a3ea-7cf382941856&gdpr=0
Message:
Failed to load resource: the server responded with a status of 502 ()
security warning URL: https://tagan.adlightning.com/sheknows/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/sheknows/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20546B0175-D6AA-46B9-A0AD-C2A930BF5276&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=441&segid=21144,21967,32638,32745,33093,33097,33495,33515,34895,35238,38317,38334
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://d3r7h55ola878c.cloudfront.net/btn/1.0.2/btn.js?_=1693793842265
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://www.shefinds.com/
Message:
Access to XMLHttpRequest at 'https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2F&v=3' from origin 'https://www.shefinds.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2F&v=3
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?source=249286
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://id5-sync.com/k/155.gif?puid=AAEzzU7J6nwAACbk4ScR2w&id5AccountNum=155&numCascadesAllowed=9
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ids.ad.gt/api/v1/index?cb=https%3A%2F%2Fssum-sec.casalemedia.com%2Fium%3Fsourceid%3D15%26uid%3D&us_privacy=1---
Message:
Failed to load resource: the server responded with a status of 502 ()
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://events.release.narrativ.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ssum-sec.casalemedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://s.amazon-adsystem.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://gum.criteo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://u.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pandg.tapad.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eb2.3lift.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pre.ads.justpremium.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cdn.undertone.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cs.seedtag.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ssp.api.tappx.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://events.release.narrativ.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ssum-sec.casalemedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://s.amazon-adsystem.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://gum.criteo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://u.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pandg.tapad.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eb2.3lift.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pre.ads.justpremium.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cdn.undertone.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cs.seedtag.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ssp.api.tappx.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
network error URL: https://id5-sync.com/k/264.gif?puid=7928e066-76a9-463e-af89-7ce88bea635d&ttl=%%TTL%%
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://csync.loopme.me/?pubid=11227&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D109%26type%3Diframe%26id%3D%7Bdevice_id%7D%26auxuid%3D
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://csync.loopme.me/?pubid=11575&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D122%26us_privacy%3D%26xu%3D%7Bviewer_token%7D
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://csync.loopme.me/?pubid=11555&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redirect=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21511%26id%3D%7Bdevice_id%7D
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://csync.loopme.me/?pubid=11227&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D109%26type%3Diframe%26id%3D%7Bdevice_id%7D%26auxuid%3D
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
security warning URL: https://tagan.adlightning.com/sheknows/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
3d2fb0bd-52fc-4b75-aaf5-2d436c172540.prmutv.co
892a18b972a906b9c75dc2757278ae8d.safeframe.googlesyndication.com
a.ad.gt
a.audrte.com
a.clickcertain.com
a.tribalfusion.com
a.usbrowserspeed.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax-us-east.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.avct.cloud
