Submitted URL: http://www.congreso-hidalgo.gob.mx/urls/6jq
Effective URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Submission: On July 02 via manual from US

Summary

This website contacted 127 IPs in 11 countries across 99 domains to perform 447 HTTP transactions. The main IP is 151.101.113.132, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.refinery29.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2020 on March 22nd 2021. Valid for: a year.
This is the only time www.refinery29.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 187.210.168.163 8151 (Uninet S....)
27 151.101.113.132 54113 (FASTLY)
2 151.101.13.132 54113 (FASTLY)
1 13.224.193.129 16509 (AMAZON-02)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
8 35 2.18.234.21 16625 (AKAMAI-AS)
1 129.213.193.172 31898 (ORACLE-BM...)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.224.194.214 16509 (AMAZON-02)
2 4 52.48.137.92 16509 (AMAZON-02)
1 151.101.14.137 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 18.235.17.58 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 104.111.232.26 16625 (AKAMAI-AS)
5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 52.44.237.179 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
7 216.58.212.162 15169 (GOOGLE)
15 54.91.110.216 14618 (AMAZON-AES)
1 34.203.187.185 14618 (AMAZON-AES)
23 2.16.186.139 20940 (AKAMAI-ASN1)
7 14 13.248.242.197 16509 (AMAZON-02)
2 34.120.133.55 15169 (GOOGLE)
7 2.18.233.180 16625 (AKAMAI-AS)
3 3 2.19.35.65 16625 (AKAMAI-AS)
6 104.109.78.125 16625 (AKAMAI-AS)
2 4 52.28.254.214 16509 (AMAZON-02)
13 213.19.147.43 26120 (RHYTHMONE)
4 185.64.189.112 62713 (AS-PUBMATIC)
7 35.244.159.8 15169 (GOOGLE)
3 185.94.180.123 35220 (SPOTX-AMS)
5 23.37.38.181 16625 (AKAMAI-AS)
27 34 142.250.185.98 15169 (GOOGLE)
3 6 52.46.130.13 16509 (AMAZON-02)
1 34.254.147.143 16509 (AMAZON-02)
1 1 54.74.23.153 16509 (AMAZON-02)
3 2606:4700:303... 13335 (CLOUDFLAR...)
3 63.251.232.170 29791 (VOXEL-DOT...)
5 34.202.70.106 14618 (AMAZON-AES)
1 69.173.144.138 26667 (RUBICONPR...)
4 185.64.190.78 62713 (AS-PUBMATIC)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 6 185.29.135.234 30419 (MEDIAMATH...)
4 4 2620:116:800d... 16509 (AMAZON-02)
6 8 37.157.2.235 198622 (ADFORM)
1 2a00:1450:400... 15169 (GOOGLE)
6 6 66.155.71.25 13768 (COGECO-PEER1)
1 35.241.40.233 15169 (GOOGLE)
2 2 54.236.220.178 14618 (AMAZON-AES)
4 4 213.155.156.167 1299 (TELIANET ...)
1 45 185.64.190.80 62713 (AS-PUBMATIC)
2 178.250.0.163 44788 (ASN-CRITE...)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
4 8 54.246.13.173 16509 (AMAZON-02)
2 2 162.55.6.212 24940 (HETZNER-AS)
6 6 213.19.147.44 26120 (RHYTHMONE)
2 2 87.98.252.5 16276 (OVH)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 198.148.27.140 19189 (PULSEPOINT)
2 2 2a04:4e42:3::300 54113 (FASTLY)
2 199.232.137.44 54113 (FASTLY)
6 185.64.190.81 62713 (AS-PUBMATIC)
4 5 54.38.38.194 16276 (OVH)
2 2 18.198.69.109 16509 (AMAZON-02)
1 3 159.253.128.188 36351 (SOFTLAYER)
8 12 185.33.220.241 29990 (ASN-APPNEX)
3 2a00:1288:110... 34010 (YAHOO-IRD)
5 6 3.126.56.137 16509 (AMAZON-02)
5 5 151.101.14.49 54113 (FASTLY)
8 8 52.58.55.232 16509 (AMAZON-02)
1 1 51.75.146.160 16276 (OVH)
4 5 2001:678:cb4:... 56396 (TURN)
1 3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 159.65.196.12 14061 (DIGITALOC...)
2 2 34.98.107.212 15169 (GOOGLE)
4 6 185.33.221.89 29990 (ASN-APPNEX)
2 2 34.251.173.19 16509 (AMAZON-02)
3 169.197.150.8 398989 (DEEPINTENT)
1 2 35.227.248.159 15169 (GOOGLE)
2 2 3.66.135.160 16509 (AMAZON-02)
1 1 34.204.19.158 14618 (AMAZON-AES)
1 38.27.122.126 174 (COGENT-174)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 54.78.254.47 16509 (AMAZON-02)
1 1 34.239.198.206 14618 (AMAZON-AES)
6 2.18.234.190 16625 (AKAMAI-AS)
2 3 52.30.140.199 16509 (AMAZON-02)
1 23.55.161.154 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 2.18.232.28 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 70.42.32.95 22075 (AS-OUTBRAIN)
4 23.55.161.136 20940 (AKAMAI-ASN1)
1 184.73.29.148 14618 (AMAZON-AES)
3 23.55.161.155 20940 (AKAMAI-ASN1)
2 23.55.161.165 20940 (AKAMAI-ASN1)
1 151.101.114.132 54113 (FASTLY)
3 2a02:26f0:120... 20940 (AKAMAI-ASN1)
1 64.74.236.159 19024 (INTERNAP-...)
8 96.16.110.34 16625 (AKAMAI-AS)
1 3 65.9.77.69 16509 (AMAZON-02)
8 62.149.0.72 15497 (COLOCALL ...)
4 5 185.94.180.125 35220 (SPOTX-AMS)
1 35.244.174.68 15169 (GOOGLE)
4 2600:9000:210... 16509 (AMAZON-02)
4 213.174.135.2 39572 (ADVANCEDH...)
1 2a0c:5c81:513... 55081 (24SHELLS)
5 23.227.137.155 55081 (24SHELLS)
2 213.174.135.1 39572 (ADVANCEDH...)
1 1 51.68.39.188 16276 (OVH)
1 18.208.241.4 14618 (AMAZON-AES)
4 2a0c:5c81:514... 55081 (24SHELLS)
1 3 2a02:2638:1::13 44788 (ASN-CRITE...)
2 34.249.31.122 16509 (AMAZON-02)
2 178.250.2.146 44788 (ASN-CRITE...)
1 64.202.112.191 23352 (SERVERCEN...)
1 213.19.162.31 26667 (RUBICONPR...)
1 185.184.10.30 203690 (RTB-HOUSE...)
3 52.28.203.152 16509 (AMAZON-02)
1 185.255.84.150 200271 (IGUANE-)
2 178.250.2.131 44788 (ASN-CRITE...)
1 72.251.249.14 29791 (VOXEL-DOT...)
2 51.89.9.253 16276 (OVH)
1 18.156.99.44 16509 (AMAZON-02)
1 185.184.8.65 204995 (RTB-HOUSE...)
4 18.157.50.45 16509 (AMAZON-02)
1 1 3.91.110.183 14618 (AMAZON-AES)
1 1 54.86.120.215 14618 (AMAZON-AES)
1 69.173.144.139 26667 (RUBICONPR...)
1 2.18.232.130 16625 (AKAMAI-AS)
1 8.43.72.97 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.200.170.47 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 88.99.165.19 24940 (HETZNER-AS)
2 2a02:2638::3 44788 (ASN-CRITE...)
1 4 138.201.84.252 24940 (HETZNER-AS)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
1 1 13.224.193.44 16509 (AMAZON-02)
1 88.99.70.21 24940 (HETZNER-AS)
1 51.89.7.110 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
447 127
Apex Domain
Subdomains
Transfer
67 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
aud.pubmatic.com
99 KB
43 doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
pubads.g.doubleclick.net
googleads.g.doubleclick.net
285 KB
35 casalemedia.com
ssum.casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
37 KB
29 ex.co
player.ex.co
prd-collector-anon.ex.co
mcd.ex.co
1 MB
27 aniview.com
player.aniview.com
track1.aniview.com
premiumsrv.aniview.com
sync.aniview.com
go1.aniview.com
389 KB
27 refinery29.com
www.refinery29.com
679 KB
19 adnxs.com
ib.adnxs.com
secure.adnxs.com
acdn.adnxs.com
16 KB
18 googlesyndication.com
pagead2.googlesyndication.com
7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com
tpc.googlesyndication.com
109 KB
17 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
fastlane.rubiconproject.com
optimized-by.rubiconproject.com
pixel.rubiconproject.com
pixel-us-east.rubiconproject.com
37 KB
14 spot.im
launcher.spot.im
api-2-0.spot.im
direct-events-collector.spot.im
publisher-assets.spot.im
events-collector.spot.im
static-cdn.spot.im
pix.spot.im
110 KB
14 adsrvr.org
match.adsrvr.org
6 KB
13 1rx.io
tag.1rx.io
sync.1rx.io
4 KB
12 spotim.market
sync.spotim.market
player.spotim.market
hb.spotim.market
149 KB
12 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
c2shb.ssp.yahoo.com
8 KB
10 adtelligent.com
s.adtelligent.com
player.adtelligent.com
sync.adtelligent.com
ghb.adtelligent.com
ghb1.adtelligent.com
6 KB
10 outbrainimg.com
tcheck.outbrainimg.com
log.outbrainimg.com
images.outbrainimg.com
67 KB
10 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
firebaselogging.googleapis.com
613 KB
9 criteo.com
dis.criteo.com
gum.criteo.com
mug.criteo.com
bidder.criteo.com
3 KB
8 outbrain.com
widgets.outbrain.com
widget-pixels.outbrain.com
odb.outbrain.com
mcdp-chidc2.outbrain.com
88 KB
8 bidswitch.net
x.bidswitch.net
4 KB
8 bidr.io
match.prod.bidr.io
4 KB
8 adform.net
c1.adform.net
4 KB
8 spotxchange.com
search.spotxchange.com
sync.search.spotxchange.com
6 KB
8 crwdcntrl.net
tags.crwdcntrl.net
bcp.crwdcntrl.net
ad.crwdcntrl.net
sync.crwdcntrl.net
16 KB
7 openx.net
playbuzzltd-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
spot-im-d.openx.net
2 KB
6 sitescout.com
pixel-sync.sitescout.com
2 KB
6 mathtag.com
sync.mathtag.com
3 KB
6 amazon-adsystem.com
s.amazon-adsystem.com
3 KB
6 unrulymedia.com
tag.targeting.unrulymedia.com
sync.targeting.unrulymedia.com
3 KB
5 redintelligence.net
hal9000.redintelligence.net
hal900024.redintelligence.net
9 KB
5 geoedge.be
rumcdn.geoedge.be
gw.geoedge.be
215 KB
5 turn.com
ad.turn.com
r.turn.com
2 KB
5 everesttech.net
sync-tm.everesttech.net
2 KB
5 onaudience.com
pixel.onaudience.com
2 KB
5 indexww.com
js-sec.indexww.com
41 KB
4 taboola.com
trc.taboola.com
match.taboola.com
1 KB
4 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
2 KB
4 de17a.com
d5p.de17a.com
1 KB
4 quantserve.com
pixel.quantserve.com
2 KB
4 google.com
adservice.google.com
www.google.com
1 KB
4 advertising.com
pixel.advertising.com
sync.adaptv.advertising.com Failed
676 B
4 avplayer.com
player.avplayer.com
atrack.avplayer.com
71 KB
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 zeotap.com
mwzeom.zeotap.com
spl.zeotap.com
1 KB
3 deepintent.com
match.deepintent.com
prebid.deepintent.com
272 B
3 dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
393 B
3 simpli.fi
um.simpli.fi
2 KB
3 exelator.com
loada.exelator.com
loadm.exelator.com
6 KB
3 adgrx.com
cm.adgrx.com
1 KB
3 ad4m.at
ad4m.at
320 B
3 rlcdn.com
api.rlcdn.com
di.rlcdn.com
335 B
3 googletagservices.com
www.googletagservices.com
89 KB
2 tidaltv.com
sync.tidaltv.com
828 B
2 criteo.net
static.criteo.net
53 KB
2 onetag-sys.com
onetag-sys.com
1 KB
2 creativecdn.com
prebid-us.creativecdn.com
prebid-eu.creativecdn.com
357 B
2 revcontent.com
trends.revcontent.com
269 B
2 ytdeliver.com
p.ytdeliver.com
14 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 w55c.net
pm.w55c.net
2 KB
2 tapad.com
pixel.tapad.com
614 B
2 gumgum.com
rtb.gumgum.com
671 B
2 playground.xyz
ads.playground.xyz
735 B
2 bidtheatre.com
match.adsby.bidtheatre.com
1 KB
2 contextweb.com
bh.contextweb.com
924 B
2 erne.co
green.erne.co
651 B
2 loopme.me
csync.loopme.me
415 B
2 adition.com
dsp.adfarm1.adition.com
1002 B
2 extend.tv
sync.extend.tv
1 KB
2 2mdn.net
s0.2mdn.net
33 KB
2 google-analytics.com
www.google-analytics.com
19 KB
2 cookiebot.com
consent.cookiebot.com
93 KB
1 id5-sync.com
id5-sync.com
536 B
1 contentspread.net
cdn.contentspread.net
44 KB
1 smaato.net
s.ad.smaato.net
426 B
1 google.be
adservice.google.be
165 B
1 advangelists.com
nep.advangelists.com
232 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
375 B
1 360yield.com
ice.360yield.com
517 B
1 lijit.com
ap.lijit.com
759 B
1 omnitagjs.com
hb-api.omnitagjs.com
727 B
1 zemanta.com
b1h.zemanta.com
124 B
1 nrich.ai
dsp.nrich.ai
489 B
1 ipredictive.com
sync.ipredictive.com
522 B
1 bnmla.com
match.bnmla.com
112 B
1 stackadapt.com
sync.srv.stackadapt.com
651 B
1 rqtrk.eu
ws.rqtrk.eu
516 B
1 brand-display.com
dmp.brand-display.com
253 B
1 gstatic.com
fonts.gstatic.com
15 KB
1 adroll.com
d.adroll.com
112 B
1 demdex.net
dpm.demdex.net
1 playbuzz.com
cdn.playbuzz.com
18 KB
1 cloudfront.net
d5i9o0tpq9sa1.cloudfront.net
523 B
1 googletagmanager.com
www.googletagmanager.com
275 B
1 gscontxt.net
vmg-ash.gscontxt.net
1 KB
1 viceops.net
vice-staging-web-statics-cdn.viceops.net
2 KB
1 vice.com
vice-web-statics-cdn.vice.com
54 KB
1 congreso-hidalgo.gob.mx
www.congreso-hidalgo.gob.mx
395 B
447 99
Domain Requested by
34 cm.g.doubleclick.net 27 redirects u.openx.net
googleads.g.doubleclick.net
7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com
31 simage2.pubmatic.com 1 redirects ads.pubmatic.com
www.refinery29.com
27 www.refinery29.com www.refinery29.com
23 mcd.ex.co player.avplayer.com
18 dsum-sec.casalemedia.com 4 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
googleads.g.doubleclick.net
15 track1.aniview.com www.refinery29.com
player.aniview.com
14 image2.pubmatic.com ads.pubmatic.com
14 match.adsrvr.org 7 redirects js-sec.indexww.com
ssum.casalemedia.com
u.openx.net
ssum-sec.casalemedia.com
7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com
player.spotim.market
12 ib.adnxs.com 8 redirects player.spotim.market
p.ytdeliver.com
ssum-sec.casalemedia.com
googleads.g.doubleclick.net
10 pagead2.googlesyndication.com srcdoc
securepubads.g.doubleclick.net
rumcdn.geoedge.be
tpc.googlesyndication.com
www.refinery29.com
7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com
9 tag.1rx.io player.aniview.com
8 images.outbrainimg.com
8 x.bidswitch.net 8 redirects
8 match.prod.bidr.io 4 redirects ads.pubmatic.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
8 c1.adform.net 6 redirects ads.pubmatic.com
8 ssum-sec.casalemedia.com 3 redirects ssum.casalemedia.com
js-sec.indexww.com
ssum-sec.casalemedia.com
7 ads.pubmatic.com player.aniview.com
ads.pubmatic.com
launcher.spot.im
6 tpc.googlesyndication.com rumcdn.geoedge.be
6 secure.adnxs.com 4 redirects acdn.adnxs.com
ssum-sec.casalemedia.com
6 ups.analytics.yahoo.com 5 redirects ssum-sec.casalemedia.com
6 pixel-sync.sitescout.com 6 redirects
6 sync.mathtag.com 6 redirects
6 s.amazon-adsystem.com 3 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
6 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
rumcdn.geoedge.be
5 hb.spotim.market player.spotim.market
5 sync.search.spotxchange.com 4 redirects
5 widgets.outbrain.com www.refinery29.com
widgets.outbrain.com
5 sync-tm.everesttech.net 5 redirects
5 pixel.onaudience.com 4 redirects ads.pubmatic.com
5 sync.aniview.com ssum.casalemedia.com
player.aniview.com
5 htlb.casalemedia.com player.aniview.com
player.spotim.market
5 securepubads.g.doubleclick.net www.googletagservices.com
www.refinery29.com
securepubads.g.doubleclick.net
5 player.aniview.com player.ex.co
player.aniview.com
static-cdn.spot.im
5 prd-collector-anon.ex.co player.ex.co
5 js-sec.indexww.com vice-web-statics-cdn.vice.com
player.aniview.com
ssum-sec.casalemedia.com
4 hal900024.redintelligence.net 1 redirects 7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com
rumcdn.geoedge.be
hal900024.redintelligence.net
4 optimized-by.rubiconproject.com player.aniview.com
4 sync.adtelligent.com s.adtelligent.com
www.refinery29.com
rumcdn.geoedge.be
4 rumcdn.geoedge.be launcher.spot.im
rumcdn.geoedge.be
player.spotim.market
www.refinery29.com
4 sync.spotim.market ads.pubmatic.com
4 api-2-0.spot.im launcher.spot.im
4 ad.turn.com 4 redirects
4 image4.pubmatic.com ads.pubmatic.com
4 sync.1rx.io 4 redirects
4 d5p.de17a.com 4 redirects
4 pixel.quantserve.com 4 redirects
4 imasdk.googleapis.com player.aniview.com
4 image6.pubmatic.com ads.pubmatic.com
4 hbopenbid.pubmatic.com player.aniview.com
player.spotim.market
4 tag.targeting.unrulymedia.com player.aniview.com
4 pixel.advertising.com 2 redirects player.aniview.com
4 bcp.crwdcntrl.net 2 redirects www.refinery29.com
tags.crwdcntrl.net
3 c2shb.ssp.yahoo.com player.spotim.market
3 gum.criteo.com 1 redirects static.criteo.net
3 ghb.adtelligent.com p.ytdeliver.com
player.spotim.market
3 player.spotim.market www.refinery29.com
player.spotim.market
3 sb.scorecardresearch.com 1 redirects widgets.outbrain.com
3 static-cdn.spot.im launcher.spot.im
3 publisher-assets.spot.im launcher.spot.im
3 pr-bh.ybp.yahoo.com ads.pubmatic.com
ssum-sec.casalemedia.com
3 um.simpli.fi 1 redirects ads.pubmatic.com
3 adservice.google.com imasdk.googleapis.com
rumcdn.geoedge.be
3 cm.adgrx.com ssum.casalemedia.com
ads.pubmatic.com
3 ad4m.at ssum.casalemedia.com
ads.pubmatic.com
3 search.spotxchange.com player.aniview.com
3 secure-assets.rubiconproject.com 3 redirects
3 ssum.casalemedia.com 1 redirects player.aniview.com
3 www.googletagservices.com player.ex.co
securepubads.g.doubleclick.net
rumcdn.geoedge.be
3 atrack.avplayer.com www.refinery29.com
2 sync.tidaltv.com 2 redirects
2 static.criteo.net player.spotim.market
static.criteo.net
2 googleads.g.doubleclick.net rumcdn.geoedge.be
2 7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com securepubads.g.doubleclick.net
rumcdn.geoedge.be
2 onetag-sys.com p.ytdeliver.com
2 bidder.criteo.com player.spotim.market
p.ytdeliver.com
2 mug.criteo.com www.refinery29.com
2 trends.revcontent.com player.spotim.market
2 prebid.deepintent.com player.spotim.market
2 sync.crwdcntrl.net 2 redirects
2 p.ytdeliver.com rumcdn.geoedge.be
p.ytdeliver.com
2 firebaseremoteconfig.googleapis.com vice-web-statics-cdn.vice.com
2 firebaseinstallations.googleapis.com vice-web-statics-cdn.vice.com
2 mwzeom.zeotap.com www.refinery29.com
ads.pubmatic.com
2 uipglob.semasio.net 1 redirects www.refinery29.com
2 visitor.fiftyt.com 2 redirects
2 pm.w55c.net 2 redirects
2 pixel.tapad.com 1 redirects ads.pubmatic.com
2 simage4.pubmatic.com ads.pubmatic.com
2 rtb.gumgum.com 2 redirects
2 ads.playground.xyz 2 redirects
2 match.adsby.bidtheatre.com 2 redirects
2 pubmatic-match.dotomi.com ads.pubmatic.com
2 loada.exelator.com 2 redirects
2 match.taboola.com ads.pubmatic.com
2 trc.taboola.com 2 redirects
2 bh.contextweb.com 2 redirects
2 s.tribalfusion.com ads.pubmatic.com
2 a.tribalfusion.com 2 redirects
2 green.erne.co 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 csync.loopme.me 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 dis.criteo.com ads.pubmatic.com
2 sync.extend.tv 2 redirects
2 us-u.openx.net u.openx.net
2 eu-u.openx.net u.openx.net
2 pubads.g.doubleclick.net imasdk.googleapis.com
2 s0.2mdn.net imasdk.googleapis.com
2 api.rlcdn.com js-sec.indexww.com
player.spotim.market
2 www.google-analytics.com www.refinery29.com
2 consent.cookiebot.com vice-web-statics-cdn.vice.com
consent.cookiebot.com
1 pix.spot.im launcher.spot.im
1 firebaselogging.googleapis.com vice-web-statics-cdn.vice.com
1 id5-sync.com player.spotim.market
1 cdn.contentspread.net hal900024.redintelligence.net
1 s.ad.smaato.net 1 redirects
1 r.turn.com 7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com
1 hal9000.redintelligence.net rumcdn.geoedge.be
1 gw.geoedge.be rumcdn.geoedge.be
1 www.google.com rumcdn.geoedge.be
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 adservice.google.be rumcdn.geoedge.be
1 pixel-us-east.rubiconproject.com
1 acdn.adnxs.com p.ytdeliver.com
1 pixel.rubiconproject.com www.refinery29.com
1 nep.advangelists.com 1 redirects
1 beacon.lynx.cognitivlabs.com 1 redirects
1 prebid-eu.creativecdn.com p.ytdeliver.com
1 ice.360yield.com p.ytdeliver.com
1 ap.lijit.com player.spotim.market
1 spot-im-d.openx.net player.spotim.market
1 ghb1.adtelligent.com player.spotim.market
1 hb-api.omnitagjs.com player.spotim.market
1 prebid-us.creativecdn.com player.spotim.market
1 fastlane.rubiconproject.com player.spotim.market
1 b1h.zemanta.com player.spotim.market
1 go1.aniview.com player.aniview.com
1 player.adtelligent.com player.spotim.market
1 dsp.nrich.ai 1 redirects
1 spl.zeotap.com 1 redirects
1 s.adtelligent.com rumcdn.geoedge.be
1 di.rlcdn.com
1 mcdp-chidc2.outbrain.com widgets.outbrain.com
1 odb.outbrain.com widgets.outbrain.com
1 events-collector.spot.im launcher.spot.im
1 direct-events-collector.spot.im launcher.spot.im
1 log.outbrainimg.com widgets.outbrain.com
1 widget-pixels.outbrain.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 launcher.spot.im www.refinery29.com
1 ad.crwdcntrl.net www.refinery29.com
1 sync.ipredictive.com 1 redirects
1 loadm.exelator.com www.refinery29.com
1 aud.pubmatic.com www.refinery29.com
1 match.bnmla.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 ws.rqtrk.eu 1 redirects
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 fonts.gstatic.com fonts.googleapis.com
1 u.openx.net player.aniview.com
1 token.rubiconproject.com www.refinery29.com
1 d.adroll.com 1 redirects
1 dpm.demdex.net ssum.casalemedia.com
1 playbuzzltd-d.openx.net player.aniview.com
1 premiumsrv.aniview.com player.aniview.com
1 cdn.playbuzz.com www.refinery29.com
1 player.avplayer.com player.ex.co
1 fonts.googleapis.com www.refinery29.com
1 player.ex.co www.refinery29.com
1 d5i9o0tpq9sa1.cloudfront.net www.refinery29.com
1 www.googletagmanager.com www.refinery29.com
1 vmg-ash.gscontxt.net vice-web-statics-cdn.vice.com
1 vice-staging-web-statics-cdn.viceops.net vice-web-statics-cdn.vice.com
1 tags.crwdcntrl.net www.refinery29.com
1 vice-web-statics-cdn.vice.com www.refinery29.com
1 www.congreso-hidalgo.gob.mx 1 redirects
0 sync.adaptv.advertising.com Failed 7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com
447 179

This site contains links to these domains. Also see Links.