ads.betweendigital.com
ads.blogherads.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.shemedia.com
ads.stickyadstv.com
ads.yieldmo.com
ajax.googleapis.com
amazon-tam-match.dotomi.com
analytics.google.com
aorta.clickagy.com
ap.lijit.com
api-2-0.spot.im
api.permutive.com
api.rlcdn.com
as-sec.casalemedia.com
assets.a-mo.net
async01.admantx.com
ats.rlcdn.com
aud.pubmatic.com
b1sync.zemanta.com
bc.marfeelcache.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bpi.rtactivate.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cdn.adsafeprotected.com
cdn.boomtrain.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.indexww.com
cdn.keywee.co
cdn.parsely.com
cdn.permutive.com
cdn.prod.uidapi.com
cdn.rhombusads.com
cdn.undertone.com
cdnjs.cloudflare.com
ce.lijit.com
ced-ns.sascdn.com
clipcentric-a.akamaihd.net
cloud.typenetwork.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms-xch-chicago.33across.com
cms.quantserve.com
collector.sheknows.com
connect.facebook.net
contextual.media.net
core.iprom.net
crb.kargo.com
creativecdn.com
cs-server-s2s.yellowblue.io
cs-tam.minutemedia-prebid.com
cs.admanmedia.com
cs.media.net
cs.minutemedia-prebid.com
cs.mobfox.com
cs.seedtag.com
cs.yellowblue.io
csi.gstatic.com
csync.loopme.me
csync.smartadserver.com
csync.smilewanted.com
cw.addthis.com
d.adroll.com
d.turn.com
d15kdpgjg3unno.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d3ezl4ajpp2zy8.cloudfront.net
d3r7h55ola878c.cloudfront.net
de.tynt.com
direct.adsrvr.org
dis.criteo.com
dis.eu.criteo.com
dmp.adform.net
dmp.brand-display.com
dpm.demdex.net
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
dyv1bugovvq1g.cloudfront.net
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eu-u.openx.net
eus.rubiconproject.com
event.clientgear.com
events-ssc.33across.com
events.release.narrativ.com
fastlane.rubiconproject.com
fastly-cloud.typenetwork.com
feed.pghub.io
fls-na.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.privacymanager.io
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
hb.undertone.com
hbx.media.net
hde.tynt.com
htlb.casalemedia.com
i.liadm.com
i.w55c.net
i6.liadm.com
ib.adnxs.com
ice.360yield.com
id.a-mx.com
id.hadron.ad.gt
id.rlcdn.com
id.sv.rkdms.com
id5-sync.com
idpix.media6degrees.com
ids.ad.gt
idsync.rlcdn.com
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
intljs.rmtag.com
inv-nets.admixer.net
io.narrative.io
ipac.ctnsnet.com
jadserve.postrelease.com
js-sec.indexww.com
krk.kargo.com
lb.eu-1-id5-sync.com
lh6.googleusercontent.com
lightboxapi.azurewebsites.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.justpremium.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
maxcdn.bootstrapcdn.com
mug.criteo.com
mweb.ck.inmobi.com
odr.mookie1.com
onetag-sys.com
onsite.boomtrain.net
ow.pubmatic.com
p.ad.gt
p.rfihub.com
pagead2.googlesyndication.com
pandg.tapad.com
people.api.boomtrain.com
pghub.io
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.keywee.co
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixels.ad.gt
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
prebid-server.rubiconproject.com
prebid.a-mo.net
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
pxl.iqm.com
r.bidswitch.net
r.casalemedia.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rtb2-useast.marketiq.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.c.appier.net
s.company-target.com
s.seedtag.com
s.spotim.market
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
script.hotjar.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.insightexpressai.com
secure.quantserve.com
securepubads.g.doubleclick.net
server.cpmstar.com
shefinds.com
simage2.pubmatic.com
simage4.pubmatic.com
socialcanvas-api.kargo.com
socialcanvas-cdn.kargo.com
sqs.us-east-1.amazonaws.com
srv-2023-09-04-02.pixel.parsely.com
ssbsync-global.smartadserver.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.api.tappx.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.bam-x.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-amz.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adotmob.com
sync.adtelligent.com
sync.bfmio.com
sync.colossusssp.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.quantumdex.io
sync.richaudience.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.spotim.market
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
tagan.adlightning.com
tags.bluekai.com
tags.crwdcntrl.net
tg.socdm.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
tr.clipcentric.com
triplelift-match.dotomi.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
um4.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us.creativecdn.com
us01.z.antigena.com
usersync.gumgum.com
usr.undertone.com
vc.hotjar.io
visitor-usa02.omnitagjs.com
visitor.omnitagjs.com
widget.sellwild.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lightboxcdn.com
www.shefinds.com
www.storygize.net
x.bidswitch.net
z-na.amazon-adsystem.com
api.permutive.com
as-sec.casalemedia.com
csi.gstatic.com
csync.loopme.me
d3ezl4ajpp2zy8.cloudfront.net
dt.adsafeprotected.com
sync.adotmob.com
sync.colossusssp.com
sync.search.spotxchange.com
uipglob.semasio.net
104.104.103.253
104.127.172.242
104.18.111.252
104.18.38.76
104.19.150.54
104.36.115.113
107.178.254.65
107.23.63.94
107.23.73.10
108.138.106.124
108.138.107.138
108.138.128.28
108.138.128.63
108.139.47.108
13.225.214.43
13.225.214.84
13.35.93.23
13.35.93.71
131.153.148.3
141.226.224.48
141.94.171.215
141.95.33.111
142.251.163.148
147.28.146.89
151.101.129.91
151.101.193.91
151.101.194.207
151.101.194.217
151.101.2.49
151.101.65.108
162.19.138.82
162.248.18.10
162.248.18.32
162.248.18.37
162.55.236.224
172.104.64.149
172.105.235.90
172.253.122.156
172.253.63.154
172.64.148.101
172.64.149.180
172.67.10.198
173.231.178.83
174.137.133.32
174.137.133.49
178.250.7.11
18.164.101.60
18.164.107.227
18.164.116.73
18.164.131.14
18.164.96.46
18.164.96.50
18.164.96.54
18.164.96.6
18.165.26.102
18.165.9.13
18.173.219.40
18.235.85.213
184.73.5.153
184.86.146.172
185.167.164.37
185.184.10.30
185.184.8.90
188.166.17.21
192.132.33.46
192.40.36.238
195.244.31.10
195.5.165.20
198.148.27.131
199.127.204.142
199.232.197.131
199.250.161.129
199.38.167.131
20.40.202.0
20.85.134.6
2001:4860:4802:34::181
202.241.208.56
204.62.13.72
207.198.113.203
213.19.162.80
216.22.16.8
23.105.12.170
23.105.12.173
23.200.0.13
23.203.25.11
23.215.40.23
23.219.8.236
23.220.120.23
23.220.121.87
23.221.12.2
23.227.139.243
23.23.220.154
23.88.86.2
2600:1408:c400:1885::1ec4
2600:1408:c400:59::17d5:9e14
2600:1408:c400:8::17cd:680d
2600:1f13:800:7782:dd1:ab44:ba2a:c71f
2600:1f18:4e9:5a05:92c5:57a0:36d6:5a53
2600:1f18:61c0:2204:330d:d91c:ff43:9dc5
2600:1f18:765:4800:7681:18d0:4c60:ba77
2600:1f18:ed:550a:4bc9:ac6a:bf5b:3f86
2600:9000:210b:f200:1b:9b08:7f00:93a1
2600:9000:21dd:4e00:6:44e3:f8c0:93a1
2600:9000:2209:5400:1b:5138:8a40:93a1
2600:9000:2209:7200:e:ec66:e40:93a1
2600:9000:246c:d800:8:48e:53c0:93a1
2600:9000:246d:7a00:5:82fd:2500:21
2600:9000:246d:b000:11:b309:9100:21
2600:9000:246d:ee00:a:e047:753:6381
2600:9000:2511:ee00:1f:2473:9080:93a1
2600:9000:2514:3600:17:c484:6380:93a1
2600:9000:26fa:f400:13:6a46:aa00:93a1
2602:803:c002:300::98
2603:c020:400d:3000:7130:bb0b:d7e:bee2
2604:9e00:1:129::2:a01
2606:4700:10::6816:2460
2606:4700:10::6816:3556
2606:4700:10::6816:445
2606:4700:10::6816:4f8f
2606:4700:10::6816:545
2606:4700:10::ac43:246e
2606:4700:20::681a:832
2606:4700:3031::6815:29fd
2606:4700:4400::ac40:97ee
2606:4700::6811:190e
2606:4700::6812:18ad
2606:4700::6812:bcf
2606:4700::6813:9f13
2606:4700::6813:d383
2606:ae80:1471:1b::1690
2607:4f00:946::2
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c07::95
2607:f8b0:4004:c08::84
2607:f8b0:4004:c08::8a
2607:f8b0:4004:c08::8b
2607:f8b0:4004:c08::9c
2607:f8b0:4004:c09::61
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c17::71
2607:f8b0:4004:c17::84
2607:f8b0:4004:c17::9c
2607:f8b0:4004:c19::5f
2607:f8b0:4004:c19::84
2607:f8b0:4004:c19::8b
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1b::5f
2607:f8b0:4004:c1b::6a
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:1456:d0e1:7db4:a56b
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
3.16.120.123
3.214.33.241
3.215.203.164
3.215.94.1
3.221.48.93
3.221.79.249
3.225.218.10
3.225.45.118
3.227.84.17
3.236.169.110
34.102.147.248
34.102.163.6
34.102.243.38
34.102.253.54
34.107.254.252
34.111.113.62
34.117.239.71
34.120.155.137
34.149.50.64
34.160.19.107
34.193.131.34
34.197.26.74
34.201.248.15
34.204.212.37
34.205.113.183
34.230.226.68