Domain
www.cookiebot.com
acint.net
policies.google.com
www.adriver.ru
crimtan.com
www.admatic.com.au
admatic.com.tr
www.bannerflow.com
www.beeswax.com
www.bouncex.com
adsniper.ru
tns-counter.ru
pulsepoint.com
www.sumologic.com
eyeota.net
www.iheart.com
stripe.com
www.media.net
segmento.ru
www.outbrain.com
www.reddit.com
upravel.com
www.freewheel.com
rubiconproject.com
www.programattik.com
www.admedo.com
www.bidswitch.com
www.internedservices.nl
www.sportradar.com
www.optomaton.com
www.warnerbros.com
smartadserver.com
www.spot.im
www.tiktok.com
www.ceros.com
www.linkedin.com
www.cognitiv.ai
betweendigital.ru
www.nbcuniversal.com
sundaysky.com
vimeo.com
yandex.ru
www.commandersact.com
www.lotame.com
www.apple.com
help.mail.ru
www.quantcast.com
giphy.com
www.owneriq.com
www.improvedigital.com
policy.pinterest.com
www.nativo.com
pubmatic.com
1dmp.io
site.adform.com
adotmob.com
www.criteo.com
lemmatechnologies.com
www.amobee.com
www.tremorvideodsp.com
zetaglobal.com
www.rhythmone.com
unruly.co
triplelift.com
www.acuityads.com
getintent.com
www.adition.com
admanmedia.com
www.appnexus.com
www.mediamath.com
www.smartclip.com
www.antvoice.com
playground.xyz
travelaudience.com
www.stroeer.de
ad-sniper.com
www.thetradedesk.com
adtelligent.com
privacy.aol.com
policies.yahoo.com
adthink.com
www.home.neustar
policies.oath.com
www.aniview.com
www.facebook.com
www.scorecardresearch.com
www.bidtheatre.com
www.oracle.com
www.appier.com
casalemedia.com
www.nielsen.com
www.mgid.com
www.geniussports.com
www.adobe.com
www.directadvert.ru
www.navegg.com
us.dynadmic.com
www.eqworks.com
fifty.io
freewheel.tv
gumgum.com
www.id5.io
adelphic.com
justpremium.com
www.salesforce.com
www.sovrn.com
www.xaxis.com
moskva.mts.ru
n.rich
www.openx.com
liveramp.com
pomoc.nazwa.pl
www.semasio.com
www.sizmek.com
www.simpli.fi
www.sitescout.com
skimlinks.com
smadex.com
www.snap.com
supership.jp
soundcloud.com
www.spotify.com
www.spotx.tv
www.stackadapt.com
www.taboola.com
www.tapad.com
www.taptapnetworks.com
videologygroup.com
exponential.com
twitter.com
www.dataxu.com
weborama.com
www.zemanta.com
www.zeotap.com
bam-x.com
www.pixalate.com
www.e-planning.net
opinary.com
connectad.io
datamind.ru
amberdata.io
privacy.microsoft.com
static.beeline.ru
rktch.com
dox.sape.ru
www.vice.com
www.allaboutcookies.org
www.usarebeccabonbon.com
track.netofclicks.nl
www.hussebelux.be
trytech.me
wistjijdit.nl
lifeexact.com
www.u-flats.be
rfvtgb.worldemand.com
jump.refinery29.com
www.youtube.com
www.instagram.com
www.pinterest.com
corporate.r29.com
vice-web-statics-cdn.vice.com
company.vice.com
Subject Issuer Validity Valid
*.refinery29.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-03-22 -
2022-04-23
a year crt.sh
*.vice.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-03-22 -
2022-04-23
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2021-04-29 -
2022-05-31
a year crt.sh
*.viceops.net
GlobalSign Atlas R3 DV TLS CA 2020
2021-03-22 -
2022-04-23
a year crt.sh
consent.cookiebot.com
DigiCert ECC Extended Validation Server CA
2020-06-11 -
2022-06-11
2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-02-05 -
2022-02-09
a year crt.sh
*.gscontxt.net
DigiCert SHA2 Secure Server CA
2020-01-22 -
2022-01-21
2 years crt.sh
*.google-analytics.com
GTS CA 1C3
2021-06-07 -
2021-08-30
3 months crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2
2020-12-27 -
2022-01-28
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-05-31 -
2021-08-23
3 months crt.sh
outstreamedia.com
R3
2021-05-25 -
2021-08-23
3 months crt.sh
*.playbuzz.com
Sectigo RSA Domain Validation Secure Server CA
2021-05-13 -
2022-05-13
a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA
2021-02-23 -
2022-02-27
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2021-03-30 -
2022-04-04
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-04-01 -
2022-04-04
a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA
2021-03-01 -
2021-08-24
6 months crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA
2020-05-04 -
2022-05-09
2 years crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA
2021-06-01 -
2022-07-02
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2020-06-18 -
2021-08-17
a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018
2021-03-10 -
2022-03-29
a year crt.sh
s.amazon-adsystem.com
Amazon
2020-08-28 -
2021-08-20
a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2020-12-02 -
2022-01-02
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-08 -
2021-08-08
a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-24 -
2022-03-26
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
*.google.com
GTS CA 1C3
2021-06-07 -
2021-08-30
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-06-07 -
2021-08-30
3 months crt.sh
*.brand-display.com
GeoTrust RSA CA 2018
2020-06-24 -
2022-06-24
2 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA
2019-09-16 -
2021-09-20
2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-06-27 -
2021-09-24
3 months crt.sh
*.match.prod.bidr.io
Amazon
2021-02-26 -
2022-03-27
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-25 -
2021-12-26
a year crt.sh
*.onaudience.com
Certyfikat SSL
2021-05-28 -
2022-05-28
a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA
2019-09-18 -
2021-12-12
2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-03-29 -
2021-09-22
6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2019-06-19 -
2021-08-31
2 years crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2020-04-09 -
2022-06-08
2 years crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA
2020-10-05 -
2021-11-06
a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2
2021-01-06 -
2022-02-07
a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020
2021-03-09 -
2022-04-10
a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1
2021-06-02 -
2022-06-07
a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA
2021-05-25 -
2022-06-01
a year crt.sh
*.spot.im
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2020-11-26 -
2021-11-30
a year crt.sh
*.outbrainimg.com
DigiCert SHA2 Secure Server CA
2021-05-04 -
2022-05-09
a year crt.sh
*.scorecardresearch.com
Amazon
2021-02-28 -
2022-03-29
a year crt.sh
sync.spotim.market
R3
2021-06-05 -
2021-09-03
3 months crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018
2021-04-08 -
2022-05-09
a year crt.sh
rumcdn.geoedge.be
Amazon
2020-10-02 -
2021-11-03
a year crt.sh
player.spotim.market
R3
2021-06-28 -
2021-09-26
3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2021-06-06 -
2021-09-04
3 months crt.sh
hb.spotim.market
ZeroSSL ECC Domain Secure Site CA
2021-06-10 -
2021-09-08
3 months crt.sh
p.ytdeliver.com
R3
2021-06-07 -
2021-09-05
3 months crt.sh
*.adtelligent.com
Sectigo RSA Domain Validation Secure Server CA
2020-10-28 -
2021-11-27
a year crt.sh
sync.adtelligent.com
R3
2021-06-05 -
2021-09-03
3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2021-06-11 -
2021-09-09
3 months crt.sh
*.zemanta.com
DigiCert SHA2 Secure Server CA
2020-08-23 -
2021-09-01
a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-03-30 -
2022-04-12
a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-03-18 -
2021-09-08
6 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2021-05-24 -
2022-06-23
a year crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2021-06-14 -
2021-09-12
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
revcontent.com
Amazon
2020-07-08 -
2021-08-08
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2021-03-11 -
2022-04-12
a year crt.sh
onetag-sys.com
R3
2021-05-02 -
2021-07-31
3 months crt.sh
*.360yield.com
Amazon
2020-08-26 -
2021-09-26
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2021-03-11 -
2022-02-07
a year crt.sh
*.google.be
GTS CA 1C3
2021-06-07 -
2021-08-30
3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-03-22 -
2021-09-15
6 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-06-07 -
2021-08-30
3 months crt.sh
www.google.com
GTS CA 1C3
2021-06-07 -
2021-08-30
3 months crt.sh
protect.geoedge.be
Sectigo ECC Domain Validation Secure Server CA
2020-01-29 -
2022-01-28
2 years crt.sh
redintelligence.net
R3
2021-06-21 -
2021-09-19
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-06-27 -
2021-09-24
3 months crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-03-31 -
2022-03-31
a year crt.sh
contentspread.net
R3
2021-06-04 -
2021-09-02
3 months crt.sh
*.id5-sync.com
R3
2021-06-01 -
2021-08-30
3 months crt.sh

This page contains 81 frames:

Primary Page: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Frame ID: 59DCAE655CB7835AFAE52E82917F94B5
Requests: 168 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-PBVC7CQ
Frame ID: 673ECEDB1AAE337F3CA4FC08A206C630
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Frame ID: C6CC5DB78C8A742758FDCBAE7AEFD9FC
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241827876-980440603252-006976-004-007468%26biddername%3D1%26key%3D
Frame ID: 8D409D8BF3625F36CBB8BB5B53B94F72
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241827876-980440603252-006976-004-007468%26biddername%3D42%26key%3D&s=190719&C=1
Frame ID: 03EFD8FBAC6C0A510EFEE72534FAE4E8
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Frame ID: 1225C0B12751E99BDD36408DB2E6DC43
Requests: 3 HTTP requests in this frame

Frame: https://pixel.advertising.com/ups/58195/sync?&gdpr=1&gdpr_consent=&redir=true
Frame ID: FA40B66046EF8A16A0996D226583D086
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 88CD405B00020D73F1F858EFF4D6AFED
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Frame ID: E72C85D3DA9A7627C4293EA6C03F6876
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: AAB41C15CF18A2E3E2B4299D11F68D39
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?us_privacy=1---
Frame ID: 011480C8BD1402641BF453B1CA3EDD00
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 35A96DD75D5FC2BC15360AA5DF3278AA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: A0F730162D3AAE6FE04C7D19D9C340AA
Requests: 24 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B8B9B2B45EA7F8C4C23199DE920E1F5C
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 64496EB4634FF09744819ED8E1F42694
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F
Frame ID: B71A5503E6D4B2E162CD93A4E35EC874
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4090915419576464172
Frame ID: 461DAF955A29EF08DF0400551E72BC32
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 0080A70CD489E059D7A23BE534E3F662
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6980360503650482321
Frame ID: 35C35B4A4C72CD9D6DE59B6F71B4F526
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 39FF3991C312AB282C2528A365A6BA3A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: 508941693715C0007B75A166CCC5E411
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-948ba217-f4ad-4c93-bf1a-225c1e5e8709-003
Frame ID: E5AF1F3F881400436628596267A0E35C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: D03E209E9334EAA0EF22FABCC3910BAF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3rkDABSoVkUpFaNi2mnUXEzD
Frame ID: 9FCDA9C50CEEC11F0BA2A7FEFC7317AB
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: CB72F1AA11893E973DCBC52BBB5ABFE3
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 91BDE4C6D9D20E602F8584C494DF3D06
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=QOiE8iHiK62e&pid=557219
Frame ID: 5983A1B4326E28C1681F551DC6CA4413
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8eee6314-8b97-4315-a65a-4044c0daa0bf-tuct7d8be65&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 1007332A6B8B0E8ABDC38B7133DBF8B5
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: CA2CC245AA47145AD98FF3C6F3FEAE6A
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 22EB40FDB644033686BDF0BAAA668F32
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:DIPHcvFK1LZlDW5&gdpr=0&gdpr_consent=
Frame ID: E3ABBFDDFD64D6F8E1BECF7AEC32E8C4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vuYO9089TbdDAFR-6Y7PdVJmE2Q
Frame ID: 8AF7FFE98A0C88D2B49E686D74DECBF9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:96EAD18F3BEA46EE8F109F218D133CA5
Frame ID: 585E25F1B455D4DBDC28360A72235177
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 755992027BBFDD639CF8D5897969939F
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=5283/rand=809059940/pv=y/int=%23OpR%2350877%23total%20site%20traffic%20%3A%20www.refinery29.com/int=%23OpR%2350878%23www.refinery29.com%20%3A%20Site%20Section%20%3A%20en-us/int=%23OpR%2380091%23www.refinery29.com%20%3A%20Site%20Section%20%3A%20hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon%20%3A%20en-us/rb=%7B%22post_title%22%3A%22Hello%20Kitty%20Creator%20Introduces%20Fashion-Forward%20Pup%2C%20Rebecca%20Bonbon%22%7D/rt=ifr
Frame ID: AFA3DB7877DF82CF24F122CE33F13EA0
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 11C863969A840F34568000DDC432DDD1
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: F2605BCB7192974B6FE680B75193BB59
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 87C14246E83592ED265473267EC876AE
Requests: 24 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: E19C86E8B470BE7420F5DB7F8DAFEF2A
Requests: 46 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=572165
Frame ID: 3C6EF760E8F7BA207C85B866EA08226F
Requests: 2 HTTP requests in this frame

Frame: https://p.ytdeliver.com/prebidlink/18810/j.html?i=8201
Frame ID: C32435C6B1A6211080B86F0CAEF0A79E
Requests: 9 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=192EB506-0FDB-434D-843F-6C95D6ECF57F
Frame ID: CAFEF572AFC970C0B07D321670AF3324
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3541338219267285443
Frame ID: E4B8B8475E5120C1234E9E39256CBFCE
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 989D4553E8C4819EAF094C6490158BCB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6980360529432803473
Frame ID: 52171F0E23E03FADD4B808901D18C059
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 1430A219301DD4539C9760925227C0E0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: 80A02B4E30E1A42B9CE5BF4CD4C88D4B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-035f00be-755e-47f0-93a2-a937e68b276a-003
Frame ID: 364136F3A7B56D762040026B91388AD1
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 0DF510AC710F84243AF57B74597BC519
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3rkDABSoVkUpFaNi2mnUXEzD
Frame ID: 3CB8C9769F05412331AD62BF4E663DA1
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 84CB6BAB497595704B8747F18CA2BB3C
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 83E1882BA6FA9A1D07FB391B8F80E076
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Wrsft94G7WPx&pid=557219
Frame ID: 09DD3FBBF63ED9533C756A59A8E4FE58
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ff589604-da6b-4efa-846c-b48544e6cc32-tuct7d8be6b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: C78E571BD1B3C4904521CC118D6684A2
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=281178&extuid=192EB506-0FDB-434D-843F-6C95D6ECF57F
Frame ID: E9570CB8AD9A9609CDAD6E2CFC7920AE
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: 9FE840EC995EB00AA49E83B305C30EDF
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YN846yknIwQuo6L8HtE.OwAA%261218
Frame ID: 4E377256F224BB9478ECE011361D541B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: CE5BEC11E45392BD53F29D1223A43F2F
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Frame ID: EF96F136AF6B11F2514F6E44E3ECA600
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241836077-993474091252-026384-011-001895%26biddername%3D42%26key%3D
Frame ID: BE5708B3EAB75A04BF7ACA32546A5E30
Requests: 10 HTTP requests in this frame

Frame: https://pixel.advertising.com/ups/58268/sync?&gdpr=1&gdpr_consent=&redir=true
Frame ID: DA8B5861D1B981D183351E0BCFA61384
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1625241836077-993474091252-026384-011-001895&biddername=55&key=3977922899535124467
Frame ID: 3FDA9CC76537F26ED29AE7CF03F028DD
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1625241836077-993474091252-026384-011-001895&biddername=2&key=1a2c3b7c-db4f-11eb-ae3f-1d03a5b20306
Frame ID: 256D60CD706B397651E283B0941F90FA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241836077-993474091252-026384-011-001895%26biddername%3D1%26key%3D
Frame ID: 0FFB6CB4D85174A7EC2CE0CC1776BBBC
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1625241836077-993474091252-026384-011-001895&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
Frame ID: 50B3E1960BD2E8D59D0226638A0AE3E8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 88102BAC8E9D2C77D59C423C7E65F827
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1625241836949
Frame ID: FAC75214A100DC3D80727C5DC36231C6
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2548CA61D6BAFC3A4F6C3A328A3A2BD3
Requests: 1 HTTP requests in this frame

Frame: https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 662796085F616C3E615AC2D182FD206F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 0716CE766F2A7B362BE003DFCB3DE80B
Requests: 10 HTTP requests in this frame

Frame: https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: E4EEA3339A95442C15F88B27B6ECC151
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1210B36533EEE4D3B1886832A533CF73
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7FDBC23DDAC7AF09304D21890B289BF9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNWnb6z3N-jUKY_hzqbhxM2NUxolKcuiD1_9Cpqb5m03nlKPi5dhIx431cc2zMCRqlEMYlzWGE8FQHnzc6PtNplGGuFr89ZK5Q18EKlMIyVZRnMk515MpheBRXniZyn_YGs9tBIySPqd0-RyYnPllRU_Fl5fD1BxUQzXoNIsC-mc4hr0cUQ
Frame ID: 26E1FE831321F1A814B25FC875CC0353
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0C2FB0B087F4445F0B520840E5E214A0
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.refinery29.com
Frame ID: 9B3F94A86C402BB7B2B3704E02683BAF
Requests: 1 HTTP requests in this frame

Frame: https://hal900024.redintelligence.net/request_content.php?s=97609800117603000628852011643024&a=b151b68f
Frame ID: 8B36BC3890F0A00310A271F1318ACAED
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6B41C7B9A23A5B6F526C283E13376EAD
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: BDA315040716DD79F6ED277755B6B5EE
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Frame ID: DF51775B7294A927383F0193AEB2452E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D0EFA38B260454BA5F644AD26C021335
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.congreso-hidalgo.gob.mx/urls/6jq HTTP 301
    https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
  • script /react.*\.js/i