34.232.59.64
34.233.10.41
34.239.25.47
34.240.222.243
34.96.105.8
34.96.71.22
35.186.193.173
35.186.253.211
35.190.60.146
35.190.90.30
35.194.66.159
35.207.24.140
35.210.53.219
35.211.118.13
35.211.178.172
35.236.200.4
35.241.45.217
35.241.9.51
35.244.159.8
37.157.6.232
38.98.139.150
38.98.69.175
40.76.134.238
44.206.88.126
44.207.99.201
44.217.4.96
44.228.95.230
47.252.78.131
51.222.39.186
52.201.46.70
52.201.5.219
52.203.22.13
52.204.63.111
52.21.15.216
52.223.22.214
52.223.40.198
52.23.107.16
52.4.119.35
52.4.169.33
52.4.33.45
52.43.171.21
52.46.151.131
52.46.154.149
52.5.117.77
52.55.40.211
52.71.215.87
52.73.128.118
52.86.112.232
52.86.45.136
52.94.225.95
54.146.97.31
54.158.15.5
54.166.159.80
54.174.208.173
54.192.161.188
54.204.10.18
54.230.163.71
54.71.6.251
54.86.12.53
63.251.114.137
64.202.112.31
64.74.236.31
67.202.105.24
67.202.105.33
67.220.228.203
68.67.179.166
69.166.1.35
69.173.151.100
69.173.151.96
69.90.254.78
72.251.238.254
74.119.119.139
74.119.119.150
74.121.140.211
8.18.47.7
8.2.110.206
8.28.7.105
8.28.7.83
8.28.7.84
80.77.87.162
82.145.213.8
96.46.186.57
017e23cd30cf3318b71b12a335816c4a8b0c1e189e1496d014f579d9c0c158ce
019aae4c5f57fe5e607f6627d3405fa299599b24a2bdfad2bfe383eb3a547b58
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01dfcfe991ac2e4dffd53173f4668c3fb3df791900c35c633c06ed1f73f1ce44
037873e3bde7304011cab230abd95899bc51a3936e70d756bcd8bc8dfa72268d
041639ca2ca4c1ac138d86d2beeed135b2bc0e0024240c313dfa17cebaf3815c
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0622a6091ea7ba42d0c58b9c704410c1eab10052e8c818e2e62a6cedeb00fe67
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06cb254f45f6bbe566d606cb45e0d8e1b6fa09dd2d9683a4e4bb4fda973fb91a
07441c0650539d317a2b7f53c93d1ae9103478b35e9184f1a12a318d9f69361a
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0912420957e1349dea4b9d6467adc71c30de0c1f9b2e09d84003b3eae03971f9
0919010befa0b531da092173532edec8241e5facac1fe25ae626fc2bf2bfa372
0a2c97c9c66867b38ceb5b388b82a9cedad85cc5c69902e39fcd252920f17581
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0bc226502ad17965f57283cace7265a669be5cad17a486638237cc306bcc4df8
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d43cf6ee2a94f6120efed2bff5fd431452117ac4fde83201e9916b406266ae7
0d91e8b78f9d50f6dca25fdc4ef9d7cb2a5e0c102ad56ede94e74294de384682
0dbb4c54621ddbe5ae056b06a3aee8b41d8cb9f27d927db1716e6d0f134f0870
0df0c4ef7a90513c1de5be1efb1d1a23f42dca9e9491fd9944f6f92710634976
0e0ce38f564b89baf2c8279a8bfcc861d3e1ee2558d63867c096072aafd4f6a5
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b
1246031db44c592308d471d3a30a42b9a949f7890d70730027ec844d8854c4d7
1364d43be2c234b3d47b6ecd9841d4ff6a4fec384cad821b51c27c7c559cf566
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
15956c0a2d4731c70792f145ac91f4e53c8012f06f67ab0bfce1cc1cbd842f6f
16453d1eb8a63332323217cae56bb238a2845b08e4ded3caee22de5570e53cce
16c36663f97514a647d59389aac6d982fef302ff56d4d1ea9df1bda9440909f1
172e82fb9c69d0838aff5ecc6ccf73b4dd42372045993942b56a6e2885144377
1800ac1ca3a7f0961bbbedbbdd49055fdc44aaa02e8f280257874c91745e7d66
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b0c18659c885963e4f6615a60e438ff27a296aa3134156ffe782d44d38d2253
1c46829c0fdbb5a474b233d1b95b4058205430a12b8b5479ec947ce0aa42f3dd
1c813f41d56ed01031d68f8c525674de0f575c0c260905b922aee2715f225116
1cfd377a43ad961ed4d4d605e0e660d5062aced99a2d1d869020ae158502b8cd
1d44a787447f80b8126054428bbbb849a8197c6b38815ceb5c6ff3c354434dd5
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
1e5ada85311794e56eaaa31718cef387f575ecc1cbb855ea721fef82b4624a65
1e9566328ed695496ddcfab7d78dffb01b62ec2e7fe0b2f09d95e8301ce698a1
1f4bc16f8f64c06ea93f8385b1c521c2f5d776749dc5e142f6c53b1d1a78535e
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
216cc48cb3d89f1595a155e98553a666247286de5ada97e7c41abd0c9365abb9
21bc65f86e0cd8dfbe47d505c85430a1356b7285e09f10a5fe1eff893dd27314
22798a3b8634170635f6cdaf547679b85ada677ff4f1aca1aca8bb1d0ff780c2
22816a00dfe9fcdc30063d22717ab9cbab3aeb2a8e9844e9d774d256dc48b7c8
2394d12e4577671d6d8a98826b3712c6c321b2d3fdc67d335ee329415631cebb
257c1be96ae69f4b01c2c69bdb6d78605f59175819fb007d0bf245bf48444c4a
26fead6d02f439d69fe920268e7ece8f64a2be8d2b3fb63b918ed113ff45f53f
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
291093e0a6fb10eed36fa3d930b918718d48f48aa7d94127a0804bf3982069e7
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d
2c1640e3e54c335f18e92d56af8ea22052c5d3317670807c87bfd584fdff9808
2cd6734d1b711e88870ae312c46cd370f548a188eeceed18e64e0aa395a86871
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e00b4f33ea4732cd0544a947768442d96c23d6cad0d20b26a0c3d7c7359d845
2e7df51881edd22359b6e09b60d052c2216ce4e44b62889b49eff28f84004176
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f73d3456c09f91208671934c797088c1fa9ac2bbfcdd793408714dcd29ee44d
30be9e5b31be3e8d8511202f60a2f6114125e1e1f5df605f06ddb2c0f2ede699
30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08
31589236a2280c05ce492d743cfbfe02687704f2f8419f1a54f850733f1c1d43
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
323e3ae0e8c8ea495ddda1de99eecfd486bf3ed5cf6daf912e2dbe3e64be6e57
330e25c0558ee1f21b86897d71f3f38a45eb47cc3ca3e71e4117f55367cdde5f
33137246c4635a064eea5ac65eaa8127d515684868ebafaa8aa6061564d6dd1a
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
338b5c4c1b11fe592414842a27604a9f395a0dd5a11e355df715aa63fc39a6c6
343a6c2bc4231fcde5a83ef906379d2317391d648ac2c9cfe441bc8bfc7c9bed
343bb230819cb92e0ecacf1196f49eb120912089d2d1693ea62f1ced40b8f6ad
34781a83f4c9966ba06d7bb47e5fc57fe8e7dc68767171a4b509e0a5e7864669
362afdb7f49f842619ac1de7bb636ea64897c88c304fa81931b6f40e4b963494
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37597749138fa42a69781979c9c7e2775b1b214f6be63ba2b970c7381cceb6ab
377e9d224c6589e935c30e4452bbf7b6fb63dcb3f6ef11b6aeaa60a13880be08
379ccdbeb5b59ace2ae2cf3a95c68fe8c4e1ea939a58734d2b5e08bd04ecec3e
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3885bbf73299c785780e33c59fba6cce695374dfa2db19466649c00cb227108c
38b41faed58291eb888f22d8ce2d1a6b58bd52fe72c13c8ffa444d10a632da3b
3909e7928f53c8d05698c8088d9c8a99fc7e663288698828ff7d47d827335fb8
39234ab5c96830187377fab2529fffc4b2d9d81c94193f5359dd8b8cea2f92f5
395927eda8e152ba4518536930ad88d5472fdccd9323093f3998a968810d0ce7
3a62eb29c9d1820c3cc7d3710fa753e3544f87337f11bce180c573a5d73eb709
3a64691c38bad77baf9e509002e69ee162c4e7d8dde700400578967cc9231982
3aa2c009711c2e611ac48a34fc42b5b5019d3237c2406edde73d219f19b9c445
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3afa29609b287f240f3f088c61fca96d33d832fafac704937026907d364fa42b
3b3660ad66d99dcff9a626891996aec896c54096d9f832e0878f668c4bd8652d
3bfc733aad4edd0f1eab235dac99bf8d8b4edb54465d830ae8f94b0b4c0e6569
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e4b92c625d504bbb58351b21b455c730169ce7d710635c504a3f2f2498230b0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403c3e8e5b63d1cbf22fae35b73034d596e00ba44ef04183dd11848bf400905c
416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78
4240f5f1567668c90d34aaf10dcd7d3212e51354e17d713116673285fd95f15d
42d3eb7d373afb36dd72a7e4aefba98de82fc8706fccc34f42810c2c0760ea2b
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441dde5d96e5a37321d12aa21210935637f2203b34bbf6e67cf1646bf7154d91
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49727c6d1651bc546bce0a8edc49bf60906b7154d1f766657aa6a9fc9f2164c0
4a26d2993e207085e1665f8c40a8081fdc93a7e250fdbdf008dac5e86e567257
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf
4a8cafc6e7996f3238078c513d852564d8e07759ecb594726e9b556e2eaa882d
4a8cce7bd28f740b0ec159c5c8f5ccfa25cec1350e0791ce5af5f364208952ed
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
4c6af410bfcd72db7d0afbc9dc5b37dc6f44118f164453dc7c9b553bdfd1132f
4c98884c2ffa1e05766474e52c250a0af9e63e92e2811c8cececef91b2b038fb
4d15403cb1add839b53b85cac2f696f3f2f4c5e71716fa1ac3fd4c7c8f19dd6c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec5073d967f504b4516485024e032aba6da70ceb6319b556ed854d0d8095dec
4ecec47e9085209334bb389ec734b521931a6d668563b19f91510cacfb01cd99
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
530fdb04fba9d9ae16315c51c1f87482f690392c5b971b03465f7302bccf51e2
53603111043eb286e63049466c4076ec0e97db73e9c8895accb8cb801a3658dc
538ee627800738d499a82851793a576403661b6959b865cacfe2be2c7d1f7ceb
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51
546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557c7242da6967c57875ea939198caaa3bc37cfee87a9652ecb57a4152e7654b