Page Statistics

447
Requests

99 %
HTTPS

24 %
IPv6

99
Domains

179
Subdomains

127
IPs

11
Countries

4852 kB
Transfer

11952 kB
Size

42
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.congreso-hidalgo.gob.mx/urls/6jq HTTP 301
    https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://www.refinery29.com/static/bin/entry/1ca/x/60188/rebecca-bonbon.jpg HTTP 301
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg HTTP 301
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg HTTP 301
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg HTTP 301
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg HTTP 301
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg HTTP 301
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg HTTP 301
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg HTTP 301
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg HTTP 301
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg HTTP 301
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg HTTP 301
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg HTTP 301
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg HTTP 301
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg HTTP 301
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg HTTP 301
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg HTTP 301
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg HTTP 301
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg HTTP 301
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg HTTP 301
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg HTTP 301
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg
Request Chain 28
  • https://bcp.crwdcntrl.net/5/c=5283/rand=988892634/post_title=Hello%20Kitty%20Creator%20Introduces%20Fashion-Forward%20Pup%2C%20Rebecca%20Bonbon/post_section_name=/int=www.refinery29.com%20%3A%20site%20section%20%3A%20%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=5283/rand=988892634/post_title=Hello%20Kitty%20Creator%20Introduces%20Fashion-Forward%20Pup%2C%20Rebecca%20Bonbon/post_section_name=/int=www.refinery29.com%20%3A%20site%20section%20%3A%20%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Request Chain 75
  • https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241827876-980440603252-006976-004-007468%26biddername%3D42%26key%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241827876-980440603252-006976-004-007468%26biddername%3D42%26key%3D&s=190719&C=1
Request Chain 76
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Request Chain 92
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YN845Dy1BloOg1PpevnFxgAABLUAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YN845Dy1BloOg1PpevnFxgAABLUAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDra46gBg6UbwmJrOSoZOD4&google_cver=1
Request Chain 93
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN845Dy1BloOg1PpevnFxgAABLUAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN845Dy1BloOg1PpevnFxgAABLUAAAAB&dcc=t
Request Chain 95
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YN845Dy1BloOg1PpevnFxgAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YN845Dy1BloOg1PpevnFxgAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOHWL8EbT8n-VYY7-jqafxs&google_cver=1&gdpr=1
Request Chain 97
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 121
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=90f160df-38e4-4800-8383-96241e455d63
Request Chain 122
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=y2gYr85gGf3QPU3-mWpRqpxsS_DQbxirnm7QuAyo
Request Chain 123
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=998037746419238237
Request Chain 125
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzlhYWI2MzQtY2FmYy02NDU4LTRmMGYtNTkyYmUwZjY0M2M2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzlhYWI2MzQtY2FmYy02NDU4LTRmMGYtNTkyYmUwZjY0M2M2&google_tc=
Request Chain 126
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGv4zhGALJutlmyZx-zAbt4&google_cver=1
Request Chain 127
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 131
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN845Dy1BloOg1PpevnF9wAABG0AAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN845Dy1BloOg1PpevnF9wAABG0AAAIB&dcc=t
Request Chain 132
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YN845Dy1BloOg1PpevnF9wAABG0AAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKoowimJC7vGL9nmjkWM84k&google_cver=1
Request Chain 133
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YN845Dy1BloOg1PpevnF9wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJvQCWyIMmt4X_ZE1cXFRr4&google_cver=1&gdpr=1
Request Chain 134
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1627833829
Request Chain 135
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=90f160df-38e4-4800-8383-96241e455d63&gdpr=1&gdpr_consent=
Request Chain 137
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=c208d805-7134-479b-b72c-4f52cb6d4eae
Request Chain 140
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4090915419576464172
Request Chain 142
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6980360503650482321
Request Chain 143
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCRkprN0J2bklBQURZZU54SXJQQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 144
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 145
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8275686364 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/59f9e458-333f-4515-97d2-b47fd0fdc293 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-948ba217-f4ad-4c93-bf1a-225c1e5e8709-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-948ba217-f4ad-4c93-bf1a-225c1e5e8709-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-948ba217-f4ad-4c93-bf1a-225c1e5e8709-003
Request Chain 147
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3rkDABSoVkUpFaNi2mnUXEzD
Request Chain 149
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 150
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=QOiE8iHiK62e&pid=557219
Request Chain 151
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8eee6314-8b97-4315-a65a-4044c0daa0bf-tuct7d8be65&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 152
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=q2gborRHSt6fs-68WerGjw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 153
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=90f160df-38e4-4800-8383-96241e455d63
Request Chain 154
  • https://pixel.onaudience.com/?partner=214&mapped=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=59f9e458-333f-4515-97d2-b47fd0fdc293&icm HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=bd475aa0910d396dd29e00bfafab09a2
Request Chain 155
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUI2ODFCQTItQjQ0Ny00QURFLTlGQjMtRUVCQzU5RUFDNjhG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 156
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOmnp8f3cZjEZrwz0H6pzI0&google_cver=1
Request Chain 158
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1354727252458488337
Request Chain 159
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:90f160df-38e4-4800-8383-96241e455d63&gdpr=0&gdpr_consent=
Request Chain 160
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=59f9e458-333f-4515-97d2-b47fd0fdc293
Request Chain 161
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2490000750454604952&gdpr=0&gdpr_consent=
Request Chain 163
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-A.2dPFpE2uXV_tNAMxvLvJfhZb3GD7g-~A&gdpr=0&gdpr_consent=
Request Chain 164
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YN845gACLYuSTQBg HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YN845gACLYuSTQBg&gdpr=0&gdpr_consent=&_test=YN845gACLYuSTQBg
Request Chain 165
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=WMN0qF3LdfpDliH5CsE9rQ_HJ_dDxHSsDcXJfGRv
Request Chain 166
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=609b6d99-0e04-46af-8309-54e882fc4e08&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 167
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4573237674140556129&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 169
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:6efbef11-202e-49fa-ba2f-393903e7b60a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 170
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 171
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=795841772977288598
Request Chain 172
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_a2b022ee-fe94-4465-8fd8-70dd676595c5
Request Chain 180
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 181
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:DIPHcvFK1LZlDW5&gdpr=0&gdpr_consent=
Request Chain 182
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vuYO9089TbdDAFR-6Y7PdVJmE2Q
Request Chain 183
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:96EAD18F3BEA46EE8F109F218D133CA5
Request Chain 185
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F&addseg=20
Request Chain 186
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 189
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1872ad88-db4f-11eb-ac00-09df6ac257b8&gdpr=0&gdpr_consent=
Request Chain 191
  • https://bcp.crwdcntrl.net/5/c=5283/rand=809059940/pv=y/int=%23OpR%2350877%23total%20site%20traffic%20%3A%20www.refinery29.com/int=%23OpR%2350878%23www.refinery29.com%20%3A%20Site%20Section%20%3A%20en-us/int=%23OpR%2380091%23www.refinery29.com%20%3A%20Site%20Section%20%3A%20hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon%20%3A%20en-us/rb=%7B%22post_title%22%3A%22Hello%20Kitty%20Creator%20Introduces%20Fashion-Forward%20Pup%2C%20Rebecca%20Bonbon%22%7D/rt=ifr HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=5283/rand=809059940/pv=y/int=%23OpR%2350877%23total%20site%20traffic%20%3A%20www.refinery29.com/int=%23OpR%2350878%23www.refinery29.com%20%3A%20Site%20Section%20%3A%20en-us/int=%23OpR%2380091%23www.refinery29.com%20%3A%20Site%20Section%20%3A%20hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon%20%3A%20en-us/rb=%7B%22post_title%22%3A%22Hello%20Kitty%20Creator%20Introduces%20Fashion-Forward%20Pup%2C%20Rebecca%20Bonbon%22%7D/rt=ifr
Request Chain 235
  • https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=39878&cs_ucfr=1&ns__t=1625241834857&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D39878%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DBE&c9=https%3A%2F%2Fwww.refinery29.com%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=39878&cs_ucfr=1&ns__t=1625241834857&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D39878%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DBE&c9=https%3A%2F%2Fwww.refinery29.com%2F
Request Chain 238
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D271858%2526extuid%253D%2524UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=3977922899535124467
Request Chain 239
  • https://sync.search.spotxchange.com/partner?source=211945 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=1a2c3bf5-db4f-11eb-86d4-141484330206
Request Chain 240
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP1a1e88f5-db4f-11eb-b06d-02c5fc9f2ed0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP1a1e88f5-db4f-11eb-b06d-02c5fc9f2ed0&verify=true HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-YVCXcLNE2uEtxg.M8LYrVnBnKJXG_qeA~A~UP1a1e88f5-db4f-11eb-b06d-02c5fc9f2ed0
Request Chain 241
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=1a2c3bc1-db4f-11eb-ae3f-1d03a5b20306 HTTP 302
  • https://sync.spotim.market/csync/?t=a&ep=301276&extuid=1a2c3b7c-db4f-11eb-ae3f-1d03a5b20306
Request Chain 260
  • https://c1.adform.net/serving/cookie/match?party=14&cid=192EB506-0FDB-434D-843F-6C95D6ECF57F HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=192EB506-0FDB-434D-843F-6C95D6ECF57F
Request Chain 261
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKGgwZPto8Fp7owNmgZvNPQ&google_cver=1
Request Chain 263
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=951408994814211034
Request Chain 264
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3541338219267285443
Request Chain 265
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e52960df-38eb-4a00-95db-9625d3a2bf1e&gdpr=0&gdpr_consent=
Request Chain 266
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=823f8fa7-c618-4b4b-97f6-a31c58acde0d
Request Chain 268
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2144464562938829969&gdpr=0&gdpr_consent=
Request Chain 269
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=QCaufkUur3pbI6h5F3TnfBcu_ylbJP4qQyRsmIWN
Request Chain 270
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6980360529432803473
Request Chain 271
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEbk1rN0J2bklBQURaNk5JWkNUQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 272
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3ee99065-9305-4d2d-9ad4-a465882cccea&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 273
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 274
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 275
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6684494320 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/823f8fa7-c618-4b4b-97f6-a31c58acde0d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-035f00be-755e-47f0-93a2-a937e68b276a-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-035f00be-755e-47f0-93a2-a937e68b276a-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-035f00be-755e-47f0-93a2-a937e68b276a-003
Request Chain 277
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3rkDABSoVkUpFaNi2mnUXEzD
Request Chain 278
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2144464562938829969
Request Chain 280
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 281
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_6a2a9a53-17eb-4f54-a151-eb0298946e7b
Request Chain 282
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Wrsft94G7WPx&pid=557219
Request Chain 283
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ff589604-da6b-4efa-846c-b48544e6cc32-tuct7d8be6b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 285
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GS61Bg_bQ02EP2yV1uz1fw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 286
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e52960df-38eb-4a00-95db-9625d3a2bf1e
Request Chain 287
  • https://pixel.onaudience.com/?partner=214&mapped=192EB506-0FDB-434D-843F-6C95D6ECF57F HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=8aebff32ac92360e7c9ab4865644fb9e HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=c1ea65bbb22ac0fe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d7ef4d51-34a1-4d6e-579e-3bc47f95603a&reqId=8f2a2bc9-4cea-4121-7679-aefcc3a79d38&zcluid=c1ea65bbb22ac0fe&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEPOB52EpI8VfDnynxaP-_9c&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d7ef4d51-34a1-4d6e-579e-3bc47f95603a&reqId=8f2a2bc9-4cea-4121-7679-aefcc3a79d38&zcluid=c1ea65bbb22ac0fe&zdid=1332
Request Chain 288
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTkyRUI1MDYtMEZEQi00MzRELTg0M0YtNkM5NUQ2RUNGNTdG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 290
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=192EB506-0FDB-434D-843F-6C95D6ECF57F&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YafBeklE2uV6QY_.OZXED187QW4wqS0-~A&gdpr=0&gdpr_consent=
Request Chain 291
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YN846wACLYcDBwBg HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YN846wACLYcDBwBg&gdpr=0&gdpr_consent=&_test=YN846wACLYcDBwBg
Request Chain 292
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d428f45f-a10f-43a8-b785-1a168448b744&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=302c5313-e773-454b-af56-c094c9ff95de&expires=1&user_group=5&ssp=pubmatic&bsw_param=d428f45f-a10f-43a8-b785-1a168448b744 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d428f45f-a10f-43a8-b785-1a168448b744&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 293
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6950569829880617825&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 300
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
Request Chain 306
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.refinery29.com%2F&domain=www.refinery29.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=HFaFt3x6VlkvbmdDR0txaFBBSU8ydGFZSlc3aVFqMlNsR2U5UVFBdm1nUCs5NzFKanM5aCthNERWdk55dE5NY3RSNG9yTWxiS2hCaU11NnZhR2VvZmJ4SERoOTZzbzNnN1dPN3ovU0pOb3UxT0U4YWlMOUdMM3oyamgvZXNJOHVRdHgwdnVpaFFwMVpVQnZ1M0FKenh4OTBjbHlLend2UEJFeUlGSndZbUhBNUozbXYyeU1VNTNOY1lDS0EzWldleXRSMWdERUdLZzJIaEI2Y2NFdmJEakpNOVJ4NE9XMldiREY5aGhQU1ZLblhBOVpyTUo2cDVNM1BBSkRTYTNZTDludXJ0fA&cppv=2
Request Chain 330
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
Request Chain 331
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D&s=189529&C=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YN846yknIwQuo6L8HtE.OwAA%261218
Request Chain 332
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 333
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323548&extuid=3977922899535124467
Request Chain 336
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Request Chain 339
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241836077-993474091252-026384-011-001895%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1625241836077-993474091252-026384-011-001895&biddername=55&key=3977922899535124467
Request Chain 340
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241836077-993474091252-026384-011-001895%26biddername%3D2%26key%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1625241836077-993474091252-026384-011-001895&biddername=2&key=1a2c3b7c-db4f-11eb-ae3f-1d03a5b20306
Request Chain 342
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241836077-993474091252-026384-011-001895%26biddername%3D72%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BuserId%7D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1625241836077-993474091252-026384-011-001895&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
Request Chain 349
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YN846yknIwQuo6L8HtE.OwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOtZTrmOQ1hMcx2jwuNj68I&google_cver=1&gdpr=1&google_hm=2
Request Chain 350
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YN846yknIwQuo6L8HtE-OwAABMIAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEB89Jpzt9C3A66Ldo15a39Y&google_cver=1
Request Chain 352
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN846yknIwQuo6L8HtE-OwAABMIAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN846yknIwQuo6L8HtE-OwAABMIAAAIB&dcc=t
Request Chain 354
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=8TUBqfQ9AK3qMAeupmdIq6Y9UP7qN1H98je49g8s
Request Chain 355
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=c8d2021e-6ac2-4429-a5e6-0c3a670122b3&expiration=1656777838
Request Chain 356
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-5be9be47-291e-4f75-9c32-173e0cdb202c
Request Chain 374
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=6950569829880617825
Request Chain 377
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1625328237&gdpr=1
Request Chain 379
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=6033b807-9f32-44f9-a9d7-866259b87586
Request Chain 402
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOtZTrmOQ1hMcx2jwuNj68I&google_cver=1
Request Chain 403
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YN846yknIwQuo6L8HtE.OwAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_hm=YN846yknIwQuo6L8HtE.OwAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK8cB3f2fYsLsug-60Cg3pQ&google_cver=1&google_hm=2
Request Chain 404
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOu2rtft1hIarpJUShS7pQU&google_cver=1
Request Chain 405
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk3NzkyMjg5OTUzNTEyNDQ2Nw%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk3NzkyMjg5OTUzNTEyNDQ2Nw%3D%3D&google_tc=
Request Chain 418
  • https://hal900024.redintelligence.net/request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=442dc696f4&subid=&uid=3f4ae470f3ced5d4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWIiB7TjfYMHoCci83gPevIOICbv6hIpX7Yut3P0J8C4QASCFzOYxYLn4x4DcAcgBCakCmx3TxmTVsz6oAwGqBNgBT9B07TXa719VoKvj7rfYCXLGG4fehLlptcUiGOlxgG3LCdKaibX9cB2CSpXFUdWp04_RR1TvPWjg4DSnpI1uMMnDJByOVdSlvJv7KDXE6bGtuxgyFRz3ySdYOZTF5Po_Aabht00ft8swYz2wFhV779yf5cY8S9shybf9PCQxJB9Lp0-oBY5TTw9tkM_orQ78VXPvSTBUTAmWppZvqEZCR0fiOUl3Vp3zu62AEcg_TRlOi2v1s02JYfC9OqU6U7ZcoS4f_3G1qT62FgJUKqJv5AF0T7Ncg4CRwASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTExNDczNzE1MzA5NjM4NDSACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoezRr60xV4S2i7AVEKoJiOA%26sig%3DAOD64_3HrJckP_mrsWZBTZ-_FA371kZWUA%26client%3Dca-pub-5616046187545019%26dbm_c%3DAKAmf-DXVFnWoCYQ6gpRe9ei2BQAw2jBtvmqeD-fP-lTol348aNZB63zw_yU4izMHMBv_ZTG0hM-bQ62_V3LWMTL5yVgXGltd072LxHcCjVk8F5QngxoJGZT7WIlOxWoSjY2bxtcUlEi-WX_EQcddNYc4fjzs7w95w%26cry%3D1%26dbm_d%3DAKAmf-CxtS2q4-fKfjqnmh_DEGLwVkXFoEjGbeMMd9x-tbKrrv8w0kLzXy7TFhkcUjWQHkcL0Ti7W5_iyiqTuCISC-C212Y4Dwr6zUysFz1k_mST_qS0_vldHiyKnAH4jJ7tmNKH-37ceuVIO0exp1IUJHTklIiuLtA0mkPtQJuMLpkfRKLqVZvcXf1iSJOs2XaKqEUqCdWOMPWMyw4MhbXOr19uvytKmD7HtBVCpyG2-6fMfPMZ1EOTh1AgM40k74J9tGp4iao0-zqXLYfTCVL2xA-LhttBBX4g79ZQjDYj3RIv0UYNaXIc0Im00iQVRqRZ5dnudRF7wxn7ApAUBq1PdsSWvdpG9NBEatTahIdyxpKw2yvjSndtzKjM38DKvZjP8Gku9cAFLTfgYfzRZQmOaO28ebQqkQwIpgXXmcSJAtYbLUC2kUxfFC0_ufDLtwB3M0OiFZLN%26adurl%3D&documentReferer=https%3A%2F%2Fwww.refinery29.com%2F&ancestorOrigins=https%3A%2F%2Fwww.refinery29.com%2Chttps%3A%2F%2Fwww.refinery29.com&random=5824645767016&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900024.redintelligence.net/request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=442dc696f4&subid=&uid=3f4ae470f3ced5d4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWIiB7TjfYMHoCci83gPevIOICbv6hIpX7Yut3P0J8C4QASCFzOYxYLn4x4DcAcgBCakCmx3TxmTVsz6oAwGqBNgBT9B07TXa719VoKvj7rfYCXLGG4fehLlptcUiGOlxgG3LCdKaibX9cB2CSpXFUdWp04_RR1TvPWjg4DSnpI1uMMnDJByOVdSlvJv7KDXE6bGtuxgyFRz3ySdYOZTF5Po_Aabht00ft8swYz2wFhV779yf5cY8S9shybf9PCQxJB9Lp0-oBY5TTw9tkM_orQ78VXPvSTBUTAmWppZvqEZCR0fiOUl3Vp3zu62AEcg_TRlOi2v1s02JYfC9OqU6U7ZcoS4f_3G1qT62FgJUKqJv5AF0T7Ncg4CRwASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTExNDczNzE1MzA5NjM4NDSACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoezRr60xV4S2i7AVEKoJiOA%26sig%3DAOD64_3HrJckP_mrsWZBTZ-_FA371kZWUA%26client%3Dca-pub-5616046187545019%26dbm_c%3DAKAmf-DXVFnWoCYQ6gpRe9ei2BQAw2jBtvmqeD-fP-lTol348aNZB63zw_yU4izMHMBv_ZTG0hM-bQ62_V3LWMTL5yVgXGltd072LxHcCjVk8F5QngxoJGZT7WIlOxWoSjY2bxtcUlEi-WX_EQcddNYc4fjzs7w95w%26cry%3D1%26dbm_d%3DAKAmf-CxtS2q4-fKfjqnmh_DEGLwVkXFoEjGbeMMd9x-tbKrrv8w0kLzXy7TFhkcUjWQHkcL0Ti7W5_iyiqTuCISC-C212Y4Dwr6zUysFz1k_mST_qS0_vldHiyKnAH4jJ7tmNKH-37ceuVIO0exp1IUJHTklIiuLtA0mkPtQJuMLpkfRKLqVZvcXf1iSJOs2XaKqEUqCdWOMPWMyw4MhbXOr19uvytKmD7HtBVCpyG2-6fMfPMZ1EOTh1AgM40k74J9tGp4iao0-zqXLYfTCVL2xA-LhttBBX4g79ZQjDYj3RIv0UYNaXIc0Im00iQVRqRZ5dnudRF7wxn7ApAUBq1PdsSWvdpG9NBEatTahIdyxpKw2yvjSndtzKjM38DKvZjP8Gku9cAFLTfgYfzRZQmOaO28ebQqkQwIpgXXmcSJAtYbLUC2kUxfFC0_ufDLtwB3M0OiFZLN%26adurl%3D&documentReferer=https%3A%2F%2Fwww.refinery29.com%2F&ancestorOrigins=https%3A%2F%2Fwww.refinery29.com%2Chttps%3A%2F%2Fwww.refinery29.com&random=5824645767016&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 423
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGV6WZvy7rDQGHRY3ciQ4Cg&google_cver=1&google_push=AYg5qPIwjYXypmvQB2l2-WgoVxdIftSg0F3go8obZj74kSb5hMc6zSev5Xu21lJwNWkEbOVWFGwX0f5kBxHFzW9S91NnQgGMD5U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NjkyNjkyNzAzMTM0ODU1MDQ5Nw== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELhxREj_lqrnXJChU-tK_nk&google_cver=1
Request Chain 424
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBOng4IFzXnSx7nQrQzxAqg&google_cver=1&google_push=AYg5qPK36inmZsFEQT1zIa-SM5gPkCLh6gpdhtHeJgExoYxc517sBERmchP16SmOzZQBZINP9o4KpH8ar20Jtyc8qDzpZjALoiA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBOng4IFzXnSx7nQrQzxAqg&google_push=AYg5qPK36inmZsFEQT1zIa-SM5gPkCLh6gpdhtHeJgExoYxc517sBERmchP16SmOzZQBZINP9o4KpH8ar20Jtyc8qDzpZjALoiA
Request Chain 426
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEHsyzm7m7ONnt2gD-ORaXWM&google_cver=1&google_push=AYg5qPKj8PLmstVpSGQX37o46m3Fg7CMlWFm8aEVvGbz7jVVjcj5ISmtFxLfQ_dgpPyib9awLxWgWRALLoDjoGqTA7cgSFmRGY2I HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEHsyzm7m7ONnt2gD-ORaXWM&google_cver=1&google_push=AYg5qPKj8PLmstVpSGQX37o46m3Fg7CMlWFm8aEVvGbz7jVVjcj5ISmtFxLfQ_dgpPyib9awLxWgWRALLoDjoGqTA7cgSFmRGY2I&s_h=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=MxaimmxQS3ud2C_CEClihg&gdpr=1&gdpr_consent=
Request Chain 427
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENGN72KQuVTqaIKRwgJM5h0&google_cver=1&google_push=AYg5qPIPw3O1A1BwdopdsoUMLPasdbkXQ99iRl0eQlTGvBhdLaPz2bfjL4Dk3eOde3VqGnjl97HIX5ZbyeTdKubIcTSvAGKLB_za HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENGN72KQuVTqaIKRwgJM5h0&google_cver=1&google_push=AYg5qPIPw3O1A1BwdopdsoUMLPasdbkXQ99iRl0eQlTGvBhdLaPz2bfjL4Dk3eOde3VqGnjl97HIX5ZbyeTdKubIcTSvAGKLB_za HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIPw3O1A1BwdopdsoUMLPasdbkXQ99iRl0eQlTGvBhdLaPz2bfjL4Dk3eOde3VqGnjl97HIX5ZbyeTdKubIcTSvAGKLB_za&google_hm=60lHirY6R92IceKIPqw7Qg==
Request Chain 429
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMO0O2tNNhilxXiUQA5cQwc&google_cver=1&google_push=AYg5qPKCBTbcGrVW94aExVXESn6mmGLJ_ElrP0CsDoDjAwMhjeN2NuUOps-ejccbiWlhbKG8p6VcH4fLqmZR0GD3oNAWAMBsYOc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKCBTbcGrVW94aExVXESn6mmGLJ_ElrP0CsDoDjAwMhjeN2NuUOps-ejccbiWlhbKG8p6VcH4fLqmZR0GD3oNAWAMBsYOc

447 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
www.refinery29.com/en-us/
Redirect Chain
  • http://www.congreso-hidalgo.gob.mx/urls/6jq
  • https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
114 KB
32 KB
Document
General
Full URL
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
84e5ec7f19575223d5e52b59337e0d7238c7e21af8dc4e3ec0e913a2ad759103
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.refinery29.com
:scheme
https
:path
/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
cache-control
max-age=7200
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-backend
157.52.99.68
accept-ranges
bytes
date
Fri, 02 Jul 2021 16:03:46 GMT
age
7374
x-served-by
cache-bwi5168-BWI, cache-hhn4041-HHN
x-cache
HIT, HIT
x-cache-hits
1, 1
x-timer
S1625241826.481763,VS0,VE1
vary
Accept-Encoding
x-geolocation
BE
x-country-code
BE
x-geoip-country-code
BE
x-geoip-region-code
VAN
x-ua-device
desktop
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
x-content-type-options
nosniff
set-cookie
X-GeoIP-Country-Code=BE; path=/; X-GeoIP-Region-Code=VAN; path=/;
content-length
32656

Redirect headers

Date
Fri, 02 Jul 2021 16:03:46 GMT
Server
Apache/2.4.23 (Unix) OpenSSL/1.0.2h PHP/5.5.38 mod_perl/2.0.8-dev Perl/v5.16.3
X-Powered-By
PHP/5.5.38
Location
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
vice-ad-lib.js
vice-web-statics-cdn.vice.com/vendor/ad-lib/v2.30.0/
169 KB
54 KB
Script
General
Full URL
https://vice-web-statics-cdn.vice.com/vendor/ad-lib/v2.30.0/vice-ad-lib.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89b21e69ab4d73a2f4676d62d6fa47fe4c2f6a21239ef20bcb628f50316e5cb8

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:46 GMT
content-encoding
gzip
x-backend
157.52.99.61
age
112972
via
1.1 varnish, 1.1 varnish
x-geoip-region-code
VAN
x-cache
HIT, HIT
access-control-max-age
3000
x-cache-hits
1, 1
content-length
54798
x-amz-id-2
1nvmpmM7aGoyNNeGNm2Anrk8YEHE+ZgmTPxsJvcuplQPsXT1J+iEj1sQDpa422jMlpMpuMO83dM=
x-served-by
cache-bwi5161-BWI, cache-fra19168-FRA
last-modified
Thu, 03 Jun 2021 15:52:53 GMT
server
AmazonS3
x-timer
S1625241827.563966,VS0,VE1
etag
"8220def907616832e06bab2953af1f0e"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET,OPTIONS,HEAD
x-amz-request-id
6KNQ95P7ZGNDAWM0
access-control-allow-origin
*
cache-control
max-age=604800, public, must-revalidate
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
Origin
x-geoip-country-code
BE
cc.js
tags.crwdcntrl.net/c/5283/
66 KB
13 KB
Script
General
Full URL
https://tags.crwdcntrl.net/c/5283/cc.js?ns=_cc5283
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-129.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
295a5b6bc90a379ca00d7887c5d42f06184aa14561e4e03549d4a0a808c74d6c