55cf937d853c81c76530517d51f43d473429c9b6fdc5b167cb0e0d978ab519a3
561225210e63c49c17f08dc4050d77422d0d41b1bbe119132214d3a2ae644731
563c2828b96e60d471d369d0f12dabe89e209931b7f1486dec16ab7a19c87930
5657ab9658059b2a3bded3c90eadb90ccf67bb4ce09965cd45114d6301a76543
5b9cb3a70f1e5baa6b5a0bb57c5e86b1765ce3b74a8308a768e054951ed621f9
5d6d6e361ea298783bf73674c04fc4031157940eec9e8033e784810dcd310327
5e917e91e761080350fd2a00d12b45519a36434ed4fd15624d17dbd5e94374a3
5ecda44a108d559f69ea5d0687a080fee360eb8ffd118aee7783edc269cd4c5e
5f3a0799e9cd82c9eda11896c8f6908200e0803f110c3ab687183081904d367d
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
5fc4be89c520fa1ff537e90cd96b13dcca942a99f71c0c82fdaac28019dd9d11
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
617b56ef335b0df162839e835c45e260ee2b129984b49f4198e3826d59ff0075
626f53e80c5230442daf520875519d7ee61c71726705e60e124b9e3b12006bae
6272c92a7b737f583b957b66da0613f8d5a32b9a11c8e267f66b0d668b9174df
62e9db908f55d3b2fcb85b18200762e7257c6b62ddee7d317fe5f4f0e80e1b8c
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
637d253670396e8966c62d920d4a132977cd8489bd8d3e5d40caa5ecc0cb74f6
64348713a5cbbbb38447fa1ad62017595c6f63af8e23921ab5d60d51fd776fd2
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
68d3b398ff73de089a841115251275f354fabe24d9c9750dbd7fb5e2995a5da0
6969bdf88a5cce710189e26a5b582a593cbfc5d6c5c0c4d1c29bc70566837677
696b7b641d993b2664d20d1fc0a7d81e1dfe55db60535b8b946159e3e7aadb28
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019
6dacad7a02574323e64231bdb477b99dbac3bfafe28be370fb3d2e9fb2650b9c
6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b
70548009be0dcf9324b1f1e3b128f50a22f1a27988968e69fcf10e44d0d2a0b6
70e05872774adbde4975fd25997fa6b82148efeec66b64c16e266f616f529233
71a3413564e3b7f97e48ee246da8d44f772d1e65db33310b7db628f90b1a43bb
73f9ef3e9080ff8604eb6ea5c772fb0e0a852870c26237ec820fba97fe222a6b
75923de2a993785ccab38a3f2766e0ef00649c91bce9c3373ea78fa40dcf68f4
75e68f6bd9e6a22cef0e97aa7cf61dca6b9afa6572d91517fdf799e11d4f9073
79bdbc5eec1a17fcf72f932f52818982c559bc1387a5dfbf7d714b5d6f5ebe62
79fd83bcdd3db7cac0a11b39c2878c0aaadbe136cffccc39c99793ee6a428675
7aae7be072b60f210ff53423bea6b2fae228ae46175db10a300a0aaedebfbe22
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1
7baa58dcef7e0915ca5b95703b519923ccf902c567c6c4ae58fb9a5b516e3567
7c00c6942c532aecc86522db81f50d1f97eec1effa481e2517090f6f34627038
7c45763728e602590c8b9af7e53b289720a6813359a6ca7430605cd0e3b4e495
7cde5122b3c8307bdb041016e68226472014181eeabc4346d859d8dd58388732
7ced3bd2fb17d2d1f747d00f8418838e3a039f94d250e8dd7ccab5d456c2832f
7d68e1b3634db2da8c394ef1754ae0bb9e0fe14e550643e0b913464ce66ba6ac
7d829d2d844dc38695405989060d5cd8860790f0d8dce4086d7bed317cd2f3b2
7dc50716723eb12ba92695f77b6aec2c18621b2126c280a6fd27d1f124af1d64
7ecb84239efee9e3a2b1aeb935c714f19074d8c5cc36eca3cff464bb9ffc7539
7f99ccc181f7410ffa22bd5032bc00dc72fd7baa90ed8bea13dda0fef07f39d1
80285dfd3fe73b3736d5c9f1565b45e47543dddddce2d54c47093db9dbae0a43
8079aac05b64e3fceb9ed1927812b4b1883dfe0ac38f36f03ebc3fa1a609b767
8133bf08d9f33d3371c8cbc9eee39dd5f34736630529a87bf0a50661f6200164
81913b559dbc7f44bbc3f0ec1a8cfffeab10d3cda1b4cd1557cb13d9e10caa8b
82a0f42a40f4bcd71f5dc49c6cdb53a34a0d3a9b02c010e316a564fbe3f8cf75
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82e47ae45ab0b917e4c7aeb06b03cd7e7e2d1c9a211cf368fbcee990d60a2554
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8465cbf5bc8b82a9666d40a357bab3a016290618bba93e588929d884b3ae832a
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
857232916c342d27e46f6f6ef2c5094ebbec6f78ea57f416a803557cecf360be
86bd9f21bb4a8221fad8dd07771e0ae79c80c4b58e833f9386281040ac64c32d
86ec23821217734d74230a6907152bdaf190cfe1f1c6b3490c6ad76d902727a6
86f469e31208c8995270acc9ada2cd30b3e2863639219fa035049473e68c3d59
871ca36fbdb08ee5eb9fb51a75d21425169a3b149ac1f85656049511e414c15e
877214c78908383addcd126a4bafd538cc8830b6a391e66ff4133f30ad0485a5
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
881b22fde3e0c3463368405dc47ef75452941e393a238792b6594d357881749e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a00ac8a5c7143c96bd8dc1fb358903c7cb48345d0bc4acc45188e531595cba2
8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579
8aef8315d84690999651613abd0bf0365f36ad1f8659afc708fea1632ab5d51f