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 11:16:24 GMT
content-encoding
gzip
etag
W/"063c44ee213a474c5021c061f62fd037"
last-modified
Fri, 01 May 2020 15:45:19 GMT
server
AmazonS3
age
57976
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
QgTm_dogK1Vh0C5wf0u-5CXMvkQa8VOTKi7Y_3ymL0uqPenrKGriIw==
styles.883f3d0a3f933cc04287.css
www.refinery29.com/assets/
303 KB
51 KB
Stylesheet
General
Full URL
https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
86be0cca0343bf694250198cf44ef0067171c63835751e738d88ebee314a24ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/styles.883f3d0a3f933cc04287.css
pragma
no-cache
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.refinery29.com
referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:46 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-backend
157.52.99.54
age
684738
x-geoip-region-code
VAN
x-cache
HIT, HIT
x-ua-device
desktop
x-cache-hits
1, 5
x-geolocation
BE
content-encoding
gzip
vary
Accept-Encoding
content-length
52172
x-xss-protection
1; mode=block
x-served-by
cache-bwi5154-BWI, cache-hhn4041-HHN
last-modified
Thu, 24 Jun 2021 17:37:43 GMT
x-timer
S1625241827.514225,VS0,VE0
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css; charset=UTF-8
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
accept-ranges
bytes
x-country-code
BE
x-geoip-country-code
BE
d27ad8510dcf0eef13f6419f4f9a76e6.svg
www.refinery29.com/assets/
3 KB
2 KB
Image
General
Full URL
https://www.refinery29.com/assets/d27ad8510dcf0eef13f6419f4f9a76e6.svg
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
89f9523ed6ee42db29969af142573a35a677d32f880875f4a0ca50c894d9faf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/d27ad8510dcf0eef13f6419f4f9a76e6.svg
pragma
no-cache
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.refinery29.com
referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:46 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-backend
157.52.99.56
age
4089864
x-geoip-region-code
VAN
x-cache
HIT, HIT
x-ua-device
desktop
x-cache-hits
1, 4
x-geolocation
BE
content-encoding
gzip
vary
Accept-Encoding
content-length
1166
x-xss-protection
1; mode=block
x-served-by
cache-bwi5156-BWI, cache-hhn4041-HHN
last-modified
Wed, 12 May 2021 16:46:55 GMT
x-timer
S1625241827.605919,VS0,VE1
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
accept-ranges
bytes
x-country-code
BE
x-geoip-country-code
BE
rebecca-bonbon.jpg
www.refinery29.com/bin/entry/1ca/x/60188/
Redirect Chain
  • https://www.refinery29.com/static/bin/entry/1ca/x/60188/rebecca-bonbon.jpg
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg
  • https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg
0
0

a70678be6c693f8a9915bec2fa49ee49.svg
www.refinery29.com/assets/
6 KB
3 KB
Image
General
Full URL
https://www.refinery29.com/assets/a70678be6c693f8a9915bec2fa49ee49.svg
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
23c0947572f2ebf64a7de618bfcd053231bf0e5403cd33b3cc4a7f26ab63b145
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/a70678be6c693f8a9915bec2fa49ee49.svg
pragma
no-cache
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.refinery29.com
referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:46 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-backend
157.52.99.71
age
747323
x-geoip-region-code
VAN
x-cache
MISS, HIT
x-ua-device
desktop
x-cache-hits
0, 5
x-geolocation
BE
content-encoding
gzip
vary
Accept-Encoding
content-length
2533
x-xss-protection
1; mode=block
x-served-by
cache-bwi5171-BWI, cache-hhn4041-HHN
last-modified
Thu, 17 Jun 2021 14:17:41 GMT
x-timer
S1625241827.606017,VS0,VE0
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
accept-ranges
bytes
x-country-code
BE
x-geoip-country-code
BE
runtime.9818a1403edced2853ae.js
www.refinery29.com/assets/
3 KB
2 KB
Script
General
Full URL
https://www.refinery29.com/assets/runtime.9818a1403edced2853ae.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
132350ee70f4330bcc43d2773e1715fcbdb48838b3d42135854f4a997a48ffb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/runtime.9818a1403edced2853ae.js
pragma
no-cache
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.refinery29.com
referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:46 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-backend
157.52.99.29
age
684738
x-geoip-region-code
VAN
x-cache
HIT, HIT
x-ua-device
desktop
x-cache-hits
10, 4
x-geolocation
BE
content-encoding
gzip
vary
Accept-Encoding
content-length
1905
x-xss-protection
1; mode=block
x-served-by
cache-bwi5129-BWI, cache-hhn4041-HHN
last-modified
Thu, 24 Jun 2021 17:37:43 GMT
x-timer
S1625241827.595061,VS0,VE0
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
accept-ranges
bytes
x-country-code
BE
x-geoip-country-code
BE
ads.f078cc76091d8e47648c.js
www.refinery29.com/assets/
177 B
544 B
Script
General
Full URL
https://www.refinery29.com/assets/ads.f078cc76091d8e47648c.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ceba3fcb041ce8b7a2ce0758b0f7404f07c12955fa89ae3429d9bd44d90d1999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/ads.f078cc76091d8e47648c.js
pragma
no-cache
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.refinery29.com
referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:46 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-backend
157.52.99.80
age
689808
x-geoip-region-code
VAN
x-cache
HIT, HIT
x-ua-device
desktop
x-cache-hits
1, 4
x-geolocation
BE
content-encoding
gzip
vary
Accept-Encoding
content-length
169
x-xss-protection
1; mode=block
x-served-by
cache-bwi5180-BWI, cache-hhn4041-HHN
last-modified
Thu, 24 Jun 2021 16:10:53 GMT
x-timer
S1625241827.605716,VS0,VE0
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
accept-ranges
bytes
x-country-code
BE
x-geoip-country-code
BE
vendor.ef10d385d2de89999e23.js
www.refinery29.com/assets/
436 KB
158 KB
Script
General
Full URL
https://www.refinery29.com/assets/vendor.ef10d385d2de89999e23.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d670b344e25b5eb3855cab47be4a004ff12027e03d9462751efb14ddd7332145
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/vendor.ef10d385d2de89999e23.js
pragma
no-cache
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.refinery29.com
referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:46 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-backend
157.52.99.58
age
689808
x-geoip-region-code
VAN
x-cache
HIT, HIT
x-ua-device
desktop
x-cache-hits
1, 1
x-geolocation
BE
content-encoding
gzip
vary
Accept-Encoding
content-length
161559
x-xss-protection
1; mode=block
x-served-by
cache-bwi5158-BWI, cache-hhn4041-HHN
last-modified
Thu, 24 Jun 2021 16:10:53 GMT
x-timer
S1625241827.605678,VS0,VE1
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
accept-ranges
bytes
x-country-code
BE
x-geoip-country-code
BE
scripts.b54c1eb21aab39c7b3ac.js
www.refinery29.com/assets/
292 KB
98 KB
Script
General
Full URL
https://www.refinery29.com/assets/scripts.b54c1eb21aab39c7b3ac.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d56a977c5da17374230f62a573fddc29445cd6d0b03d077711c635f8f5c379a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/scripts.b54c1eb21aab39c7b3ac.js
pragma
no-cache
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.refinery29.com
referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:46 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-backend
157.52.99.25
age
684738
x-geoip-region-code
VAN
x-cache
HIT, HIT
x-ua-device
desktop
x-cache-hits
1, 4
x-geolocation
BE
content-encoding
gzip
vary
Accept-Encoding
content-length
100185
x-xss-protection
1; mode=block
x-served-by
cache-bwi5125-BWI, cache-hhn4041-HHN
last-modified
Thu, 24 Jun 2021 17:37:43 GMT
x-timer
S1625241827.605931,VS0,VE0
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
accept-ranges
bytes
x-country-code
BE
x-geoip-country-code
BE
b1649921d5adbbccbdcc065dd2474644.svg
www.refinery29.com/assets/
3 KB
1 KB
Image
General
Full URL
https://www.refinery29.com/assets/b1649921d5adbbccbdcc065dd2474644.svg
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
da20aad92ff5801fb2533cd2211769e1c39dca54844a9521b33d88654b652f0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/b1649921d5adbbccbdcc065dd2474644.svg
pragma
no-cache
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.refinery29.com
referer
https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:46 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-backend
157.52.99.40
age
2095834
x-geoip-region-code
VAN
x-cache
HIT, HIT
x-ua-device
desktop
x-cache-hits
1, 4
x-geolocation
BE
content-encoding
gzip
vary
Accept-Encoding
content-length
1247
x-xss-protection
1; mode=block
x-served-by
cache-bwi5140-BWI, cache-hhn4041-HHN
last-modified
Thu, 03 Jun 2021 16:49:03 GMT
x-timer
S1625241827.620043,VS0,VE0
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
accept-ranges
bytes
x-country-code
BE
x-geoip-country-code
BE
db9b37b065fdbc9f412dcdfe522e581e.svg
www.refinery29.com/assets/
522 B
527 B
Image
General
Full URL
https://www.refinery29.com/assets/db9b37b065fdbc9f412dcdfe522e581e.svg
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ed276c4260d06014aaf9d73539a25eecaebb556de926a27a687fcdf62fc23efe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/db9b37b065fdbc9f412dcdfe522e581e.svg
pragma
no-cache
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.refinery29.com
referer
https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:46 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-backend
157.52.99.72
age
135998
x-geoip-region-code
VAN
x-cache
MISS, HIT
x-ua-device
desktop
x-cache-hits
0, 4
x-geolocation
BE
content-encoding
gzip
vary
Accept-Encoding
content-length
372
x-xss-protection
1; mode=block
x-served-by
cache-bwi5172-BWI, cache-hhn4041-HHN
last-modified
Thu, 24 Jun 2021 17:37:43 GMT
x-timer
S1625241827.620009,VS0,VE0
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
accept-ranges
bytes
x-country-code
BE
x-geoip-country-code
BE
e9204391fe1c1447d82b8d20455a4ec9.svg
www.refinery29.com/assets/
519 B
702 B
Image
General
Full URL
https://www.refinery29.com/assets/e9204391fe1c1447d82b8d20455a4ec9.svg
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd4403ab2efacd25b50b97b137055ec9d17f6be416339e44261ecc4692abb873
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/e9204391fe1c1447d82b8d20455a4ec9.svg
pragma
no-cache
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.refinery29.com
referer
https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:46 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-backend
157.52.99.72
age
2096065
x-geoip-region-code
VAN
x-cache
HIT, HIT
x-ua-device
desktop
x-cache-hits
1, 4
x-geolocation
BE
content-encoding
gzip
vary
Accept-Encoding
content-length
369
x-xss-protection
1; mode=block
x-served-by
cache-bwi5172-BWI, cache-hhn4041-HHN
last-modified
Thu, 03 Jun 2021 16:48:15 GMT
x-timer
S1625241827.619988,VS0,VE0
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
accept-ranges
bytes
x-country-code
BE
x-geoip-country-code
BE
8ef1aa2d2848dc1fce7f40dbabe19c80.woff2
www.refinery29.com/assets/
25 KB
26 KB
Font
General
Full URL
https://www.refinery29.com/assets/8ef1aa2d2848dc1fce7f40dbabe19c80.woff2
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
18de2f92c4cd97aaf4b2a950859995b681f1b24fad046e04fac3f16ddcd7dc28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://www.refinery29.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN
:path
/assets/8ef1aa2d2848dc1fce7f40dbabe19c80.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.refinery29.com
referer
https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.refinery29.com
Referer
https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:46 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-geoip-country-code
BE
x-backend
157.52.99.38
age
1754354
x-geoip-region-code
VAN
x-cache
HIT, HIT
x-ua-device
desktop
x-geolocation
BE
content-length
25964
x-xss-protection
1; mode=block
x-served-by
cache-bwi5138-BWI, cache-hhn4041-HHN
last-modified
Thu, 03 Jun 2021 16:48:15 GMT
x-timer
S1625241827.619970,VS0,VE1
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/font-woff2
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
accept-ranges
bytes
x-country-code
BE
x-cache-hits
1, 1
18fcc97793839a49e69d57013102e0f7.woff2
www.refinery29.com/assets/
26 KB
27 KB
Font
General
Full URL
https://www.refinery29.com/assets/18fcc97793839a49e69d57013102e0f7.woff2
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2f6e41f66e70d5e030908e8f8ce058f35a019aaf6eaeabd216cecc9c01745396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://www.refinery29.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN
:path
/assets/18fcc97793839a49e69d57013102e0f7.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.refinery29.com
referer
https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.refinery29.com
Referer
https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:46 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-geoip-country-code
BE
x-backend
157.52.99.55
age
4340350
x-geoip-region-code
VAN
x-cache
HIT, HIT
x-ua-device
desktop
x-geolocation
BE
content-length
26760
x-xss-protection
1; mode=block
x-served-by
cache-bwi5155-BWI, cache-hhn4041-HHN
last-modified
Wed, 12 May 2021 16:46:04 GMT
x-timer
S1625241827.619957,VS0,VE1
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/font-woff2
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
accept-ranges
bytes
x-country-code
BE
x-cache-hits
1, 1
197dfb7e234fb09ab53f7dfb2b0a8120.woff2
www.refinery29.com/assets/
19 KB
19 KB
Font
General
Full URL
https://www.refinery29.com/assets/197dfb7e234fb09ab53f7dfb2b0a8120.woff2
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8af3e315d35d120dd008e9eb06084091f1358839999e1f5fd452b9949d9776b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://www.refinery29.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN
:path
/assets/197dfb7e234fb09ab53f7dfb2b0a8120.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.refinery29.com
referer
https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.refinery29.com
Referer
https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:46 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-geoip-country-code
BE
x-backend
157.52.99.64
age
1514710
x-geoip-region-code
VAN
x-cache
HIT, HIT
x-ua-device
desktop
x-geolocation
BE
content-length
19144
x-xss-protection
1; mode=block
x-served-by
cache-bwi5164-BWI, cache-hhn4041-HHN
last-modified
Thu, 03 Jun 2021 16:49:03 GMT
x-timer
S1625241827.624063,VS0,VE1
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/font-woff2
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
accept-ranges
bytes
x-country-code
BE
x-cache-hits
3, 1
2b15e0993401ca83e55190edcdc9e5a6.woff2
www.refinery29.com/assets/
19 KB
19 KB
Font
General
Full URL
https://www.refinery29.com/assets/2b15e0993401ca83e55190edcdc9e5a6.woff2
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0f28701b83871db34ce9710c05825f96bcb773cb6d86874e4999af81f59976d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://www.refinery29.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN
:path
/assets/2b15e0993401ca83e55190edcdc9e5a6.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.refinery29.com
referer
https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.refinery29.com
Referer
https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:46 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-geoip-country-code
BE
x-backend
157.52.99.29
age
132897
x-geoip-region-code
VAN
x-cache
MISS, HIT
x-ua-device
desktop
x-geolocation
BE
content-length
19628
x-xss-protection
1; mode=block
x-served-by
cache-bwi5129-BWI, cache-hhn4041-HHN
last-modified
Thu, 24 Jun 2021 17:38:17 GMT
x-timer
S1625241827.711686,VS0,VE1
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/font-woff2
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
accept-ranges
bytes
x-country-code
BE
x-cache-hits
0, 1
vice-ad-lib-refinery29-master-config.json
vice-staging-web-statics-cdn.viceops.net/vendor/ad-lib/refinery29/
20 KB
2 KB
Fetch
General
Full URL
https://vice-staging-web-statics-cdn.viceops.net/vendor/ad-lib/refinery29/vice-ad-lib-refinery29-master-config.json
Requested by
Host: vice-web-statics-cdn.vice.com
URL: https://vice-web-statics-cdn.vice.com/vendor/ad-lib/v2.30.0/vice-ad-lib.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e0bf78091b6d41efcb26d970994b0403a9ca35c540e37c729676282eb30f9a7

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:46 GMT
content-encoding
gzip
x-backend
157.52.99.55
age
26
via
1.1 varnish, 1.1 varnish
x-geoip-region-code
VAN
x-cache
HIT, HIT
access-control-max-age
3000
x-cache-hits
1, 2
content-length
1463
x-amz-id-2
fQsIK1RkITzaW0j2Xkn7hMalySBotUeTEThab+ukf9CJD5EjAG4Bw4trgYxAAZU9tuJF25r85lY=
x-served-by
cache-bwi5155-BWI, cache-fra19155-FRA
last-modified
Thu, 03 Jun 2021 15:52:48 GMT
server
AmazonS3
x-timer
S1625241827.848395,VS0,VE0
etag
"ee42a6075e882d6ee561ffcacd656a68"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET,OPTIONS,HEAD
x-amz-request-id
1H9720XBQ47A7KGD
access-control-allow-origin
*
cache-control
max-age=55
accept-ranges
bytes
content-type
application/json
access-control-allow-headers
Origin
x-geoip-country-code
BE
raven-js.cf4ec74eead38419e8bc.js
www.refinery29.com/assets/
15 KB
7 KB
Script
General
Full URL
https://www.refinery29.com/assets/raven-js.cf4ec74eead38419e8bc.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/runtime.9818a1403edced2853ae.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0211373f81969f94f38b469f296ed0f9bdb49e25f9b2198fe27cff81f69d07b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/raven-js.cf4ec74eead38419e8bc.js
pragma
no-cache
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.refinery29.com
referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:46 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-backend
157.52.99.35
age
689808
x-geoip-region-code
VAN
x-cache
HIT, HIT
x-ua-device
desktop
x-cache-hits
1, 4
x-geolocation
BE
content-encoding
gzip
vary
Accept-Encoding
content-length
6700
x-xss-protection
1; mode=block
x-served-by
cache-bwi5135-BWI, cache-hhn4041-HHN
last-modified
Thu, 24 Jun 2021 16:10:53 GMT
x-timer
S1625241827.854254,VS0,VE0
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
accept-ranges
bytes
x-country-code
BE
x-geoip-country-code
BE
32.255adfb5631c9c073de7.js
www.refinery29.com/assets/
892 B
835 B
Script
General
Full URL
https://www.refinery29.com/assets/32.255adfb5631c9c073de7.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/runtime.9818a1403edced2853ae.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
92a4971ae47eb037307e17f0bbcc41d312a2181dae5d1e0df302b1e06ea8aa71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/32.255adfb5631c9c073de7.js
pragma
no-cache
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.refinery29.com
referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:46 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-backend
157.52.99.80
age
689808
x-geoip-region-code
VAN
x-cache
HIT, HIT
x-ua-device
desktop
x-cache-hits
1, 4
x-geolocation
BE
content-encoding
gzip
vary
Accept-Encoding
content-length
571
x-xss-protection
1; mode=block
x-served-by
cache-bwi5180-BWI, cache-hhn4041-HHN
last-modified
Thu, 24 Jun 2021 16:10:53 GMT
x-timer
S1625241827.854418,VS0,VE0
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
accept-ranges
bytes
x-country-code
BE
x-geoip-country-code
BE
31.dcf16449606203056e7b.js
www.refinery29.com/assets/
917 B
656 B
Script
General
Full URL
https://www.refinery29.com/assets/31.dcf16449606203056e7b.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/runtime.9818a1403edced2853ae.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
61080b98536b5045037b7bf361a8a452649b6b59e83a868c2a8045bd051e4c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/31.dcf16449606203056e7b.js
pragma
no-cache
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.refinery29.com
referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:46 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-backend
157.52.99.38
age
689808
x-geoip-region-code
VAN
x-cache
HIT, HIT
x-ua-device
desktop
x-cache-hits
1, 4
x-geolocation
BE
content-encoding
gzip
vary
Accept-Encoding
content-length
547
x-xss-protection
1; mode=block
x-served-by
cache-bwi5138-BWI, cache-hhn4041-HHN
last-modified
Thu, 24 Jun 2021 16:10:53 GMT
x-timer
S1625241827.854382,VS0,VE0
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
accept-ranges
bytes
x-country-code
BE
x-geoip-country-code
BE
uc.js
consent.cookiebot.com/
72 KB
17 KB
Script
General
Full URL
https://consent.cookiebot.com/uc.js?cbid=26a1933b-7853-45d5-a491-f3f2d34eb23b&culture=EN
Requested by
Host: vice-web-statics-cdn.vice.com
URL: https://vice-web-statics-cdn.vice.com/vendor/ad-lib/v2.30.0/vice-ad-lib.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1d98f8c7fc5e855c620d9b8f0c9094b7d66777ce9706bf970c7bad399cd3381c

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:46 GMT
content-encoding
gzip
last-modified
Tue, 29 Jun 2021 11:08:49 GMT
server
Microsoft-IIS/10.0
etag
"8036e622d76cd71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=271
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges
bytes
content-length
17507
expires
Fri, 02 Jul 2021 16:08:17 GMT
184607-3792555493405.js
js-sec.indexww.com/ht/p/
130 KB
37 KB
Script
General
Full URL
https://js-sec.indexww.com/ht/p/184607-3792555493405.js
Requested by
Host: vice-web-statics-cdn.vice.com
URL: https://vice-web-statics-cdn.vice.com/vendor/ad-lib/v2.30.0/vice-ad-lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
08623e37a99882f5ed8feec7beb0bdc8a55742d8a65af3599ea08889c03fd7f4

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 16:03:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 02 Jul 2021 16:00:24 GMT
Server
Apache
ETag
"9033f2-20931-5c6260db3bb86"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
37747
Expires
Fri, 02 Jul 2021 17:03:47 GMT
channels.cgi
vmg-ash.gscontxt.net/multizone/
1 KB
1 KB
Script
General
Full URL
https://vmg-ash.gscontxt.net/multizone/channels.cgi?url=https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Requested by
Host: vice-web-statics-cdn.vice.com
URL: https://vice-web-statics-cdn.vice.com/vendor/ad-lib/v2.30.0/vice-ad-lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
129.213.193.172 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
7361ffd3db7b17d11ee47213d9492a977f233a0768dffd9c0254702b1c329960

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
1239
Content-Type
application/javascript
react_intl_en.57af45450564a5305409.js
www.refinery29.com/assets/
7 KB
1 KB
Script
General
Full URL
https://www.refinery29.com/assets/react_intl_en.57af45450564a5305409.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/runtime.9818a1403edced2853ae.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
492495e9e680b7bfd951e115b400497f16c2c8f9dc7ac291acaefc9a040a1990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/react_intl_en.57af45450564a5305409.js
pragma
no-cache
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.refinery29.com
referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:46 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-backend
157.52.99.30
age
689808
x-geoip-region-code
VAN
x-cache
HIT, HIT
x-ua-device
desktop
x-cache-hits
1, 4
x-geolocation
BE
content-encoding
gzip
vary
Accept-Encoding
content-length
1227
x-xss-protection
1; mode=block
x-served-by
cache-bwi5130-BWI, cache-hhn4041-HHN
last-modified
Thu, 24 Jun 2021 16:10:53 GMT
x-timer
S1625241827.896607,VS0,VE0
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
accept-ranges
bytes
x-country-code
BE
x-geoip-country-code
BE
ns.html
www.googletagmanager.com/ Frame 673E
268 B
275 B
Document
General
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-PBVC7CQ
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/scripts.b54c1eb21aab39c7b3ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.googletagmanager.com
:scheme
https
:path
/ns.html?id=GTM-PBVC7CQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refinery29.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

content-type
text/html; charset=UTF-8
content-encoding
br
vary
*
date
Fri, 02 Jul 2021 16:03:46 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
server
Google Tag Manager
content-length
92
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
article.dccab9d15ffc095b6c29.js
www.refinery29.com/assets/
420 KB
145 KB
Script
General
Full URL
https://www.refinery29.com/assets/article.dccab9d15ffc095b6c29.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/runtime.9818a1403edced2853ae.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
06754109cf2f4c003217a82b0b49ef07788e288b44374def0d55f7f6327737c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/article.dccab9d15ffc095b6c29.js
pragma
no-cache
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.refinery29.com
referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:46 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-backend
157.52.99.32
age
684656
x-geoip-region-code
VAN
x-cache
HIT, HIT
x-ua-device
desktop
x-cache-hits
2, 1
x-geolocation
BE
content-encoding
gzip
vary
Accept-Encoding
content-length
148348
x-xss-protection
1; mode=block
x-served-by
cache-bwi5132-BWI, cache-hhn4041-HHN
last-modified
Thu, 24 Jun 2021 17:37:43 GMT
x-timer
S1625241827.932525,VS0,VE1
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
accept-ranges
bytes
x-country-code
BE
x-geoip-country-code
BE
/
d5i9o0tpq9sa1.cloudfront.net/
43 B
523 B
Image
General
Full URL
https://d5i9o0tpq9sa1.cloudfront.net/?a=c3fe83a41f914e2ab20318edfeb13849
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 16:03:48 GMT
Via
1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
Last-Modified
Mon, 22 Apr 2013 19:31:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache
RefreshHit from cloudfront
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
ShBkbU6iA3JsZh185Yf_6-_9VpLaiGQjl2BmMjE7Q2UgpY4eXymtsg==
int=www.refinery29.com%20%3A%20site%20section%20%3A%20%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
bcp.crwdcntrl.net/5/ct=y/c=5283/rand=988892634/post_title=Hello%20Kitty%20Creator%20Introduces%20Fashion-Forward%20Pup%2C%20Rebecca%20Bonbon/post_section_name=/
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5283/rand=988892634/post_title=Hello%20Kitty%20Creator%20Introduces%20Fashion-Forward%20Pup%2C%20Rebecca%20Bonbon/post_section_name=/int=www.refinery29.com%20%3A%20sit...
  • https://bcp.crwdcntrl.net/5/ct=y/c=5283/rand=988892634/post_title=Hello%20Kitty%20Creator%20Introduces%20Fashion-Forward%20Pup%2C%20Rebecca%20Bonbon/post_section_name=/int=www.refinery29.com%20%3A%...
0
0
Image
General
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=5283/rand=988892634/post_title=Hello%20Kitty%20Creator%20Introduces%20Fashion-Forward%20Pup%2C%20Rebecca%20Bonbon/post_section_name=/int=www.refinery29.com%20%3A%20site%20section%20%3A%20%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:47 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/5/ct=y/c=5283/rand=988892634/post_title=Hello%20Kitty%20Creator%20Introduces%20Fashion-Forward%20Pup%2C%20Rebecca%20Bonbon/post_section_name=/int=www.refinery29.com%20%3A%20site%20section%20%3A%20%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
cache-control
no-cache
x-server
10.45.22.134
content-length
0
expires
0
cc.js
consent.cookiebot.com/26a1933b-7853-45d5-a491-f3f2d34eb23b/
303 KB
76 KB
Script
General
Full URL
https://consent.cookiebot.com/26a1933b-7853-45d5-a491-f3f2d34eb23b/cc.js?renew=false&referer=www.refinery29.com&culture=EN&dnt=false&forceshow=false&cbid=26a1933b-7853-45d5-a491-f3f2d34eb23b&brandid=CookieConsent&framework=
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=26a1933b-7853-45d5-a491-f3f2d34eb23b&culture=EN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
893a6d7cdfeccfb53593a24522b8fe543dbb9d58cf25e593134b04df737bbcfe

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:47 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 16:03:47 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
private, max-age=1200
access-control-allow-headers
cache-control, expires, Access-Control-Allow-Headers, Origin, Pragma, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
76797
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
ecbe91fe-1e87-40e3-99b1-49179fd6673c
player.ex.co/player/
623 KB
186 KB
Script
General
Full URL
https://player.ex.co/player/ecbe91fe-1e87-40e3-99b1-49179fd6673c
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/article.dccab9d15ffc095b6c29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ad7f0af3ee47cdc38859bad1450767a136cccb0e031f2ac08fb478f34e4b3af7