8afb7b16db12143090af897471534a4798ff7e1977711c8b631eaa9b87197418
8b4d701920988ac424209a3d0a821ff0064b11d2119843eb4ec8d6ff6cde6096
8c868b6331566666986f143b143caefa9f86ff0870e7c26d267f888a6357ecfd
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8e0eeaaec387f5614f5e60a0641d10674c6c849916deb3c401b09e5c20d74e94
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8ea1003e256bc3963a0bed50a6f83993ef867fde2294e1a8020e886327319a9f
8eaf1ea51b2a9c5044e0a54508da7babb470ae065bea3c756e9805ca695695b3
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f8c90f6ab1351ea62aa2811d8662e81ad7e018891aa3ce280ea46143490cd98
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
90abdccf7edd3fc5c6ca012e94b188de62c1282c19d1c12d594acf64a8351f9b
90f31404d7be81252fe796c64884d0f8a842e8cd5048594ce698f5b92d6688ab
913d38380db416080920f675f8e314314c00480f2eebb7733ba247dff8b89570
9163a9e397d818cd252d74c78be9e5a8dde68c72cabde38dd2a8c47c8c611f59
919d6302cf2d1ea3b314d0e0c8dfcbf8522d939c56386fd03d233385453016c9
92627de3f8247ba3779c04c97da834843cd2ce0f9b8bcbc90d5de669286c1812
928d1c50f77d48e64b3461df0c194a81711c6528588849fc99710f96541cc51d
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d
93333b694a5fd2636ee7cef4db9507f215b598af30400008adcf36a348e76d31
939b2d0ac65070b34012066316e63d37f2a9ba1cfa63111f6c174f4750745f40
94085fa1f31e00d176236ebadfa2858f58fd104fbb32aa43e252347511c47641
943582e8101110fc486573c3383e7c0f0a3ed4cb21f8a8257341e59bb4243d9d
94f59a48294d99f8d9b7632cd5a1742670c7735fe37ec7c555aab939b635fdde
9527e66c27c555b138b1ee07509481cbb4068f4878b76515fd778f9c27b02e46
9677bd3bf16130b10555776143faa7ced51a52370ead1dc179fe2d125ee0ae7a
96ef0a27fb2a76f331f10aee91d770a435b441bf158aa4f97d37e5dfc8c684ea
97e016f14311d762c780843c6e958ce954ddd0255dc5ae23cf301c6324efd04b
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bea9774a7c2714797d8f83a8f4381ec099fc8a09464aa91c7568507c0d15e65
9cbe332b08eba53d8ebc2ba291bd763b74cd6eef267bfa81d74a1a6ce89afd71
9d3889e9ff7a755ef2eb6446d73279f2382d2fe6ea2ecb2827cffef9029de170
9d484e0bc43c2fe1616f13be7286217a719cc4f38162595166ff05fe55bd08d5
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
9e69f5fc00bc8a4343aaa025e8c9ce3345ef0ddc644e5e06f5b91dcb1c0c3c36
9f9d037794af2cbf8d8d010fd3420933bdddc45ede8028ddc13a357c074c5593
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1749f37e3d13616a0d9b346b2da534229874292fa2e480d7c52bb3082c8fe0d
a2a266e9cfe3f048c6f45f4a90e799657c2f814e34de1e898d3b689f7f68e02b
a2dd9aedcd7ec64cdbeea19974bc3740698aeaae2d0652ea72ac0cfd190cb8d6
a2e772df48664b17e0007d15a00b973f070c0106769fc4aa30b78f89d3455fd5
a5dabed54019cdc6c9853772ab679ba81d4e1d4e560d7dbe585d0cb5d77b2548
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6cf3bf775d68a1ca2cf2017fab25029316f54d60457afad1afcc3f38bb98d41
a70b348fae8d26cd3fb5ee58ebb8e93f916f699ab73827d3693d41736c2672b5
a779f8e26b6638a5795fdee676e5d66238e3f8aae52a5aed5748b29c7672d39a
a9daaba14208d4a11facc1c74d4fac2717864aedd04b68d1f3076ffee8863c41
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa4c0bd79e703c76a78d6f787f26f5beaa7a9460b576beab23cd67264979b73f
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee504b4792486b45560f2797f6dca35dd3ccde72ab406bcf564766b07fb4bd9
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
aff06b6ec4bffd9aebc190af0ce7b5398345a2cd7df2bf7772e3fdd51e2d8d1a
b0a76f558c9fc5286ccba192d48da170b1917343ee641cfd4dcbfe7b3237a4ad
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b2239a36b676f56ac4569b253bebe7fd244c22f91c76cee060640386cb16020d
b244fbd7376d39eedb06c118d4a920101225e65df0f2878ad4e536db1631ee86
b30d4e5704f221c1bdfe62c6a7daff1b63eec071f9a4477dedaa78b12c9c70d0
b52c4e22ceba834273a23ce791d48072acd76f715530c0db5830623eb5d7132b
b5f56205efa5856e2a0ccdd5b0f989f7f12a45daf61347d5238be6ed0e2fc39e
b8d8491b99fad80d013575d765ac083fff34650d565af6d87e6e698232323c95
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9
ba381e54279a07776f1bf69131b32f3958acdff2e2b37334dced95c4e0dedc50
bacf10be287484639ef5ecf34abfb3bebeb79dcdba797a5339d59428d2ff14be
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc9fc5baf2288fa612673bdbb57268f705d5e3d2dedb0509089e6858fc10b136
bcfbab9fd00258a8a7a78fb08e87e31df1108c7db3947dee810a8116d2559ce4
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c2185bec7021207aafdae627f04944bdf4da8c35d27a54c0dce4ffad77259083
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c249a9f6d1d169a2e273b49cfa2103b9d1e8acfad451b1aa342ecd3f32f6611a
c2636d239c265a5656677b6ed3f842f55edaf2040281669bcf3d173c8fbf4e3f
c2d1946cab10182e8a80eec47ae0c2023cffa0fc715b041d53f1cd4e2ec679c8
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c32d1929b26bd7d736ea97b24d06b86c96a77a0158160f46bfd2cf95ecaa0c3f
c465bda13b6603e33307b4f9b986e1393320ae5411bc35cb2f914b39ec85643e
c4a478f209dddd433c1849f661b71160f14ad996c9c075e5f4b7fbeb21d1bf0f
c4aa4fa2ccc0d3a4efcae63c95f5343d5e0841e86711fcc4bc48506fa89732a1
c6d63f57873a8f1641f2fdf04519a3d12c119253d83415f4af9e37c7985af309
c73375eb59df657ad502e98ba1d00c19cff4db28839900fc20b2b2d54bc79c5d
c7815956f16d7e968096f1ecbe61ee7c97147e8c5538fad6d99224bb8a6980c8
c8bf555039a25ddd0b8db4e0e409887bbfdd4e3b34aa13421fec724b0b9beb00
c8d68594aec4a7ef1a985a169b0379c194160d65cd4b78b961508094bfd139fc
c8ff3d0e54cc92d06d99f48717483cd782d2a289553cd414a0326e1ba2288a6e
c9066107ae3bca7d986d94311fc534c472a7aae6f7f53eeff674454fac46a958
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc64f649adfa3906a1b2067dcb6eba81b1b28c474cb1376ffd3d0ab9e6c71842
cd6b7a9eba18dcbe5574a126d7474cd7d2581b9683e7a681722acb5328ecd179
cd9f1e240cea795fe86e179300d6d718de0370f0137c3e69250bb2ecb0bcdeee
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2
d4dd9dbc6099790b3a3807c15f4ef9b8e71cab2a4a646e256b47248a8c430d09
d5be0b1f64463b905aaecaaaa6e61ffaadbd734cecca5edb16464bf5058068a6
d6984c1810bcb9d05f07fdee0cbb8b874b3e9c93c77d6af9d56db8d73454bc58
d9020a9e8ca290ab222d60df4b49824ea317eeea5fbe020caea10fbc9f682edb
dc870500192cede964fc31b5b13f0d4c946798a7cda089f6677df08711cb40c5
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0fc75c305f7913bfa27f6363972a0beb24f896a201bac6edc96fff936a0dadb
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e2c8dd889642487e976b8f78f3640dbe7ced0ad48112b972c21dd41f3617f09a
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e571945dec453fbc4c8177ad3af3f176dc562cf51fe40a10529b69e0b2b1e577
e6626ea6ce5d5211599e4c7c98959a18c840cf95f78c5e42bfb1ec92c9dad6b5
e682cb3815f258c7b53e5d8a70696c3c6296db1b37a04a9718052195063bfa16
e69bbb9d255e0800f75b87ed45302ff6dce75e08aa1223ec1e59ed6058cc3839
e81c9ada7ba39df6c7a207b6ec9fb73bdfcda1f76742a841929411e3a9e967b4
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874
ea457821c5f3286e405d0a1a2e22070d8f0b07c9f86e7299ebb94edda524f900
eaef5512d357749b8b67afcbc14f1f8142782d78b2bc63a45a3743b724499296
ebc33e3ae327481cd8a693113493a76dd99680fd4746dd985c7568f8dc4ee272
ec1589cc7b416685717b86224f14a24c760d1f214c9849516141611c1646b6c8
ecdfa400855d3a2942065b7b7036b020e66d61547a26465637598a2078d46612
edec3ea3c17d9fb266993c5c5088d3c4b1a13a7d54d745b4b36d8134cf6697f9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa4025d1f80af52b3bde5aa3427b3080f231ca54e50315b386833bd58f4d5b4
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02
f015707db8b8dcfa10523f5dc3c1a93958c6a1091afe03404ed220b06ac2c981
f0f00803808e1a373712079bd65cdee2b7941c5b3d6f59a3ef2344255a790934
f246699e0fe6c4060af41310ef3616b4185c8c819ba4f91588776063205ba75b
f2aecf20364a85727f8f54a277dd85b07da86dfe3e138fd8474181acf2a10c35
f34c35894dbb7cd3dece2a08634f138ff2f201ea2261fbd4bff57e2d5e2a3fc9
f41cb22f351b579a92ce50fa657167533a58bf918469869e71092fdba2ae2b95
f4d13b7d23b27132ab1bd5d9ac27992b12fa8a87da85b897f2fbbce5c2a1e55e
f5428d1ef9d83754dce94a68d89cfd445ee439f51872b5c6d687b646e40c6f58
f55c81bdb3f78501328d113278a91beca92f5743976b7df7f57f1a6c20c8cb9f
f66993c077f1c11da8528e4cfcc3457376059c789260fa56b5e7d101652f87ea
f6b6de99d9dca003b0a92ea48e892cf1a0cf2d5e4bf36d8d639795f0e228c964
f7addfd87b1d5a526dafe6a4dc5030b68fde7c154ce070d3e6decc7a74c61215
f826f59070a141c3599d0b89ee2683cb7bf9527dd350a227096f62f45f9144fa
f84636fe8d38422e6828e8904c784ea4e60fd000c47c61be751f47b20953541d
f9193e6b389c5ad73f4c1711e2387ef82136b76e08c206e2dcc830e1acaf91d4
f9b33c7f847a906acdd8fab2a2f992a5517bf1ee3e705910af98b4d76bb77c03
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f
fc81f0880968fe947bc60e44051dfcdf4f4a6c7153ac0985367712802730b68c
fd86068daf47b13260c5f4ff5bab4ef24d84c6f8b2ef09dce47993196e396e2c
fdbfddeacca164c72809d65be2542f9f24f541d226871af20ae1b11681c1ab49