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:47 GMT
content-encoding
gzip
age
0
x-cache
HIT, MISS
access-control-max-age
600
content-length
189993
x-served-by
cache-dca17724-DCA, cache-fra19144-FRA
access-control-allow-origin
*
server
nginx
x-timer
S1625241827.111413,VS0,VE95
etag
W/"9ba8e-5eSulOsZ53fZbElhpjT9DR1rotQ"
vary
Accept-Encoding, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
1, 0
swiper.cd834c2299ff1926e7bd.js
www.refinery29.com/assets/
90 KB
29 KB
Script
General
Full URL
https://www.refinery29.com/assets/swiper.cd834c2299ff1926e7bd.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/runtime.9818a1403edced2853ae.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
018192dc51109d6eee66295993dbd0ea41d4f555e822a841de6c9cd4f6fbc9d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/swiper.cd834c2299ff1926e7bd.js
pragma
no-cache
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN; R29_CEXP_V1=[]
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.refinery29.com
referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:47 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-backend
157.52.99.76
age
689808
x-geoip-region-code
VAN
x-cache
HIT, HIT
x-ua-device
desktop
x-cache-hits
1, 4
x-geolocation
BE
content-encoding
gzip
vary
Accept-Encoding
content-length
29887
x-xss-protection
1; mode=block
x-served-by
cache-bwi5176-BWI, cache-hhn4041-HHN
last-modified
Thu, 24 Jun 2021 16:10:53 GMT
x-timer
S1625241827.063819,VS0,VE0
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
accept-ranges
bytes
x-country-code
BE
x-geoip-country-code
BE
10557373.jpg
www.refinery29.com/images/
4 KB
4 KB
Image
General
Full URL
https://www.refinery29.com/images/10557373.jpg?format=webp&width=140&height=168&quality=85&crop=5%3A6
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e35ca1a15fb5e4ea40f5cd6e8ba9ae2546fdf6e589d35f7e2caf47cb12c5894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/10557373.jpg?format=webp&width=140&height=168&quality=85&crop=5%3A6
pragma
no-cache
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN; R29_CEXP_V1=[]
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.refinery29.com
referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:47 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-backend
157.52.96.71
age
67471
x-geoip-region-code
VAN
x-cache
HIT, HIT
fastly-io-info
ifsz=1765652 idim=1709x2052 ifmt=jpeg ofsz=3828 odim=140x168 ofmt=webp
x-ua-device
desktop
x-cache-hits
1, 1
fastly-stats
io=1
x-geolocation
BE
content-length
3828
x-xss-protection
1; mode=block
x-served-by
cache-sjc10071-SJC, cache-hhn4041-HHN
last-modified
Tue, 01 Jan 2019 00:00:00 GMT
x-timer
S1625241827.100182,VS0,VE1
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/webp
cache-control
max-age=31536000, public, immutable
accept-ranges
bytes
x-country-code
BE
x-geoip-country-code
BE
10556823.jpg
www.refinery29.com/images/
4 KB
4 KB
Image
General
Full URL
https://www.refinery29.com/images/10556823.jpg?format=webp&width=140&height=168&quality=85&crop=5%3A6
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
59baab146d327cae9a561c7af606700a5c2945a24cf30a0d4e175f8895b4107c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/10556823.jpg?format=webp&width=140&height=168&quality=85&crop=5%3A6
pragma
no-cache
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN; R29_CEXP_V1=[]
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.refinery29.com
referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:47 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-backend
157.52.96.83
age
67471
x-geoip-region-code
VAN
x-cache
HIT, HIT
fastly-io-info
ifsz=1947419 idim=1836x2204 ifmt=jpeg ofsz=3816 odim=140x168 ofmt=webp
x-ua-device
desktop
x-cache-hits
1, 1
fastly-stats
io=1
x-geolocation
BE
content-length
3816
x-xss-protection
1; mode=block
x-served-by
cache-sjc10083-SJC, cache-hhn4041-HHN
last-modified
Tue, 01 Jan 2019 00:00:00 GMT
x-timer
S1625241827.100182,VS0,VE1
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/webp
cache-control
max-age=31536000, public, immutable
accept-ranges
bytes
x-country-code
BE
x-geoip-country-code
BE
10555368.jpg
www.refinery29.com/images/
4 KB
4 KB
Image
General
Full URL
https://www.refinery29.com/images/10555368.jpg?format=webp&width=140&height=168&quality=85&crop=5%3A6
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
71f5d45a5b58d9a8e981a880f3f3a688de7b944cb69d40b95dbf52a23ca718cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/images/10555368.jpg?format=webp&width=140&height=168&quality=85&crop=5%3A6
pragma
no-cache
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN; R29_CEXP_V1=[]
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.refinery29.com
referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:47 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-backend
157.52.96.57
age
120857
x-geoip-region-code
VAN
x-cache
HIT, HIT
fastly-io-info
ifsz=1321309 idim=1362x1634 ifmt=jpeg ofsz=3862 odim=140x168 ofmt=webp
x-ua-device
desktop
x-cache-hits
1, 1
fastly-stats
io=1
x-geolocation
BE
content-length
3862
x-xss-protection
1; mode=block
x-served-by
cache-sjc10057-SJC, cache-hhn4041-HHN
last-modified
Tue, 01 Jan 2019 00:00:00 GMT
x-timer
S1625241827.100128,VS0,VE1
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/webp
cache-control
max-age=31536000, public, immutable
accept-ranges
bytes
x-country-code
BE
x-geoip-country-code
BE
c5978d8cfc0a8ce2373e33980dd34486.svg
www.refinery29.com/assets/
481 B
682 B
Image
General
Full URL
https://www.refinery29.com/assets/c5978d8cfc0a8ce2373e33980dd34486.svg
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1272dca7cfd9ed1d1335d738a2fe09be6cebccec87fabe2b3d4dc111abc43a98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/c5978d8cfc0a8ce2373e33980dd34486.svg
pragma
no-cache
cookie
X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN; R29_CEXP_V1=[]
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.refinery29.com
referer
https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:47 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-backend
157.52.99.33
age
1957977
x-geoip-region-code
VAN
x-cache
HIT, HIT
x-ua-device
desktop
x-cache-hits
2, 4
x-geolocation
BE
content-encoding
gzip
vary
Accept-Encoding
content-length
274
x-xss-protection
1; mode=block
x-served-by
cache-bwi5133-BWI, cache-hhn4041-HHN
last-modified
Thu, 03 Jun 2021 16:49:03 GMT
x-timer
S1625241827.100107,VS0,VE0
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
accept-ranges
bytes
x-country-code
BE
x-geoip-country-code
BE
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f29b4389a6e08bf3ffcdfb097597d5621b4abac31a74f89c3fa3537dc428e68

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98ccd33e523985efa588344a13932892db38b1335243f989dd366450db8ea68d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
973 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/vendor.ef10d385d2de89999e23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
1342
date
Fri, 02 Jul 2021 15:41:25 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Fri, 02 Jul 2021 17:41:25 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cb1fb7abc14c9f0c1aebb5358667d989c94169f5c130d4a22e1ae1f543df395

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&aip=1&a=531733239&t=pageview&_s=1&dl=https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon&dp=%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon&ul=en-us&de=UTF-8&dt=Yuko%20Shimizu%20Debuts%20Rebecca%20Bonbon-%20Latest%20It-Character%20From%20the%20Creator%20of%20Hello%20Kitty.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGAACAABB~&cid=870130039.1625241827&tid=UA-315022-1&_gid=1473175819.1625241827&cd7=870130039.1625241827&cg1=entry.article&cg2=Politics&cd4=2011-07-27&cd5=19587&cd6=Gina%20Marinelli&cd19=0&z=412055933
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 07:04:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32347
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
events
prd-collector-anon.ex.co/main/
0
138 B
XHR
General
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/ecbe91fe-1e87-40e3-99b1-49179fd6673c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.refinery29.com
date
Fri, 02 Jul 2021 16:03:47 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
css2
fonts.googleapis.com/
2 KB
644 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 02 Jul 2021 14:52:51 GMT
server
ESF
date
Fri, 02 Jul 2021 16:03:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Jul 2021 16:03:47 GMT
events
prd-collector-anon.ex.co/main/
0
138 B
XHR
General
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/ecbe91fe-1e87-40e3-99b1-49179fd6673c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.refinery29.com
date
Fri, 02 Jul 2021 16:03:47 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
hls.min.js
player.avplayer.com/script/2/2.55/libs/
247 KB
71 KB
Script
General
Full URL
https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/ecbe91fe-1e87-40e3-99b1-49179fd6673c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:47 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uzg4smcUyUdWef64hHqkVmexb85uQtozqglSdLDYlq0y4WzGiRoCxPq02FU-Y5pBb8g369Z-mWegPyPvosNsY8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71831
last-modified
Sun, 10 Jan 2021 14:52:52 GMT
server
UploadServer
etag
"7888b98658e8cef4a98786556ccdab66"
vary
Accept-Encoding
x-goog-hash
crc32c=vMWMIg==
content-language
en
x-goog-generation
1610290372874389
cache-control
public, max-age=300
x-goog-stored-content-length
71831
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 02 Jul 2021 16:08:47 GMT
truncated
/
548 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
902dde5c61e28b2ea557a81ff2d3a2be505654f7a8d74b35c52410f47dc75f66

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
484 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f677418329f1492ff13d5041c5872f1570eda43eaca5d1854a61de27385dab66

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
478 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23727e1fd90dc2bc2566aeef37ee69dd72c888dd8ba8d726f45e843c85eb0d67

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
411 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
365 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04b2684e2a85ed8bf65eb0e6a3b4d942ebe82fcec4169bf3b322b9ad06f6565f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
ecbe91fe-1e87-40e3-99b1-49179fd6673c_1585251920593.png
cdn.playbuzz.com/logos/
26 KB
18 KB
Image
General
Full URL
https://cdn.playbuzz.com/logos/ecbe91fe-1e87-40e3-99b1-49179fd6673c_1585251920593.png
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.232.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
569747c40f2ce2235766abb3e511985130c809f46cc5e0c707fc1fe84579f925

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:47 GMT
content-encoding
gzip
last-modified
Tue, 14 Jul 2020 07:37:46 GMT
server
AmazonS3
etag
"bb76c0c366370440d04aeb2145de5435"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
18264
AVmanager.js
player.aniview.com/script/6.1/ Frame C6CC
340 KB
97 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/ecbe91fe-1e87-40e3-99b1-49179fd6673c
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
319cd584d0eafd2b782b2fcd8919d64b7a57286abb0be4dbb7e5b725ce235ef3

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:47 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UwTNI0an_DGLQMYS_SwESsQydFP9ZHijkwIsdr16wjQ-s5BDeHI_xFe91LnSla2eIMTRulwXiwslzsL-MseAzE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
98488
last-modified
Wed, 23 Jun 2021 10:48:36 GMT
server
UploadServer
etag
"bce4cecf47b100649e3194bf47af330f"
vary
Accept-Encoding
x-goog-hash
crc32c=yl+Wtg==, md5=vOTOz0exAGSeMZS/R68zDw==
content-language
en
access-control-allow-origin
*
x-goog-generation
1624445316505787
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
98488
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 02 Jul 2021 16:08:47 GMT
track
atrack.avplayer.com/
0
71 B
Image
General
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=playerLoaded&cb=1625241827370&cid=5e6baa664ac213650365e3f9&VERSION=4.66.0&cou=DE&AV_PAGE_LOAD_UID=6ae96952-34a8-4d89-a3b3-93ee4ab00d7b&AV_CDIM4=6ae96952-34a8-4d89-a3b3-93ee4ab00d7b&AV_ABTEST_TEMPLATE_WIGHT=100&AV_CDIM6=100&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.237.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
events
prd-collector-anon.ex.co/main/
0
139 B
XHR
General
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/ecbe91fe-1e87-40e3-99b1-49179fd6673c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.refinery29.com
date
Fri, 02 Jul 2021 16:03:47 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
gpt.js
www.googletagservices.com/tag/js/
69 KB
24 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/ecbe91fe-1e87-40e3-99b1-49179fd6673c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3de1e0aea6370e0f8c570ebba1529c47a3fe619dd674fc729524dab1c12df699
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"918 / 914 of 1000 / last-modified: 1625224147"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24288
x-xss-protection
0
expires
Fri, 02 Jul 2021 16:03:47 GMT
pubads_impl_2021062409.js
securepubads.g.doubleclick.net/gpt/
332 KB
116 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062409.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
384b1ed11a30aa808b3c3ee83198f8e4be3e9d1e17bd616f2652ed640b2e374c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 24 Jun 2021 17:09:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118335
x-xss-protection
0
expires
Fri, 02 Jul 2021 16:03:47 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
237 B
317 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.refinery29.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
938dba42941f6d282ecb122474ab6ad8f06aebfb0360f37449b71eef87e46f5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 02 Jul 2021 16:03:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130
x-xss-protection
0
expires
Fri, 02 Jul 2021 16:03:47 GMT
track
track1.aniview.com/
0
71 B
Image
General
Full URL
https://track1.aniview.com/track?r=www.refinery29.com&sn=&cd4=6ae96952-34a8-4d89-a3b3-93ee4ab00d7b&cd5=default&cd6=100&cd7=main&ic=0&tgt=0&app=&wi=320&he=181&test=4&apppkg=&fv=1&proto=https&pid=56ea678d181f46c76f8b45fb&cid=5e6baa664ac213650365e3f9&stagid=&stplid=&e=inventory&vi=100&cb=1625241827594
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
premiumsrv.aniview.com/api/adserver/tag/4/
18 KB
3 KB
XHR
General
Full URL
https://premiumsrv.aniview.com/api/adserver/tag/4/?VERSION=4.66.0&cou=DE&AV_PAGE_LOAD_UID=6ae96952-34a8-4d89-a3b3-93ee4ab00d7b&AV_CDIM4=6ae96952-34a8-4d89-a3b3-93ee4ab00d7b&AV_ABTEST_TEMPLATE_WIGHT=100&AV_CDIM6=100&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_sd%2Fv1490095101%2Flandscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=5e6baa664ac213650365e3f9&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=4&pce=1&npx=1&AV_DETDOMAIN=www.refinery29.com&AV_DADPOS=1&v=6.1.1.243&responsive=1&avtoken=827593&AV_WIDTH=320&AV_HEIGHT=181&AV_CCPA=1---&AV_DNT=0&cb=1625241827615
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.187.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
7eb9eab81b5093d996e805087b27a81d823b13e362558dd43b3bf837445503d7

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:47 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.refinery29.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 21 Jun 2021 02:17:07 GMT
landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.m3u8
mcd.ex.co/video/upload/sp_sd/v1490095101/
651 B
1 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/sp_sd/v1490095101/landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
23d8a2ebafc8a0dbd3e3641007e8f05fb051152e4b87219f4653866ba522c689

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 16:03:47 GMT
Status
200 OK
Connection
keep-alive
Content-Length
651
X-Request-Id
60901b1957d7bd3d15e4972c6242874a
X-Served-By
cache-wdc5559-WDC
Last-Modified
Fri, 02 Jul 2021 15:29:31 GMT
Server
cloudinary
X-Timer
S1625239776.632389,VS0,VE1
ETag
"3e4d17c983460a6b84d77960050397c1"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31555575
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.m3u8
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1625239755/
1 KB
2 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1625239755/landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
7771494e6151c8a9e0320a6409144b034a766e13bb7440f9c7d7c4a0bfd0ddf8

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 16:03:47 GMT
Last-Modified
Fri, 02 Jul 2021 15:29:24 GMT
Server
cloudinary
X-Timer
S1625239838.599979,VS0,VE1
ETag
"c7b941e0814aea871c0b83dcae701d11"
X-Served-By
cache-wdc5559-WDC
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31555598
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1105
X-Cache-Hits
1
landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1625239755/ Frame
0
0
Preflight
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1625239755/landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
Protocol
HTTP/1.1
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.refinery29.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Fri, 02 Jul 2021 16:03:47 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1625239755/
73 KB
74 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1625239755/landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
051b7ca69f1539dc7a0a4eac38e091bf9e782f4bc48236778e94cf6a6f860d88

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-75199

Response headers

Date
Fri, 02 Jul 2021 16:03:47 GMT
Content-Range
bytes 0-75199/462480
Connection
keep-alive
Content-Length
75200
X-Served-By
cache-wdc5559-WDC
Last-Modified
Fri, 02 Jul 2021 15:29:22 GMT
Server
cloudinary
X-Timer
S1625239838.917306,VS0,VE1
ETag
"68ae9c89d27d649deae9eb7872cf41dc"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31555672
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
222b7306-9c6a-497c-bc3e-df4eb8cb466b
https://www.refinery29.com/
63 KB
0
Other
General
Full URL
blob:https://www.refinery29.com/222b7306-9c6a-497c-bc3e-df4eb8cb466b
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
rid
match.adsrvr.org/track/
109 B
545 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184607
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184607-3792555493405.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
5cc9bef7737bcbc1b92fb601a0ef3d0960929abca9bb96a6813c2d0637a61153

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 02 Jul 2021 16:03:47 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.refinery29.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sun, 01 Aug 2021 16:03:47 GMT
identity
api.rlcdn.com/api/
0
223 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184607-3792555493405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 02 Jul 2021 16:03:47 GMT
via
1.1 google
alt-svc
clear
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.refinery29.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.m3u8
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/
1 KB
2 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
427ebdb6e349df648813d08e0e98b3f2f9540a7bf489bc4721263e46aaa8bc3f

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 16:03:47 GMT
Last-Modified
Fri, 02 Jul 2021 15:29:30 GMT
Server
cloudinary
X-Timer
S1625239776.917150,VS0,VE1
ETag
"24d0950b4b6d98be39eb5e737a5f75b8"
X-Served-By
cache-wdc5539-WDC
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31555543
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1114
X-Cache-Hits
1
landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/
169 KB
170 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
ce5c122b136af230ee8568d3a48bc5629b0ddee56690ae3079aba76afba91139

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-173147

Response headers

Date
Fri, 02 Jul 2021 16:03:47 GMT
Content-Range
bytes 0-173147/1123676
Connection
keep-alive
Content-Length
173148
X-Served-By
cache-wdc5539-WDC
Last-Modified
Fri, 02 Jul 2021 15:29:29 GMT
Server
cloudinary
X-Timer
S1625239778.768889,VS0,VE0
ETag
"59fe4a7de90795ef4ed559b9ea48d031"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31555546
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/ Frame
0
0
Preflight
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
Protocol
HTTP/1.1
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.refinery29.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Fri, 02 Jul 2021 16:03:47 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/ Frame
0
0
Preflight
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
Protocol
HTTP/1.1
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.refinery29.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Fri, 02 Jul 2021 16:03:47 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/
66 KB
67 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
941b91d66b7755eb06831c086cdf8f0141146bbfebfd65b8e68698b606a6cc4c

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=173148-241015

Response headers

Date
Fri, 02 Jul 2021 16:03:47 GMT
Content-Range
bytes 173148-241015/1123676
Connection
keep-alive
Content-Length
67868
X-Served-By
cache-wdc5539-WDC
Last-Modified
Fri, 02 Jul 2021 15:29:29 GMT
Server
cloudinary
X-Timer
S1625239778.768889,VS0,VE0
ETag
"59fe4a7de90795ef4ed559b9ea48d031"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31555546
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
truncated
/
554 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
452d1771c6e4f4a4981f681d311aabb02f3b79661e4b3688293506891c4549ad

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
events
prd-collector-anon.ex.co/main/
0
138 B
XHR
General
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/ecbe91fe-1e87-40e3-99b1-49179fd6673c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.refinery29.com
date
Fri, 02 Jul 2021 16:03:47 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8D40
14 KB
5 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241827876-980440603252-006976-004-007468%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241827876-980440603252-006976-004-007468%26biddername%3D1%26key%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refinery29.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=68860
expires
Sat, 03 Jul 2021 11:11:28 GMT
date
Fri, 02 Jul 2021 16:03:48 GMT
vary
Accept-Encoding
Cookie set usermatch
ssum.casalemedia.com/ Frame 03EF
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241827876-980440603252-006976-004-007468%26biddername%3D42%26key%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241827876-980440603252-006976-004-007468%26biddername%3D42%26key%3D&s=190719&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241827876-980440603252-006976-004-007468%26biddername%3D42%26key%3D&s=190719&C=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
206d36d72b44c9350e1637827b29b646a6aa57a6d9fdf00ba934c86a3bacbc44

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.refinery29.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YN845Dy1BloOg1PpevnFxgAA; CMPS=1111
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|39|45|218|105|5|41
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1725
Expires
Fri, 02 Jul 2021 16:03:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:48 GMT
Connection
keep-alive
Set-Cookie
CMID=YN845Dy1BloOg1PpevnFxgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Jul 2022 16:03:48 GMT CMPS=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Sep 2021 16:03:48 GMT CMPRO=1205;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Sep 2021 16:03:48 GMT CMRUM3=0560df38e405a0&6960df38e405a0&2960df38e405a0&2d60df38e405a0&2760df38e40b40&da60df38e42760&f160df38e405a0&e660df38e42760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Jul 2022 16:03:48 GMT CMST=YN845GDfOOQA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 03 Jul 2021 16:03:48 GMT

Redirect headers

Server
Apache
Content-Length
379
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241827876-980440603252-006976-004-007468%26biddername%3D42%26key%3D&s=190719&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 02 Jul 2021 16:03:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:48 GMT
Connection
keep-alive
Set-Cookie
CMID=YN845Dy1BloOg1PpevnFxgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Jul 2022 16:03:48 GMT CMPS=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Sep 2021 16:03:48 GMT
usync.html
eus.rubiconproject.com/ Frame 1225
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.refinery29.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 02 Jul 2021 16:03:48 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Date
Fri, 02 Jul 2021 16:03:48 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
sync
pixel.advertising.com/ups/58195/ Frame FA40
0
0
Document
General
Full URL
https://pixel.advertising.com/ups/58195/sync?&gdpr=1&gdpr_consent=&redir=true
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.254.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.advertising.com
:scheme
https
:path
/ups/58195/sync?&gdpr=1&gdpr_consent=&redir=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refinery29.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

date
Fri, 02 Jul 2021 16:03:48 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security
max-age=31536000
vast2
tag.targeting.unrulymedia.com/rmp/216513/0/
168 B
382 B
XHR
General
Full URL
https://tag.targeting.unrulymedia.com/rmp/216513/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon&w=320&h=181&cbb=5241827966
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:48 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://www.refinery29.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
avpb3.js
player.aniview.com/script/6.1/ Frame C6CC
282 KB
89 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
14fc395ad49ae416330b86596c58cfa774d3910503b94a25c51743a35a5a6288

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:47 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uzafgk_GO4dFGROVh7LPv-FSozRh2vSB7IEzxqzK1IPQtg-KxbJ-JoseY5TTfXcgpFabV-1n8M8XtvabWbHZ9HcAh_dNg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
90379
last-modified
Wed, 23 Jun 2021 10:47:56 GMT
server
UploadServer
etag
"cddb29ba1fbe753fa70d0a2f6004ba8c"
vary
Accept-Encoding
x-goog-hash
crc32c=/c9QSQ==, md5=zdspuh++dT+nDQovYAS6jA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1624445276759644
access-control-expose-headers
Content-Type
cache-control
no-transform, max-age=300
x-goog-stored-content-length
90379
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 02 Jul 2021 16:08:47 GMT
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.refinery29.com&rs=www.refinery29.com&sid=28523&t=1625241827&cip=82.102.19.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=320&he=181&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=4&aafaid=&proto=https&uid=1625241827876-980440603252-006976-004-007468&cha=0.05&stagid=&stplid=&cb=35508022667&cd6=100&cd7=main&cd1=4.66.0&cd4=6ae96952-34a8-4d89-a3b3-93ee4ab00d7b&cd5=default&d9=1000&AV_WIDTH=320&AV_HEIGHT=181&nid=56ea678d181f46c76f8b45fb&ncid=5e6baa664ac213650365e3f9&e=request&cb=1625241827968&asid=5fcde7149ee69a0eff338914%2C6033b5166ce17d3480761314%2C5ee3d57071193a26344a4076%2C603dfaa0b211d83d29732b44%2C5ddfcaee28a06109914a6e5c%2C5fbe5d4370a94c4b696b7ccc%2C6061efdbb7a06416cc5b4805%2C5e1b272e28a06142643c20cd%2C5fc8b1c9ba2b560f616098b8%2C5fbe5add3443ef680f0480d7%2C5fa2711a54dbb238c9289f7d&ofpr=4%2C2%2C%2C3%2C2%2C2.8%2C2%2C2.5%2C2%2C%2C2&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
translator
hbopenbid.pubmatic.com/
0
118 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.refinery29.com
date
Fri, 02 Jul 2021 16:03:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/227469/0/
0
174 B
XHR
General
Full URL
https://tag.1rx.io/rmp/227469/0/mvo?z=1r&hbv=4.42.1,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.refinery29.com
pragma
no-cache
date
Fri, 02 Jul 2021 16:03:48 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
avjp
playbuzzltd-d.openx.net/v/1.0/
106 B
479 B
XHR
General
Full URL
https://playbuzzltd-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e6f43793-5d7f-4424-822d-a8fe9f980734&nocache=1625241828012&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0012000001GwdDpAAJ%2C1%2C3fff269220f71b8309ee8bbcd878fd3c_172315322%2CRefinery%2029%2Crefinery29.com&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A320%2C%22h%22%3A181%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=544001351&vwd=320&vht=181&aumfs=2000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:48 GMT
via
1.1 google
server
OXGW/16.210.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.refinery29.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
62 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.refinery29.com
date
Fri, 02 Jul 2021 16:03:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
305916
search.spotxchange.com/openrtb/2.3/dados/
0
1 KB
XHR
General
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/305916?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 02 Jul 2021 16:03:48 GMT
X-SpotX-Timing-Transform
0.000612
X-SpotX-Timing-SpotMarket
0.009927
X-SpotX-Timing-Page-Mux
0.001152
X-SpotX-Timing-Page-Require
0.000609
X-fe
005
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000039
X-SpotX-Timing-Page
0.017427
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000619
Last-Modified
Fri, 02 Jul 2021 16:03:48 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.009927
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.refinery29.com
X-SpotX-Timing-Page-Misc
0.004449
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000019
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mvo
tag.1rx.io/rmp/216551/0/
0
174 B
XHR
General
Full URL
https://tag.1rx.io/rmp/216551/0/mvo?z=1r&hbv=4.42.1,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.refinery29.com
pragma
no-cache
date
Fri, 02 Jul 2021 16:03:48 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cygnus
htlb.casalemedia.com/
25 B
373 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=373648&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2213c003eccd386bb%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.42.1%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22sid%22%3A%220012000001GwdDpAAJ%22%2C%22rid%22%3A%223fff269220f71b8309ee8bbcd878fd3c_172315322%22%2C%22domain%22%3A%22refinery29.com%22%2C%22hp%22%3A1%2C%22name%22%3A%22Refinery%2029%22%2C%22asi%22%3A%22playbuzz.com%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214e0d9cf5152103%22%2C%22ext%22%3A%7B%22siteID%22%3A%22373648%22%2C%22sid%22%3A%22320x181%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A320%2C%22h%22%3A181%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8357f3409662c3ba2feb772eff501704fd22b462e3df397759dd4b4e22be8671

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:48 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.100], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.refinery29.com
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
28
expires
Fri, 02 Jul 2021 16:03:48 GMT
309622
search.spotxchange.com/openrtb/2.3/dados/
0
1 KB
XHR
General
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/309622?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 02 Jul 2021 16:03:48 GMT
X-SpotX-Timing-Transform
0.000321
X-SpotX-Timing-SpotMarket
0.007195
X-SpotX-Timing-Page-Mux
0.001047
X-SpotX-Timing-Page-Require
0.000364
X-fe
066
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000035
X-SpotX-Timing-Page
0.012041
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000319
Last-Modified
Fri, 02 Jul 2021 16:03:48 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.007195
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.refinery29.com
X-SpotX-Timing-Page-Misc
0.002738
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000022
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mvo
tag.1rx.io/rmp/203144/0/
0
174 B
XHR
General
Full URL
https://tag.1rx.io/rmp/203144/0/mvo?z=1r&hbv=4.42.1,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.refinery29.com
pragma
no-cache
date
Fri, 02 Jul 2021 16:03:48 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/
226 KB
227 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
6fbbbb4a940df270c3add2c7e1e4f35c5a0065bf6031858c9160a0ff8fd32e8c

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=241016-472631

Response headers

Date
Fri, 02 Jul 2021 16:03:48 GMT
Content-Range
bytes 241016-472631/1123676
Connection
keep-alive
Content-Length
231616
X-Served-By
cache-wdc5539-WDC
Last-Modified
Fri, 02 Jul 2021 15:29:29 GMT
Server
cloudinary
X-Timer
S1625239778.768889,VS0,VE0
ETag
"59fe4a7de90795ef4ed559b9ea48d031"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31555545
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/ Frame
0
0
Preflight
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
Protocol
HTTP/1.1
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.refinery29.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Fri, 02 Jul 2021 16:03:48 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
usermatchredir
ssum-sec.casalemedia.com/ Frame 03EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YN845Dy1BloOg1PpevnFxgAABLUAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YN845Dy1BloOg1PpevnFxgAABLUAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDra46gBg6UbwmJrOSoZOD4&google_cver=1
43 B
315 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDra46gBg6UbwmJrOSoZOD4&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241827876-980440603252-006976-004-007468%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 02 Jul 2021 16:03:48 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDra46gBg6UbwmJrOSoZOD4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 03EF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN845Dy1BloOg1PpevnFxgAABLUAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN845Dy1BloOg1PpevnFxgAABLUAAAAB&dcc=t
43 B
433 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN845Dy1BloOg1PpevnFxgAABLUAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241827876-980440603252-006976-004-007468%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:48 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:48 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN845Dy1BloOg1PpevnFxgAABLUAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 03EF
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YN845Dy1BloOg1PpevnFxgAA&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241827876-980440603252-006976-004-007468%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 03EF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YN845Dy1BloOg1PpevnFxgAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YN845Dy1BloOg1PpevnFxgAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOHWL8EbT8n-VYY7-jqafxs&google_cver=1&gdpr=1
43 B
1000 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOHWL8EbT8n-VYY7-jqafxs&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241827876-980440603252-006976-004-007468%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 02 Jul 2021 16:03:48 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOHWL8EbT8n-VYY7-jqafxs&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=23728&dpuuid=YN845Dy1BloOg1PpevnFxgAA%261205
dpm.demdex.net/ Frame 03EF
0
0
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YN845Dy1BloOg1PpevnFxgAA%261205?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241827876-980440603252-006976-004-007468%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.147.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

crum
dsum-sec.casalemedia.com/ Frame 03EF
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
973 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241827876-980440603252-006976-004-007468%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 02 Jul 2021 16:03:48 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Fri, 02 Jul 2021 16:03:48 GMT
server
nginx/1.20.0
content-length
76
ix
ad4m.at/ad/sim/ Frame 03EF
0
0
Image
General
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241827876-980440603252-006976-004-007468%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

bridge
cm.adgrx.com/ Frame 03EF
43 B
408 B
Image
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241827876-980440603252-006976-004-007468%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
ams-mon-1.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:49 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-2
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 03EF
0
233 B
Image
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1625241827876-980440603252-006976-004-007468&biddername=42&key=YN845Dy1BloOg1PpevnFxgAA%261205
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241827876-980440603252-006976-004-007468%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:48 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame 1225
31 KB
9 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7b2fc98d710e1338b207958e7ae3555c4e9bcf287d162ce4192bdb72fb802bd8

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 16:03:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Jun 2021 16:13:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31806
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9274
Expires
Sat, 03 Jul 2021 00:53:54 GMT
landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/ Frame
0
0
Preflight
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
Protocol
HTTP/1.1
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.refinery29.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Fri, 02 Jul 2021 16:03:48 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/
138 KB
139 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
9cba4d9bade84259b9cc61590128fd0c560c9ac70d804fe25b8a807eae405cbc

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=472632-614195

Response headers

Date
Fri, 02 Jul 2021 16:03:48 GMT
Content-Range
bytes 472632-614195/1123676
Connection
keep-alive
Content-Length
141564
X-Served-By
cache-wdc5539-WDC
Last-Modified
Fri, 02 Jul 2021 15:29:29 GMT
Server
cloudinary
X-Timer
S1625239778.768889,VS0,VE0
ETag
"59fe4a7de90795ef4ed559b9ea48d031"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31555545
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
khaos.jpg
token.rubiconproject.com/ Frame 1225
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?us_privacy=1---
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/jpg
landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/
68 KB
69 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
affb464f93a3bb105a3a4bf11a2e07a415d0fa82b88c5b95c26a1201b27ec300

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=614196-684131

Response headers

Date
Fri, 02 Jul 2021 16:03:48 GMT
Content-Range
bytes 614196-684131/1123676
Connection
keep-alive
Content-Length
69936
X-Served-By
cache-wdc5539-WDC
Last-Modified
Fri, 02 Jul 2021 15:29:29 GMT
Server
cloudinary
X-Timer
S1625239778.768889,VS0,VE0
ETag
"59fe4a7de90795ef4ed559b9ea48d031"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31555545
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/ Frame
0
0
Preflight
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
Protocol
HTTP/1.1
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.refinery29.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Fri, 02 Jul 2021 16:03:48 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/
148 KB
149 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
7e01a23e178bc8f11198ebde7cd63f13129ad28eb751cfb86f51fe8f1986320f

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=684132-835847

Response headers

Date
Fri, 02 Jul 2021 16:03:48 GMT
Content-Range
bytes 684132-835847/1123676
Connection
keep-alive
Content-Length
151716
X-Served-By
cache-wdc5539-WDC
Last-Modified
Fri, 02 Jul 2021 15:29:29 GMT
Server
cloudinary
X-Timer
S1625239778.768889,VS0,VE0
ETag
"59fe4a7de90795ef4ed559b9ea48d031"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31555545
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/ Frame
0
0
Preflight
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
Protocol
HTTP/1.1
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.refinery29.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Fri, 02 Jul 2021 16:03:48 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
PugMaster
image6.pubmatic.com/AdServer/ Frame 8D40
0
42 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=80325230&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241827876-980440603252-006976-004-007468%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:48 GMT
content-length
0
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.refinery29.com&rs=www.refinery29.com&sid=28523&t=1625241827&cip=82.102.19.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=320&he=181&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=4&aafaid=&proto=https&uid=1625241827876-980440603252-006976-004-007468&cha=0.05&stagid=&stplid=&cb=35508022667&cd6=100&cd7=main&cd1=4.66.0&cd4=6ae96952-34a8-4d89-a3b3-93ee4ab00d7b&cd5=default&d9=1000&AV_WIDTH=320&AV_HEIGHT=181&nid=56ea678d181f46c76f8b45fb&ncid=5e6baa664ac213650365e3f9&e=bid&cb=1625241828370&asid=5ee3d57071193a26344a4076&ofpr=&fpo=
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 88CD
339 KB
117 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a50a48990ea984747f071ddf811d218f9444896dd5e9fbaf76feea41ceeadda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118860
x-xss-protection
0
expires
Fri, 02 Jul 2021 16:03:48 GMT
bridge3.470.1_en.html
imasdk.googleapis.com/js/core/ Frame E72C
576 KB
189 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5729c30306a6c06f52259ec28fcecf999e87e53d7560a2ad7c67292af888016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.470.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refinery29.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
193313
date
Tue, 29 Jun 2021 16:15:51 GMT
expires
Wed, 29 Jun 2022 16:15:51 GMT
last-modified
Tue, 29 Jun 2021 16:12:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
258477
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 88CD
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Fri, 02 Jul 2021 16:03:48 GMT
integrator.js
adservice.google.com/adsid/ Frame 88CD
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.refinery29.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 02 Jul 2021 16:03:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame AAB4
36 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 15:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 02 Jul 2021 16:09:58 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame E72C
156 B
523 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2311376535186940&sdkv=h.3.470.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=3272231947&sdk_apis=2%2C8&sid=6C071D6D-25D9-4DD2-86FD-010EF57558A5&eid=44736293&url=https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon&dt=1625241828589&cookie_enabled=1&scor=839825034310909&ged=ve4_td1_tt0_pd1_la1000_er167.1030.321.1330_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
u.openx.net/w/1.0/ Frame 0114
668 B
752 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd?us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
7b87fae8b003dab4883f88e460c89fba25a13d656590af43aa77ae49ab2fb301

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd?us_privacy=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refinery29.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=36695aa7-aa0c-050b-0039-cb7a4e33be5b|1625241828
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=36695aa7-aa0c-050b-0039-cb7a4e33be5b|1625241828; Version=1; Expires=Sat, 02-Jul-2022 16:03:48 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1625241828|gekin0vNiygu; Version=1; Expires=Sat, 17-Jul-2021 16:03:48 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.210.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 02 Jul 2021 16:03:48 GMT
content-type
text/html
content-length
418
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame 35A9
2 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.refinery29.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 02 Jul 2021 16:03:48 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame A0F7
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refinery29.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=67810
expires
Sat, 03 Jul 2021 10:53:58 GMT
date
Fri, 02 Jul 2021 16:03:48 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame B8B9
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refinery29.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=67810
expires
Sat, 03 Jul 2021 10:53:58 GMT
date
Fri, 02 Jul 2021 16:03:48 GMT
vary
Accept-Encoding
sd
eu-u.openx.net/w/1.0/ Frame 0114
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=90f160df-38e4-4800-8383-96241e455d63
43 B
106 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=90f160df-38e4-4800-8383-96241e455d63
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:48 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 02 Jul 2021 16:03:12 GMT
Server
MT3 3799 851f7e8 master cdg-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=90f160df-38e4-4800-8383-96241e455d63
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 02 Jul 2021 16:03:11 GMT
sd
us-u.openx.net/w/1.0/ Frame 0114
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=y2gYr85gGf3QPU3-mWpRqpxsS_DQbxirnm7QuAyo
43 B
122 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=y2gYr85gGf3QPU3-mWpRqpxsS_DQbxirnm7QuAyo
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:48 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=y2gYr85gGf3QPU3-mWpRqpxsS_DQbxirnm7QuAyo
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 0114
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=998037746419238237
43 B
106 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=998037746419238237
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:49 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:49 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=998037746419238237
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 0114
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=e5c565fe-038b-3afc-5aef-03922a148da6&gdpr=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 0114
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzlhYWI2MzQtY2FmYy02NDU4LTRmMGYtNTkyYmUwZjY0M2M2
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzlhYWI2MzQtY2FmYy02NDU4LTRmMGYtNTkyYmUwZjY0M2M2&google_tc=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzlhYWI2MzQtY2FmYy02NDU4LTRmMGYtNTkyYmUwZjY0M2M2&google_tc=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzlhYWI2MzQtY2FmYy02NDU4LTRmMGYtNTkyYmUwZjY0M2M2&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0114
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGv4zhGALJutlmyZx-zAbt4&google_cver=1
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGv4zhGALJutlmyZx-zAbt4&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:49 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGv4zhGALJutlmyZx-zAbt4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 6449
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
52aadf7af134fd4eaa2463dbc847706115c7d75e86f19484ba4f4fe1d75286a7

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YN845Dy1BloOg1PpevnF9wAA; CMPS=1111
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|241|230|45|64|3|191|152
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1762
Expires
Fri, 02 Jul 2021 16:03:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:48 GMT
Connection
keep-alive
Set-Cookie
CMID=YN845Dy1BloOg1PpevnF9wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Jul 2022 16:03:48 GMT CMPS=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Sep 2021 16:03:48 GMT CMPRO=1133;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Sep 2021 16:03:48 GMT CMRUM3=e660df38e42760&f160df38e405a0&2760df38e40b40&2d60df38e405a0&4060df38e405a0&bf60df38e405a0&0360df38e405a0&9860df38e405a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Jul 2022 16:03:48 GMT CMST=YN845GDfOOQA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 03 Jul 2021 16:03:48 GMT

Redirect headers

Server
Apache
Content-Length
341
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 02 Jul 2021 16:03:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:48 GMT
Connection
keep-alive
Set-Cookie
CMID=YN845Dy1BloOg1PpevnF9wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Jul 2022 16:03:48 GMT CMPS=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Sep 2021 16:03:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.refinery29.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 10:48:51 GMT
x-content-type-options
nosniff
age
191697
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 10:48:51 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame A0F7
5 KB
6 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=74612690&p=158901&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1c41479fb36480ef6fa1bf9a6d80e8736185f251667925d0bdb0f79a1cbfa672

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:48 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
casale
match.adsrvr.org/track/cmf/ Frame 6449
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YN845Dy1BloOg1PpevnF9wAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 6449
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN845Dy1BloOg1PpevnF9wAABG0AAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN845Dy1BloOg1PpevnF9wAABG0AAAIB&dcc=t
43 B
433 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN845Dy1BloOg1PpevnF9wAABG0AAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:50 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:49 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN845Dy1BloOg1PpevnF9wAABG0AAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 6449
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YN845Dy1BloOg1PpevnF9wAABG0AAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKoowimJC7vGL9nmjkWM84k&google_cver=1
43 B
315 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKoowimJC7vGL9nmjkWM84k&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 02 Jul 2021 16:03:49 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKoowimJC7vGL9nmjkWM84k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6449
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YN845Dy1BloOg1PpevnF9wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJvQCWyIMmt4X_ZE1cXFRr4&google_cver=1&gdpr=1
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJvQCWyIMmt4X_ZE1cXFRr4&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 02 Jul 2021 16:03:49 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJvQCWyIMmt4X_ZE1cXFRr4&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6449
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1627833829
43 B
1019 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1627833829
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 02 Jul 2021 16:03:49 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:48 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1627833829
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame 6449
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=90f160df-38e4-4800-8383-96241e455d63&gdpr=1&gdpr_consent=
43 B
1009 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=90f160df-38e4-4800-8383-96241e455d63&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 02 Jul 2021 16:03:49 GMT

Redirect headers

Date
Fri, 02 Jul 2021 16:03:12 GMT
Server
MT3 3799 851f7e8 master cdg-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=90f160df-38e4-4800-8383-96241e455d63&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 02 Jul 2021 16:03:11 GMT
index
dmp.brand-display.com/cm/api/ Frame 6449
43 B
253 B
Image
General
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
233.40.241.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:52 GMT
via
1.1 google
last-modified
Fri, 02 Jul 2021 16:03:51 GMT
server
nginx/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Fri, 02 Jul 2021 16:03:52 GMT
crum
dsum-sec.casalemedia.com/ Frame 6449
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=c208d805-7134-479b-b72c-4f52cb6d4eae
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=c208d805-7134-479b-b72c-4f52cb6d4eae
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 02 Jul 2021 16:03:49 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:49 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=c208d805-7134-479b-b72c-4f52cb6d4eae
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 6449
43 B
425 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YN845Dy1BloOg1PpevnF9wAA%261133
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 16:03:49 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2316
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 02 Jul 2021 16:42:25 GMT
match
c1.adform.net/serving/cookie/ Frame B71A
35 B
468 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 02 Jul 2021 16:03:49 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=8136454396479786543; expires=Tue, 31 Aug 2021 16:03:49 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 461D
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4090915419576464172
42 B
210 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4090915419576464172
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4090915419576464172
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F; chkChromeAb67Sec=1; DPSync3=1626393600%3A219_201_197%7C1625270400%3A174; SyncRTB3=1626393600%3A99_220_189_71_166_81_230_13_56_21_3_176_204_7_22_234_55_88_161_8_165_222_54%7C1627776000%3A203%7C1626048000%3A63%7C1625788800%3A2_15_67_223%7C1626480000%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 02 Jul 2021 16:03:49 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-4090915419576464172; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 01-Aug-2021 16:03:49 GMT; path=/ PugT=1625241829; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 01-Aug-2021 16:03:49 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 16:03:49 GMT; path=/
x-lat
lhrpug003:0:413
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4090915419576464172
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 0080
43 B
338 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Fri, 02 Jul 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1607
date
Fri, 02 Jul 2021 16:03:48 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 35C3
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6980360503650482321
42 B
520 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6980360503650482321
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6980360503650482321
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F; chkChromeAb67Sec=1; DPSync3=1626393600%3A219_201_197%7C1625270400%3A174; SyncRTB3=1626393600%3A99_220_189_71_166_81_230_13_56_21_3_176_204_7_22_234_55_88_161_8_165_222_54%7C1627776000%3A203%7C1626048000%3A63%7C1625788800%3A2_15_67_223%7C1626480000%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 02 Jul 2021 16:03:50 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6980360503650482321; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 01-Aug-2021 16:03:50 GMT; path=/ PugT=1625241830; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 01-Aug-2021 16:03:50 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 16:03:50 GMT; path=/
x-lat
lhrpug013:0:413
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Fri, 02 Jul 2021 16:03:49 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6980360503650482321; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6980360503650482321
adx
match.prod.bidr.io/cookie-sync/ Frame 39FF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCRkprN0J2bklBQURZZU54SXJQQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B
Document
General
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.13.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bito=AABFJk7BvnIAADYeNxIrPA; bitoIsSecure=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Fri, 02 Jul 2021 16:03:50 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Fri, 02 Jul 2021 16:03:49 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Pug
simage2.pubmatic.com/AdServer/ Frame 5089
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
89 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F; chkChromeAb67Sec=1; DPSync3=1626393600%3A219_201_197%7C1625270400%3A174; SyncRTB3=1626393600%3A99_220_189_71_166_81_230_13_56_21_3_176_204_7_22_234_55_88_161_8_165_222_54%7C1627776000%3A203%7C1626048000%3A63%7C1625788800%3A2_15_67_223%7C1626480000%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 02 Jul 2021 16:03:50 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug019:2:1130
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=47e599c0-c78d-4676-b153-f2db348aa9cc; path=/; domain=csync.loopme.me; Expires=Mon, 02-Aug-2021 16:03:49 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Fri, 02 Jul 2021 16:03:49 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame E5AF
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8275686364
  • https://sync.1rx.io/usersync/tradedesk/59f9e458-333f-4515-97d2-b47fd0fdc293
  • https://sync.targeting.unrulymedia.com/csync/RX-948ba217-f4ad-4c93-bf1a-225c1e5e8709-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-948ba217-f4ad-4c93-bf1a-225c1e5e8709-003
42 B
269 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-948ba217-f4ad-4c93-bf1a-225c1e5e8709-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-948ba217-f4ad-4c93-bf1a-225c1e5e8709-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F; chkChromeAb67Sec=1; DPSync3=1626393600%3A219_201_197%7C1625270400%3A174; SyncRTB3=1626393600%3A99_220_189_71_166_81_230_13_56_21_3_176_204_7_22_234_55_88_161_8_165_222_54%7C1627776000%3A203%7C1626048000%3A63%7C1625788800%3A2_15_67_223%7C1626480000%3A35; KRTBCOOKIE_80=22987-CAESEOmnp8f3cZjEZrwz0H6pzI0&KRTB&16514-CAESEOmnp8f3cZjEZrwz0H6pzI0&KRTB&23025-CAESEOmnp8f3cZjEZrwz0H6pzI0; PugT=1625241829; PUBMDCID=3; KRTBCOOKIE_153=19420-WMN0qF3LdfpDliH5CsE9rQ_HJ_dDxHSsDcXJfGRv&KRTB&22979-WMN0qF3LdfpDliH5CsE9rQ_HJ_dDxHSsDcXJfGRv; KRTBCOOKIE_336=5844-4090915419576464172; KRTBCOOKIE_409=22966-3rkDABSoVkUpFaNi2mnUXEzD
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 02 Jul 2021 16:03:50 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-948ba217-f4ad-4c93-bf1a-225c1e5e8709-003&KRTB&17107-RX-948ba217-f4ad-4c93-bf1a-225c1e5e8709-003; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 16:03:50 GMT; path=/ PugT=1625241830; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 01-Aug-2021 16:03:50 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 16:03:50 GMT; path=/
x-lat
lhrpug014:0:401
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Fri, 02 Jul 2021 16:03:49 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-948ba217-f4ad-4c93-bf1a-225c1e5e8709-003%22%7D; path=/; expires=Sat, 02 Jul 2022 16:03:49 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-948ba217-f4ad-4c93-bf1a-225c1e5e8709-003
etag
RX948ba217f4ad4c93bf1a225c1e5e8709003
dpe
ad4m.at/ad/ Frame D03E
42 B
190 B
Document
General
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 02 Jul 2021 16:03:49 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
66891b375e45d6f1-FRA
Pug
image2.pubmatic.com/AdServer/ Frame 9FCD
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3rkDABSoVkUpFaNi2mnUXEzD
42 B
216 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3rkDABSoVkUpFaNi2mnUXEzD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3rkDABSoVkUpFaNi2mnUXEzD
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F; chkChromeAb67Sec=1; DPSync3=1626393600%3A219_201_197%7C1625270400%3A174; SyncRTB3=1626393600%3A99_220_189_71_166_81_230_13_56_21_3_176_204_7_22_234_55_88_161_8_165_222_54%7C1627776000%3A203%7C1626048000%3A63%7C1625788800%3A2_15_67_223%7C1626480000%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 02 Jul 2021 16:03:49 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-3rkDABSoVkUpFaNi2mnUXEzD; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 01-Aug-2021 16:03:49 GMT; path=/ PugT=1625241829; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 01-Aug-2021 16:03:49 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 16:03:49 GMT; path=/
x-lat
lhrpug009:0:506
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Fri, 02 Jul 2021 16:03:49 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=3rkDABSoVkUpFaNi2mnUXEzD; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3rkDABSoVkUpFaNi2mnUXEzD
strict-transport-security
max-age=0; includeSubDomains;
bridge
cm.adgrx.com/ Frame CB72
43 B
408 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
ams-mon-1.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Fri, 02 Jul 2021 16:03:49 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-2
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame 91BD
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
411 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=a1noeUMwTkU6XlyrsmZaao0REqCMdawZbVPqbs2o42
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 02 Jul 2021 16:03:49 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aNnseFyg6AarA7u8QGkNn3AbZa7H13sFugsOUy0hUo3ZbnQF1HYPLGCKtM0i84AopAw2yRQn5l4V4BECucbRAS; path=/; domain=.tribalfusion.com; expires=Thu, 30-Sep-2021 16:03:49 GMT; SameSite=None; Secure; ANON_ID_old=aNnseFyg6AarA7u8QGkNn3AbZa7H13sFugsOUy0hUo3ZbnQF1HYPLGCKtM0i84AopAw2yRQn5l4V4BECucbRAS; path=/; domain=.tribalfusion.com; expires=Thu, 30-Sep-2021 16:03:49 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
66891b389e3adfe3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Fri, 02 Jul 2021 16:03:49 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
539
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=a1noeUMwTkU6XlyrsmZaao0REqCMdawZbVPqbs2o42; path=/; domain=.tribalfusion.com; expires=Thu, 30-Sep-2021 16:03:49 GMT; SameSite=None; Secure; ANON_ID_old=a1noeUMwTkU6XlyrsmZaao0REqCMdawZbVPqbs2o42; path=/; domain=.tribalfusion.com; expires=Thu, 30-Sep-2021 16:03:49 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
66891b378c1cdfe3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 5983
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=QOiE8iHiK62e&pid=557219
1 B
68 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=QOiE8iHiK62e&pid=557219
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=QOiE8iHiK62e&pid=557219
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F; chkChromeAb67Sec=1; DPSync3=1626393600%3A219_201_197%7C1625270400%3A174; SyncRTB3=1626393600%3A99_220_189_71_166_81_230_13_56_21_3_176_204_7_22_234_55_88_161_8_165_222_54%7C1627776000%3A203%7C1626048000%3A63%7C1625788800%3A2_15_67_223%7C1626480000%3A35; KRTBCOOKIE_80=22987-CAESEOmnp8f3cZjEZrwz0H6pzI0&KRTB&16514-CAESEOmnp8f3cZjEZrwz0H6pzI0&KRTB&23025-CAESEOmnp8f3cZjEZrwz0H6pzI0; PUBMDCID=3; KRTBCOOKIE_153=19420-WMN0qF3LdfpDliH5CsE9rQ_HJ_dDxHSsDcXJfGRv&KRTB&22979-WMN0qF3LdfpDliH5CsE9rQ_HJ_dDxHSsDcXJfGRv; KRTBCOOKIE_336=5844-4090915419576464172; KRTBCOOKIE_409=22966-3rkDABSoVkUpFaNi2mnUXEzD; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1101=23040-6980360503650482321; PugT=1625241830; KRTBCOOKIE_377=6810-59f9e458-333f-4515-97d2-b47fd0fdc293&KRTB&22918-59f9e458-333f-4515-97d2-b47fd0fdc293&KRTB&23031-59f9e458-333f-4515-97d2-b47fd0fdc293; KRTBCOOKIE_594=17105-RX-948ba217-f4ad-4c93-bf1a-225c1e5e8709-003&KRTB&17107-RX-948ba217-f4ad-4c93-bf1a-225c1e5e8709-003; KRTBCOOKIE_22=14911-4573237674140556129; KRTBCOOKIE_27=16735-uid:90f160df-38e4-4800-8383-96241e455d63&KRTB&16736-uid:90f160df-38e4-4800-8383-96241e455d63&KRTB&23019-uid:90f160df-38e4-4800-8383-96241e455d63&KRTB&23114-uid:90f160df-38e4-4800-8383-96241e455d63; KRTBCOOKIE_391=22924-1354727252458488337&KRTB&23263-1354727252458488337; SPugT=1625241830; KRTBCOOKIE_218=22978-YN845gACLYuSTQBg&KRTB&23194-YN845gACLYuSTQBg&KRTB&23209-YN845gACLYuSTQBg&KRTB&23244-YN845gACLYuSTQBg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 02 Jul 2021 16:03:50 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 16:03:50 GMT; path=/
x-lat
lhrpug020:0:497
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-8474b759f8-zh5xz
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=QOiE8iHiK62e&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=80041b0724a88deb; path=/; HttpOnly; Secure; SameSite=None
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 1007
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8eee6314-8b97-4315-a65a-4044c0daa0bf-tuct7d8be65&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B
Document
General
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8eee6314-8b97-4315-a65a-4044c0daa0bf-tuct7d8be65&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8eee6314-8b97-4315-a65a-4044c0daa0bf-tuct7d8be65&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=8eee6314-8b97-4315-a65a-4044c0daa0bf-tuct7d8be65
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Fri, 02 Jul 2021 16:03:50 GMT
via
1.1 varnish
x-served-by
cache-hhn11530-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1625241830.127705,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=8eee6314-8b97-4315-a65a-4044c0daa0bf-tuct7d8be65;Version=1;Path=/;Domain=.taboola.com;Expires=Sat, 02-Jul-2022 16:03:49 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8eee6314-8b97-4315-a65a-4044c0daa0bf-tuct7d8be65&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Fri, 02 Jul 2021 16:03:49 GMT
via
1.1 varnish
x-served-by
cache-fra19141-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1625241829.042886,VS0,VE9
x-vcl-time-ms
9
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A0F7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=q2gborRHSt6fs-68WerGjw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:49 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=68859
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Sat, 03 Jul 2021 11:11:28 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame A0F7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=90f160df-38e4-4800-8383-96241e455d63
0
128 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=90f160df-38e4-4800-8383-96241e455d63
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 02 Jul 2021 16:03:12 GMT
Server
MT3 3799 851f7e8 master cdg-pixel-x2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=90f160df-38e4-4800-8383-96241e455d63
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 02 Jul 2021 16:03:11 GMT
/
pixel.onaudience.com/ Frame A0F7
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=59f9e458-333f-4515-97d2-b47fd0fdc293&icm
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=bd475aa0910d396dd29e00bfafab09a2
35 B
247 B
Image
General
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=bd475aa0910d396dd29e00bfafab09a2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.38.38.194 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3194796.ip-54-38-38.eu
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Fri, 02 Jul 2021 16:03:49 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=bd475aa0910d396dd29e00bfafab09a2
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame A0F7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUI2ODFCQTItQjQ0Ny00QURFLTlGQjMtRUVCQzU5RUFDNjhG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:49 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:452
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A0F7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOmnp8f3cZjEZrwz0H6pzI0&google_cver=1
42 B
592 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOmnp8f3cZjEZrwz0H6pzI0&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:49 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:395
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOmnp8f3cZjEZrwz0H6pzI0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame A0F7
43 B
611 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:50 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 01 Jul 2021 16:03:50 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A0F7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1354727252458488337
42 B
234 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1354727252458488337
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:629
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:49 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1354727252458488337
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame A0F7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:90f160df-38e4-4800-8383-96241e455d63&gdpr=0&gdpr_consent=
42 B
343 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:90f160df-38e4-4800-8383-96241e455d63&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:565
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 02 Jul 2021 16:03:12 GMT
Server
MT3 3799 851f7e8 master cdg-pixel-x30
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:90f160df-38e4-4800-8383-96241e455d63&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 02 Jul 2021 16:03:11 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A0F7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=59f9e458-333f-4515-97d2-b47fd0fdc293
42 B
295 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=59f9e458-333f-4515-97d2-b47fd0fdc293
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:404
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:49 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=59f9e458-333f-4515-97d2-b47fd0fdc293
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame A0F7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2490000750454604952&gdpr=0&gdpr_consent=
42 B
365 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2490000750454604952&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:423
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:50 GMT
X-Proxy-Origin
82.102.19.100; 82.102.19.100; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1f868686-32dd-4256-a2c4-710370361423
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2490000750454604952&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A0F7
43 B
840 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:49 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame A0F7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-A.2dPFpE2uXV_tNAMxvLvJfhZb3GD7g-~A&gdpr=0&gdpr_consent=
0
260 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-A.2dPFpE2uXV_tNAMxvLvJfhZb3GD7g-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 12:48:12 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 02 Jul 2021 16:03:49 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-A.2dPFpE2uXV_tNAMxvLvJfhZb3GD7g-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame A0F7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YN845gACLYuSTQBg&gdpr=0&gdpr_consent=&_test=YN845gACLYuSTQBg
1 B
237 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YN845gACLYuSTQBg&gdpr=0&gdpr_consent=&_test=YN845gACLYuSTQBg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:526
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:50 GMT
via
1.1 varnish
server
Varnish
x-timer
S1625241830.217476,VS0,VE0
x-served-by
cache-fra19146-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YN845gACLYuSTQBg&gdpr=0&gdpr_consent=&_test=YN845gACLYuSTQBg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame A0F7
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=WMN0qF3LdfpDliH5CsE9rQ_HJ_dDxHSsDcXJfGRv
42 B
272 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=WMN0qF3LdfpDliH5CsE9rQ_HJ_dDxHSsDcXJfGRv
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:49 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:502
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:49 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=WMN0qF3LdfpDliH5CsE9rQ_HJ_dDxHSsDcXJfGRv
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A0F7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=p...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=609b6d99-0e04-46af-8309-54e882fc4e08&gdpr=&gdpr_consent=&gdpr_pd=
1 B
338 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=609b6d99-0e04-46af-8309-54e882fc4e08&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:469
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=609b6d99-0e04-46af-8309-54e882fc4e08&gdpr=&gdpr_consent=&gdpr_pd=
date
Fri, 02 Jul 2021 16:03:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame A0F7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4573237674140556129&gdpr=0&gdpr_consent=&us_privacy=
1 B
186 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4573237674140556129&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:508
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4573237674140556129&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 02 Jul 2021 16:03:48 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame A0F7
0
104 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:49 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame A0F7
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:6efbef11-202e-49fa-ba2f-393903e7b60a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
111 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:6efbef11-202e-49fa-ba2f-393903e7b60a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:387
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:6efbef11-202e-49fa-ba2f-393903e7b60a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 02 Jul 2021 16:03:49 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame A0F7
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
203 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:49 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:541
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:48 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A0F7
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=795841772977288598
42 B
111 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=795841772977288598
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:385
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:50 GMT
X-Proxy-Origin
82.102.19.100; 82.102.19.100; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3eac8d31-6857-4d69-b321-732e49278b2d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=795841772977288598
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A0F7
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_a2b022ee-fe94-4465-8fd8-70dd676595c5
42 B
224 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_a2b022ee-fe94-4465-8fd8-70dd676595c5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:412
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_a2b022ee-fe94-4465-8fd8-70dd676595c5
date
Fri, 02 Jul 2021 16:03:50 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
events
prd-collector-anon.ex.co/main/
0
138 B
XHR
General
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/ecbe91fe-1e87-40e3-99b1-49179fd6673c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.refinery29.com
date
Fri, 02 Jul 2021 16:03:49 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
atrack.avplayer.com/
0
70 B
Image
General
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M20&cb=1625241829507&cid=5e6baa664ac213650365e3f9&VERSION=4.66.0&cou=DE&AV_PAGE_LOAD_UID=6ae96952-34a8-4d89-a3b3-93ee4ab00d7b&AV_CDIM4=6ae96952-34a8-4d89-a3b3-93ee4ab00d7b&AV_ABTEST_TEMPLATE_WIGHT=100&AV_CDIM6=100&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.237.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:49 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame A0F7
0
133 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158901&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 12:29:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame B8B9
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=87922142&p=158901&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7c7213c0a1ab0dcae398e0306e5712dddce4a8a999ac90e57b7dbe67868fefba

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:52 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/ Frame
0
0
Preflight
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
Protocol
HTTP/1.1
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.refinery29.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Fri, 02 Jul 2021 16:03:52 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/
138 KB
139 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
feea77174e6a3918d390de5fc46c19925da87adbb3398c79ecc3e434daf3e6ae

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=835848-977411

Response headers

Date
Fri, 02 Jul 2021 16:03:52 GMT
Content-Range
bytes 835848-977411/1123676
Connection
keep-alive
Content-Length
141564
X-Served-By
cache-wdc5539-WDC
Last-Modified
Fri, 02 Jul 2021 15:29:29 GMT
Server
cloudinary
X-Timer
S1625239778.768889,VS0,VE0
ETag
"59fe4a7de90795ef4ed559b9ea48d031"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31555541
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
141
match.deepintent.com/usersync/ Frame CA2C
0
44 B
Document
General
Full URL
https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Fri, 02 Jul 2021 16:03:51 GMT
server
a
check
pixel.tapad.com/idsync/ex/receive/ Frame 22EB
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
165 B
Document
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1625241832100; TapAd_DID=50ebfd1e-eec1-419f-b6c8-125c4b21ccb0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 02 Jul 2021 16:03:52 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.36.v20210114)
via
1.1 google
alt-svc
clear

Redirect headers

date
Fri, 02 Jul 2021 16:03:52 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1625241832100;Expires=Tue, 31 Aug 2021 16:03:52 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=50ebfd1e-eec1-419f-b6c8-125c4b21ccb0;Expires=Tue, 31 Aug 2021 16:03:52 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.36.v20210114)
via
1.1 google
alt-svc
clear
Pug
simage2.pubmatic.com/AdServer/ Frame E3AB
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:DIPHcvFK1LZlDW5&gdpr=0&gdpr_consent=
42 B
290 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:DIPHcvFK1LZlDW5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:DIPHcvFK1LZlDW5&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F; KRTBCOOKIE_80=22987-CAESEOmnp8f3cZjEZrwz0H6pzI0&KRTB&16514-CAESEOmnp8f3cZjEZrwz0H6pzI0&KRTB&23025-CAESEOmnp8f3cZjEZrwz0H6pzI0; PUBMDCID=3; KRTBCOOKIE_153=19420-WMN0qF3LdfpDliH5CsE9rQ_HJ_dDxHSsDcXJfGRv&KRTB&22979-WMN0qF3LdfpDliH5CsE9rQ_HJ_dDxHSsDcXJfGRv; KRTBCOOKIE_336=5844-4090915419576464172; KRTBCOOKIE_409=22966-3rkDABSoVkUpFaNi2mnUXEzD; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1101=23040-6980360503650482321; KRTBCOOKIE_377=6810-59f9e458-333f-4515-97d2-b47fd0fdc293&KRTB&22918-59f9e458-333f-4515-97d2-b47fd0fdc293&KRTB&23031-59f9e458-333f-4515-97d2-b47fd0fdc293; KRTBCOOKIE_594=17105-RX-948ba217-f4ad-4c93-bf1a-225c1e5e8709-003&KRTB&17107-RX-948ba217-f4ad-4c93-bf1a-225c1e5e8709-003; KRTBCOOKIE_22=14911-4573237674140556129; KRTBCOOKIE_27=16735-uid:90f160df-38e4-4800-8383-96241e455d63&KRTB&16736-uid:90f160df-38e4-4800-8383-96241e455d63&KRTB&23019-uid:90f160df-38e4-4800-8383-96241e455d63&KRTB&23114-uid:90f160df-38e4-4800-8383-96241e455d63; KRTBCOOKIE_391=22924-1354727252458488337&KRTB&23263-1354727252458488337; KRTBCOOKIE_218=22978-YN845gACLYuSTQBg&KRTB&23194-YN845gACLYuSTQBg&KRTB&23209-YN845gACLYuSTQBg&KRTB&23244-YN845gACLYuSTQBg; KRTBCOOKIE_1074=22956-e_a2b022ee-fe94-4465-8fd8-70dd676595c5; KRTBCOOKIE_57=22776-2490000750454604952; SPugT=1625228942; KRTBCOOKIE_466=16530-609b6d99-0e04-46af-8309-54e882fc4e08; PugT=1625241831; chkChromeAb67Sec=2; DPSync3=1626393600%3A226_227_219_201_197_221%7C1627776000%3A232%7C1625270400%3A174; SyncRTB3=1630368000%3A69%7C1627776000%3A203%7C1625788800%3A223_67_15_2%7C1626393600%3A104_99_54_165_55_161_8_220_230_21_204_5_3_234_231_78_166_81_13_56_222_233_189_7_22_88_71_176_57%7C1626048000%3A63%7C1626480000%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 02 Jul 2021 16:03:52 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:DIPHcvFK1LZlDW5; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 16:03:52 GMT; path=/ PugT=1625241832; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 01-Aug-2021 16:03:52 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 16:03:52 GMT; path=/
x-lat
lhrpug018:0:405
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Fri, 02 Jul 2021 16:03:51 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:DIPHcvFK1LZlDW5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-066a1c0b271e68364@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=DIPHcvFK1LZlDW5; Domain=.w55c.net; Expires=Tue, 02-Aug-2022 16:03:52 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sun, 01-Aug-2021 16:03:52 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 8AF7
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vuYO9089TbdDAFR-6Y7PdVJmE2Q
42 B
219 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vuYO9089TbdDAFR-6Y7PdVJmE2Q
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vuYO9089TbdDAFR-6Y7PdVJmE2Q
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F; KRTBCOOKIE_80=22987-CAESEOmnp8f3cZjEZrwz0H6pzI0&KRTB&16514-CAESEOmnp8f3cZjEZrwz0H6pzI0&KRTB&23025-CAESEOmnp8f3cZjEZrwz0H6pzI0; PUBMDCID=3; KRTBCOOKIE_153=19420-WMN0qF3LdfpDliH5CsE9rQ_HJ_dDxHSsDcXJfGRv&KRTB&22979-WMN0qF3LdfpDliH5CsE9rQ_HJ_dDxHSsDcXJfGRv; KRTBCOOKIE_336=5844-4090915419576464172; KRTBCOOKIE_409=22966-3rkDABSoVkUpFaNi2mnUXEzD; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1101=23040-6980360503650482321; KRTBCOOKIE_377=6810-59f9e458-333f-4515-97d2-b47fd0fdc293&KRTB&22918-59f9e458-333f-4515-97d2-b47fd0fdc293&KRTB&23031-59f9e458-333f-4515-97d2-b47fd0fdc293; KRTBCOOKIE_594=17105-RX-948ba217-f4ad-4c93-bf1a-225c1e5e8709-003&KRTB&17107-RX-948ba217-f4ad-4c93-bf1a-225c1e5e8709-003; KRTBCOOKIE_22=14911-4573237674140556129; KRTBCOOKIE_27=16735-uid:90f160df-38e4-4800-8383-96241e455d63&KRTB&16736-uid:90f160df-38e4-4800-8383-96241e455d63&KRTB&23019-uid:90f160df-38e4-4800-8383-96241e455d63&KRTB&23114-uid:90f160df-38e4-4800-8383-96241e455d63; KRTBCOOKIE_391=22924-1354727252458488337&KRTB&23263-1354727252458488337; KRTBCOOKIE_218=22978-YN845gACLYuSTQBg&KRTB&23194-YN845gACLYuSTQBg&KRTB&23209-YN845gACLYuSTQBg&KRTB&23244-YN845gACLYuSTQBg; KRTBCOOKIE_1074=22956-e_a2b022ee-fe94-4465-8fd8-70dd676595c5; KRTBCOOKIE_57=22776-2490000750454604952; SPugT=1625228942; KRTBCOOKIE_466=16530-609b6d99-0e04-46af-8309-54e882fc4e08; chkChromeAb67Sec=2; DPSync3=1626393600%3A226_227_219_201_197_221%7C1627776000%3A232%7C1625270400%3A174; SyncRTB3=1630368000%3A69%7C1627776000%3A203%7C1625788800%3A223_67_15_2%7C1626393600%3A104_99_54_165_55_161_8_220_230_21_204_5_3_234_231_78_166_81_13_56_222_233_189_7_22_88_71_176_57%7C1626048000%3A63%7C1626480000%3A35; KRTBCOOKIE_107=1471-uid:DIPHcvFK1LZlDW5; PugT=1625241832
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 02 Jul 2021 16:03:52 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335-vuYO9089TbdDAFR-6Y7PdVJmE2Q; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 16:03:52 GMT; path=/ PugT=1625241832; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 01-Aug-2021 16:03:52 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 16:03:52 GMT; path=/
x-lat
lhrpug002:0:480
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Fri, 02 Jul 2021 16:03:52 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vuYO9089TbdDAFR-6Y7PdVJmE2Q
Set-Cookie
sa-user-id=s%3A0-bee60ef7-4f3d-4db7-4300-547ee98ecf75.TTihNIy3Ik2IONrG2W%2Bd%2BZLD8ibDO9gdWC0gKHgjkuM; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-bee60ef7-4f3d-4db7-4300-547ee98ecf75%24ip%2482.102.19.100.JSMi3EqHwCvZTMKH0FgLdNkvFF6R%2FgTF7JfJ15ob%2B0o; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 585E
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:96EAD18F3BEA46EE8F109F218D133CA5
1 B
145 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:96EAD18F3BEA46EE8F109F218D133CA5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:96EAD18F3BEA46EE8F109F218D133CA5
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F; KRTBCOOKIE_80=22987-CAESEOmnp8f3cZjEZrwz0H6pzI0&KRTB&16514-CAESEOmnp8f3cZjEZrwz0H6pzI0&KRTB&23025-CAESEOmnp8f3cZjEZrwz0H6pzI0; PUBMDCID=3; KRTBCOOKIE_153=19420-WMN0qF3LdfpDliH5CsE9rQ_HJ_dDxHSsDcXJfGRv&KRTB&22979-WMN0qF3LdfpDliH5CsE9rQ_HJ_dDxHSsDcXJfGRv; KRTBCOOKIE_336=5844-4090915419576464172; KRTBCOOKIE_409=22966-3rkDABSoVkUpFaNi2mnUXEzD; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1101=23040-6980360503650482321; KRTBCOOKIE_377=6810-59f9e458-333f-4515-97d2-b47fd0fdc293&KRTB&22918-59f9e458-333f-4515-97d2-b47fd0fdc293&KRTB&23031-59f9e458-333f-4515-97d2-b47fd0fdc293; KRTBCOOKIE_594=17105-RX-948ba217-f4ad-4c93-bf1a-225c1e5e8709-003&KRTB&17107-RX-948ba217-f4ad-4c93-bf1a-225c1e5e8709-003; KRTBCOOKIE_22=14911-4573237674140556129; KRTBCOOKIE_27=16735-uid:90f160df-38e4-4800-8383-96241e455d63&KRTB&16736-uid:90f160df-38e4-4800-8383-96241e455d63&KRTB&23019-uid:90f160df-38e4-4800-8383-96241e455d63&KRTB&23114-uid:90f160df-38e4-4800-8383-96241e455d63; KRTBCOOKIE_391=22924-1354727252458488337&KRTB&23263-1354727252458488337; KRTBCOOKIE_218=22978-YN845gACLYuSTQBg&KRTB&23194-YN845gACLYuSTQBg&KRTB&23209-YN845gACLYuSTQBg&KRTB&23244-YN845gACLYuSTQBg; KRTBCOOKIE_1074=22956-e_a2b022ee-fe94-4465-8fd8-70dd676595c5; KRTBCOOKIE_57=22776-2490000750454604952; SPugT=1625228942; KRTBCOOKIE_466=16530-609b6d99-0e04-46af-8309-54e882fc4e08; PugT=1625241831; chkChromeAb67Sec=2; DPSync3=1626393600%3A226_227_219_201_197_221%7C1627776000%3A232%7C1625270400%3A174; SyncRTB3=1630368000%3A69%7C1627776000%3A203%7C1625788800%3A223_67_15_2%7C1626393600%3A104_99_54_165_55_161_8_220_230_21_204_5_3_234_231_78_166_81_13_56_222_233_189_7_22_88_71_176_57%7C1626048000%3A63%7C1626480000%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 02 Jul 2021 16:03:52 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 16:03:52 GMT; path=/
x-lat
lhrpug001:0:468
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Fri, 02 Jul 2021 16:03:52 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:96EAD18F3BEA46EE8F109F218D133CA5
expires
Thu, 01 Jul 2021 16:03:52 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
usersync
match.bnmla.com/ Frame 7559
0
112 B
Document
General
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.126 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 02 Jul 2021 16:03:53 GMT
Content-Length
0
Connection
keep-alive
Artemis
aud.pubmatic.com/AdServer/ Frame B8B9
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F&addseg=20
7 B
87 B
Image
General
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F&addseg=20
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:52 GMT
content-length
7
content-type
text/plain; charset=utf-8

Redirect headers

date
Fri, 02 Jul 2021 16:03:52 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F&addseg=20
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
info2
uipglob.semasio.net/pubmatic/1/ Frame B8B9
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:50 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:50 GMT
frontend-id
7
location
/pubmatic/1/info2?sType=sync&sExtCookieId=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame B8B9
95 B
455 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
66891b4a5e4e16ea-FRA
access-control-allow-headers
*
content-length
95
/
loadm.exelator.com/load/ Frame B8B9
0
2 KB
Image
General
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F&gdpr=0&gdpr_consent=&j=0
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:52 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
Pug
simage2.pubmatic.com/AdServer/ Frame B8B9
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1872ad88-db4f-11eb-ac00-09df6ac257b8&gdpr=0&gdpr_consent=
1 B
216 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1872ad88-db4f-11eb-ac00-09df6ac257b8&gdpr=0&gdpr_consent=
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:52 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:503
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1872ad88-db4f-11eb-ac00-09df6ac257b8&gdpr=0&gdpr_consent=
Date
Fri, 02 Jul 2021 16:03:51 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
1872ad89-db4f-11eb-ac00-09df6ac257b8
track
track1.aniview.com/
0
94 B
XHR
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.refinery29.com&rs=www.refinery29.com&sid=28523&t=1625241827&cip=82.102.19.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=320&he=181&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=4&aafaid=&proto=https&uid=1625241827876-980440603252-006976-004-007468&cha=0.05&stagid=&stplid=&cb=35508022667&cd6=100&cd7=main&cd1=4.66.0&cd4=6ae96952-34a8-4d89-a3b3-93ee4ab00d7b&cd5=default&d9=1000&AV_WIDTH=320&AV_HEIGHT=181
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 02 Jul 2021 16:03:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=5283/rand=809059940/pv=y/int=%23OpR%2350877%23total%20site%20traffic%20%3A%20www.refinery29.com/int=%23OpR%2350878%23www.refinery29.com%20%3A%20Site%20Section%20%3A%20en-... Frame AFA3
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5283/rand=809059940/pv=y/int=%23OpR%2350877%23total%20site%20traffic%20%3A%20www.refinery29.com/int=%23OpR%2350878%23www.refinery29.com%20%3A%20Site%20Section%20%3A%20...
  • https://bcp.crwdcntrl.net/5/ct=y/c=5283/rand=809059940/pv=y/int=%23OpR%2350877%23total%20site%20traffic%20%3A%20www.refinery29.com/int=%23OpR%2350878%23www.refinery29.com%20%3A%20Site%20Section%20%...
911 B
1 KB
Document
General
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=5283/rand=809059940/pv=y/int=%23OpR%2350877%23total%20site%20traffic%20%3A%20www.refinery29.com/int=%23OpR%2350878%23www.refinery29.com%20%3A%20Site%20Section%20%3A%20en-us/int=%23OpR%2380091%23www.refinery29.com%20%3A%20Site%20Section%20%3A%20hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon%20%3A%20en-us/rb=%7B%22post_title%22%3A%22Hello%20Kitty%20Creator%20Introduces%20Fashion-Forward%20Pup%2C%20Rebecca%20Bonbon%22%7D/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/5283/cc.js?ns=_cc5283
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
37ef45c78918f8fe2b762cb99838abc2b2f013f77991c7d717a0d342d282c946

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/5/ct=y/c=5283/rand=809059940/pv=y/int=%23OpR%2350877%23total%20site%20traffic%20%3A%20www.refinery29.com/int=%23OpR%2350878%23www.refinery29.com%20%3A%20Site%20Section%20%3A%20en-us/int=%23OpR%2380091%23www.refinery29.com%20%3A%20Site%20Section%20%3A%20hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon%20%3A%20en-us/rb=%7B%22post_title%22%3A%22Hello%20Kitty%20Creator%20Introduces%20Fashion-Forward%20Pup%2C%20Rebecca%20Bonbon%22%7D/rt=ifr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refinery29.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_cc_cc=ctst
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

date
Fri, 02 Jul 2021 16:03:53 GMT
content-type
text/html;charset=iso-8859-1
content-length
911
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
x-server
10.45.26.88
cache-control
must-revalidate,no-cache,no-store
server
Jetty(9.4.38.v20210224)

Redirect headers

date
Fri, 02 Jul 2021 16:03:53 GMT
content-length
0
location
https://bcp.crwdcntrl.net/5/ct=y/c=5283/rand=809059940/pv=y/int=%23OpR%2350877%23total%20site%20traffic%20%3A%20www.refinery29.com/int=%23OpR%2350878%23www.refinery29.com%20%3A%20Site%20Section%20%3A%20en-us/int=%23OpR%2380091%23www.refinery29.com%20%3A%20Site%20Section%20%3A%20hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon%20%3A%20en-us/rb=%7B%22post_title%22%3A%22Hello%20Kitty%20Creator%20Introduces%20Fashion-Forward%20Pup%2C%20Rebecca%20Bonbon%22%7D/rt=ifr
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.15.29
set-cookie
_cc_cc=ctst;Path=/;Domain=.crwdcntrl.net;SameSite=None;Secure
server
Jetty(9.4.38.v20210224)
outbrain.js
widgets.outbrain.com/
177 KB
59 KB
Script
General
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/vendor.ef10d385d2de89999e23.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
688966c3a481f6f6867e350d3882f4df19687902adc581a4f6caf4770d18e11c

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:53 GMT
content-encoding
gzip
last-modified
Wed, 30 Jun 2021 12:53:56 GMT
etag
W/"2c50e-lPKvdY+1cKyywMPZ+2be1Wpw9nQ"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
31df10c8ce51b8f88f4e9987c7d773bc
timing-allow-origin
*, *
content-length
60102
expires
Fri, 02 Jul 2021 20:03:53 GMT
var=ccauds
ad.crwdcntrl.net/5/c=5285/pe=y/
0
0
Script
General
Full URL
https://ad.crwdcntrl.net/5/c=5285/pe=y/var=ccauds
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/vendor.ef10d385d2de89999e23.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sp_rexLo99v
launcher.spot.im/spot/
424 KB
93 KB
Script
General
Full URL
https://launcher.spot.im/spot/sp_rexLo99v
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/scripts.b54c1eb21aab39c7b3ac.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-161-154.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
25018815690d6ad0c3f271dbd8c5454a437bde3b99b810b91a0c1c0b52784300

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:53 GMT
content-encoding
br
server
fasthttp
cache-control
max-age=600
content-type
application/javascript; charset=UTF-8
content-length
95311
expires
Fri, 02 Jul 2021 16:13:53 GMT
installations
firebaseinstallations.googleapis.com/v1/projects/ad-library/
568 B
467 B
Fetch
General
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/ad-library/installations
Requested by
Host: vice-web-statics-cdn.vice.com
URL: https://vice-web-statics-cdn.vice.com/vendor/ad-lib/v2.30.0/vice-ad-lib.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f053d9748f3b5be9a42c15a9f2c798afc22fd98cdb5bec5cb4c54d735efcc92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://www.refinery29.com/
x-goog-api-key
AIzaSyDhgzXFuWUCGHH5AE7kJE1T8BBL1l-FZNI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Fri, 02 Jul 2021 16:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.refinery29.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
444
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/ad-library/ Frame
0
0
Preflight
General
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/ad-library/installations
Protocol
H2
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-goog-api-key
Origin
https://www.refinery29.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://www.refinery29.com
vary
origin referer x-origin
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers
content-type,x-goog-api-key
access-control-max-age
3600
date
Fri, 02 Jul 2021 16:03:53 GMT
content-type
text/html
server
ESF
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 11C8
416 B
798 B
Document
General
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/put.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refinery29.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"c0311cf15c21ddda054005e92fad3f9e:1625058934.29122"
last-modified
Wed, 30 Jun 2021 12:53:14 GMT
server
AkamaiNetStorage
content-length
416
cache-control
max-age=345600
date
Fri, 02 Jul 2021 16:03:53 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1625241833~rv=12~id=981c18483cf1f2ebb37d373f63f7e001; path=/; Expires=Fri, 02 Jul 2021 16:03:53 GMT; Secure; SameSite=None
d3d3LnJlZmluZXJ5MjkuY29t
tcheck.outbrainimg.com/tcheck/check/
16 B
464 B
XHR
General
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LnJlZmluZXJ5MjkuY29t
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 16:03:53 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=36157
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
80511c43743b8c69250aad9df428315f
Content-Length
16
Expires
Sat, 03 Jul 2021 02:06:30 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/
43 B
451 B
Image
General
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=6.732108049021676
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:53 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Sun, 01 Aug 2021 16:03:53 GMT
test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 11C8
610 B
992 B
Document
General
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/test.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
thirdparty=yes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges
bytes
content-type
text/html
etag
"48053d50141031b1511dbd30f9a31288:1625058934.993134"
last-modified
Wed, 30 Jun 2021 12:53:14 GMT
server
AkamaiNetStorage
content-length
610
cache-control
max-age=345600
date
Fri, 02 Jul 2021 16:03:53 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1625241833~rv=75~id=b11a353abc622303922950d712616e5e; path=/; Expires=Fri, 02 Jul 2021 16:03:53 GMT; Secure; SameSite=None
vast2
tag.targeting.unrulymedia.com/rmp/216513/0/
168 B
382 B
XHR
General
Full URL
https://tag.targeting.unrulymedia.com/rmp/216513/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon&w=320&h=181&cbb=5241833842
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:54 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://www.refinery29.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.refinery29.com&rs=www.refinery29.com&sid=28523&t=1625241827&cip=82.102.19.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=320&he=181&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=4&aafaid=&proto=https&uid=1625241827876-980440603252-006976-004-007468&cha=0.05&stagid=&stplid=&cb=35508022667&cd6=100&cd7=main&cd1=4.66.0&cd4=6ae96952-34a8-4d89-a3b3-93ee4ab00d7b&cd5=default&d9=1000&AV_WIDTH=320&AV_HEIGHT=181&nid=56ea678d181f46c76f8b45fb&ncid=5e6baa664ac213650365e3f9&e=request&cb=1625241833843&asid=5fbe5d4370a94c4b696b7ccc%2C5e1b272e28a06142643c20cd%2C5fbe5add3443ef680f0480d7&ofpr=2.8%2C2.5%2C&fpo=%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/203144/0/
0
174 B
XHR
General
Full URL
https://tag.1rx.io/rmp/203144/0/mvo?z=1r&hbv=4.42.1,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.refinery29.com
pragma
no-cache
date
Fri, 02 Jul 2021 16:03:53 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/216551/0/
0
174 B
XHR
General
Full URL
https://tag.1rx.io/rmp/216551/0/mvo?z=1r&hbv=4.42.1,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.refinery29.com
pragma
no-cache
date
Fri, 02 Jul 2021 16:03:53 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
fireperf:fetch
firebaseremoteconfig.googleapis.com/v1/projects/ad-library/namespaces/
1 KB
451 B
Fetch
General
Full URL
https://firebaseremoteconfig.googleapis.com/v1/projects/ad-library/namespaces/fireperf:fetch?key=AIzaSyDhgzXFuWUCGHH5AE7kJE1T8BBL1l-FZNI
Requested by
Host: vice-web-statics-cdn.vice.com
URL: https://vice-web-statics-cdn.vice.com/vendor/ad-lib/v2.30.0/vice-ad-lib.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f1e60bcd1bee9cd8ecb993ec95882ce53c5ebc06c3e3925cb2531b4b396b2252
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/
Authorization
FIREBASE_INSTALLATIONS_AUTH eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6IjE6ODU0Nzk5NTg5NTAwOndlYjphNzM4YWMxOGViMDNmMDRkIiwiZXhwIjoxNjI1ODQ2NjMzLCJmaWQiOiJmbVNuMVdFQ0U2T09VcUZaX3did2lWIiwicHJvamVjdE51bWJlciI6ODU0Nzk5NTg5NTAwfQ.AB2LPV8wRAIgH-c1P0rBbtF2egZRcSSyhhcXcOAveHHYNWXLsGpxeQ0CIFncq6_R62d1fgnMc_FtRv3NykkuVEh9TAD1gNBCU0T6
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 02 Jul 2021 16:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
etag
etag-ad-library-fireperf-fetch--1465180648
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.refinery29.com
access-control-expose-headers
etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
427
x-xss-protection
0
fireperf:fetch
firebaseremoteconfig.googleapis.com/v1/projects/ad-library/namespaces/ Frame
0
0
Preflight
General
Full URL
https://firebaseremoteconfig.googleapis.com/v1/projects/ad-library/namespaces/fireperf:fetch?key=AIzaSyDhgzXFuWUCGHH5AE7kJE1T8BBL1l-FZNI
Protocol
H2
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization
Origin
https://www.refinery29.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://www.refinery29.com
vary
origin referer x-origin
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers
authorization
access-control-max-age
3600
date
Fri, 02 Jul 2021 16:03:53 GMT
content-type
text/html
server
ESF
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dwce_cheq_events
log.outbrainimg.com/loggerServices/
4 B
325 B
XHR
General
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1625241833862&sessionId=d30eb4ca-8dcf-877b-2df2-dc5e306c0e31&url=www.refinery29.com&cheqSource=1&cheqEvent=0&exitReason=2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:55 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
ee71c57de02d9d83d7876e100fb5ca8b
Content-Length
4
Expires
0
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_rexLo99v/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_rexLo99v/v2?platform=Desktop
Protocol
H2
Server
23.55.161.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-access-token,x-guid,x-post-id,x-spot-id,x-spotim-page-view-id
Origin
https://www.refinery29.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
server
fasthttp
access-control-allow-origin
https://www.refinery29.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
access-control-expose-headers
access-control-max-age
86400
date
Fri, 02 Jul 2021 16:03:54 GMT
events
direct-events-collector.spot.im/api/v2/
0
265 B
XHR
General
Full URL
https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rexLo99v
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.29.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.refinery29.com
date
Fri, 02 Jul 2021 16:03:54 GMT
access-control-allow-credentials
true
server
fasthttp
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/
0
0
Fetch
General
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rexLo99v
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:54 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA2-C1
content-length
20
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
x-amz-cf-id
HBfW3ZIL0B-vg-CcjBItftk4ISvudvIX_5NCtq5VTSoiuVj3Guoqnw==
expires
Sun, 03 Jul 2022 16:03:54 GMT
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_rexLo99v/
21 KB
3 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_rexLo99v/v2?platform=Desktop
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rexLo99v
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
386fdc063748f08acf965b57f33d9a1aae61ca6750f987cb7049cdc6716249eb

Request headers

x-guid
null
x-post-id
entry_19587
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8
x-spot-id
sp_rexLo99v
x-spotim-page-view-id
11d1c77f-84ec-470a-be01-269fce580333
Referer
https://www.refinery29.com/
x-access-token
undefined

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
content-encoding
gzip
server
fasthttp
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.refinery29.com
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
content-length
2652
x-request-id
1a04de1a-db4f-11eb-adc7-56e7ae921015
access-control-expose-headers
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/
0
0
Fetch
General
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rexLo99v
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:54 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA2-C1
content-length
20
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
x-amz-cf-id
HBfW3ZIL0B-vg-CcjBItftk4ISvudvIX_5NCtq5VTSoiuVj3Guoqnw==
expires
Sun, 03 Jul 2022 16:03:54 GMT
truncated
/
44 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
device_load
events-collector.spot.im/api/v1/
36 B
478 B
Fetch
General
Full URL
https://events-collector.spot.im/api/v1/device_load
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rexLo99v
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.165 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
0d786c19ebcad5db8fa1786cd02c41cde0f76cd421eb4569b714ca9a286f1db2

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:54 GMT
server
fasthttp
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.refinery29.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length
36
expires
Fri, 02 Jul 2021 16:03:54 GMT
truncated
/
82 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
38 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
get
odb.outbrain.com/utils/
47 KB
17 KB
Script
General
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon&idx=0&rand=10694&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=250&py=3320&vpd=2120&cw=720&ts=1625241834091&settings=true&recs=true&version=2000374&sig=4s8Z3ikq&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpa=1---&ccpaStat=1&wdr-natlaz=true
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6a66f950e222c9678ddcd06a8bd62cb881de35d2d7e54ff7112e03b363ba9228

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:54 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
CHIDC2, MDW, HHN, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip
157.52.75.60
x-cache-hits
0, 0
x-traceid
453b5490fce69e789f82b1563ed12fa8
content-encoding
gzip
content-length
16648
x-served-by
cache-mdw17360-MDW, cache-hhn4052-HHN
x-timer
S1625241834.149178,VS0,VE345
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
conversation.svg
static-cdn.spot.im/production/launcher/tags/v2.56.3/launcher/
3 KB
1 KB
Fetch
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v2.56.3/launcher/conversation.svg
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rexLo99v
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:120::211:7b51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da47d25bde260aaac30fba5ce9ff1ccd5b62b15e3884f1fc40d4d5c5222b8740

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
JqiCpxHbZ.6eQ5BU8NvPezQs57FjRD_9
content-encoding
gzip
last-modified
Sun, 27 Jun 2021 12:14:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK51-C1
etag
W/"6426c2417d4edd062cad1e3e46e94b29"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31622400
date
Fri, 02 Jul 2021 16:03:54 GMT
content-length
704
x-amz-cf-id
yu93xrOD10K9-JGQAAgJWp56IN3VmHi5cgP-tNOWLhirxy-t7Ws1CA==
expires
Sun, 03 Jul 2022 16:03:54 GMT
entry$19587
api-2-0.spot.im/v1.0.0/config/ab_test/sp_rexLo99v/
103 B
826 B
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_rexLo99v/entry$19587
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rexLo99v
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
aa53c157bec914c2021681efef78d3dca872c70fce23c2349a804543ba03aa81

Request headers

Accept
application/json
Referer
https://www.refinery29.com/
x-spotim-page-view-id
11d1c77f-84ec-470a-be01-269fce580333
Content-Type
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-spotim-device-uuid
ec908d58-f622-4a86-95a3-6d893c30db9f

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.refinery29.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
content-length
103
x-request-id
1a058b21-db4f-11eb-8cc8-ee44ff3d9a3d
entry$19587
api-2-0.spot.im/v1.0.0/config/ab_test/sp_rexLo99v/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_rexLo99v/entry$19587
Protocol
H2
Server
23.55.161.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Origin
https://www.refinery29.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
server
fasthttp
access-control-allow-origin
https://www.refinery29.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
date
Fri, 02 Jul 2021 16:03:54 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/
3 KB
3 KB
Image
General
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:54 GMT
last-modified
Thu, 10 Jun 2021 10:07:44 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1623321643.048214"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sun, 01 Aug 2021 16:03:54 GMT
fd5985060b2f428e5ce00dd7d97fd37d.woff2
www.refinery29.com/assets/
18 KB
18 KB
Font
General
Full URL
https://www.refinery29.com/assets/fd5985060b2f428e5ce00dd7d97fd37d.woff2
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cdca62769b403ef70d7ffb1cf302036c91a633fb5673a3bfcb9a83c74cac465b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://www.refinery29.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
_pbjs_userid_consent_data=3524755945110770
:path
/assets/fd5985060b2f428e5ce00dd7d97fd37d.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.refinery29.com
referer
https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.refinery29.com
Referer
https://www.refinery29.com/assets/styles.883f3d0a3f933cc04287.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:54 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-geoip-country-code
BE
x-backend
157.52.99.57
age
1456847
x-geoip-region-code
VAN
x-cache
HIT, HIT
x-ua-device
desktop
x-geolocation
BE
content-length
17920
x-xss-protection
1; mode=block
x-served-by
cache-bwi5157-BWI, cache-hhn4041-HHN
last-modified
Thu, 03 Jun 2021 16:48:15 GMT
x-timer
S1625241835.539007,VS0,VE0
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/font-woff2
cache-control
max-age=31536000, public, immutable, stale-while-revalidate=86400
set-cookie
X-GeoIP-Country-Code=BE; path=/; X-GeoIP-Region-Code=VAN; path=/;
accept-ranges
bytes
x-country-code
BE
x-cache-hits
1, 5
l
mcdp-chidc2.outbrain.com/
2 B
292 B
Fetch
General
Full URL
https://mcdp-chidc2.outbrain.com/l?token=583e3ff4d160f4a2f8225097519831d3_39878_1625241834424&tm=736&eT=0&widgetWidth=720&widgetHeight=502&widgetX=250&widgetY=3406&tpcs=0&wRV=2000374&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&cheq=0&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.159 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Fri, 02 Jul 2021 16:03:54 GMT
content-encoding
gzip
X-TraceId
63b3b1378a640e203433b59191f5516a
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame F260
16 KB
6 KB
Document
General
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
865893b1a8f102f54903e3276785626b28a9ab81e96d8b7417520134b0e1f34d

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/widgetOBUserSync/obUserSync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refinery29.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"983cbd9c9c474d7db77dbfc514fc2001:1625126599.142533"
last-modified
Thu, 01 Jul 2021 07:58:23 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=86400
expires
Sat, 03 Jul 2021 16:03:54 GMT
date
Fri, 02 Jul 2021 16:03:54 GMT
content-length
5500
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1625241834~rv=98~id=8c6ded4fda9aeabd2139b956f955de3f; path=/; Expires=Fri, 02 Jul 2021 16:03:54 GMT; Secure; SameSite=None
eyJpdSI6ImE5MDQ3YjdlMjBmZGM0OTU4NTI0Y2NlMGIzMjhmMzVjZGE5YzJjZTI3YTU4Y2VmOGQ3NDE5ZWIzOTA2NWY2YjgiLCJ3IjoxNDQsImgiOjgxLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/
8 KB
8 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImE5MDQ3YjdlMjBmZGM0OTU4NTI0Y2NlMGIzMjhmMzVjZGE5YzJjZTI3YTU4Y2VmOGQ3NDE5ZWIzOTA2NWY2YjgiLCJ3IjoxNDQsImgiOjgxLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.110.34 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
d667eb2aa3572d7e9ab137db2eb4d37f07fabe1f4a0e8e3be3cd1d630ddc31a9

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:54 GMT
cache-control
max-age=2462400
last-modified
Wed, 23 Jun 2021 12:06:42 GMT
x-traceid
fe318f0fbef9e8833a884a1a4a7a42f9
timing-allow-origin
*
content-length
8232
content-type
image/webp
eyJpdSI6IjBkZWE2NGRmNjgyMGQzOGJlNjg0NzdmNzc1N2VkZmVjOTMzZmVhM2E5MmVmNDhjMzY5ZDIzZjJjNzI2MDhmNWQiLCJ3IjoxNDQsImgiOjgxLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/
8 KB
8 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBkZWE2NGRmNjgyMGQzOGJlNjg0NzdmNzc1N2VkZmVjOTMzZmVhM2E5MmVmNDhjMzY5ZDIzZjJjNzI2MDhmNWQiLCJ3IjoxNDQsImgiOjgxLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.110.34 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
68e7df26059086d9272d508faf4c81a7bf36e9919eaf7ece231e3dcca8200697

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:54 GMT
cache-control
max-age=2043999
last-modified
Tue, 08 Jun 2021 14:19:05 GMT
x-traceid
f95073b3657d348fed0ff86f162e7681
timing-allow-origin
*
content-length
7940
content-type
image/webp
eyJpdSI6ImI2MzUwM2NjYjAyNGVhMTZkNWU0NTBmYWQ3NGI0MTRkMjYxZTNlM2JmMTMxZGM1YTYwMmM5OTE1NTc1MDYxMWMiLCJ3IjoxNDQsImgiOjgxLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/
8 KB
8 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImI2MzUwM2NjYjAyNGVhMTZkNWU0NTBmYWQ3NGI0MTRkMjYxZTNlM2JmMTMxZGM1YTYwMmM5OTE1NTc1MDYxMWMiLCJ3IjoxNDQsImgiOjgxLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.110.34 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
bfa312138adeb8f6b77482996407875374b6fd277b673f2dd2b65848833b63d1

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:54 GMT
cache-control
max-age=1683916
last-modified
Tue, 25 May 2021 12:32:38 GMT
x-traceid
155346f7abc825d3873b1aabb999a9d0
timing-allow-origin
*
content-length
8178
content-type
image/webp
eyJpdSI6IjViNjhmZGY5MmI4M2IxYWUyYzYzMTk4NTAwMjU1YTUwZTU0MGJlY2IyYTYxZGRjM2NmOTIyMDc2MDgyMTU3YTYiLCJ3IjoxNDQsImgiOjgxLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/
4 KB
4 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjViNjhmZGY5MmI4M2IxYWUyYzYzMTk4NTAwMjU1YTUwZTU0MGJlY2IyYTYxZGRjM2NmOTIyMDc2MDgyMTU3YTYiLCJ3IjoxNDQsImgiOjgxLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.110.34 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
e96512295b6e834f5387435cffa346e7af51a41748daa6ce8cffb9b4eda3b2f4

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:54 GMT
cache-control
max-age=2197383
last-modified
Tue, 08 Jun 2021 07:35:30 GMT
x-traceid
bffb515f4e988e26dfa90bf4b06c13ad
timing-allow-origin
*
content-length
4298
content-type
image/webp
eyJpdSI6IjU2ZjIzZTg0N2FlZmE5YmRjMDA0NjlmMDJkMjQ2MDE3NWIyMWI1NTFiMDc1YzMwOWE0NjU0NDk0MWU5OTAxY2YiLCJ3IjoxNDQsImgiOjgxLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/
12 KB
12 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU2ZjIzZTg0N2FlZmE5YmRjMDA0NjlmMDJkMjQ2MDE3NWIyMWI1NTFiMDc1YzMwOWE0NjU0NDk0MWU5OTAxY2YiLCJ3IjoxNDQsImgiOjgxLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.110.34 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
7ec932d1b3ac045e6357a42ff0c7b392bc561d6b7cfcc4dbf1eb6ec6df1468ec

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:54 GMT
cache-control
max-age=2420587
last-modified
Fri, 18 Jun 2021 11:50:05 GMT
x-traceid
86df9c5fdd6ba5c4206e1cd2c36065af
timing-allow-origin
*
content-length
12014
content-type
image/webp
eyJpdSI6IjIzZGI0NmFkOWNiMGEwZmMzYzE4MWRiMzE5NTgzNTZkYmYzYmI5MmY5ZmEzNmFkMDE5MjliYzFiZWM4ZTZkNDUiLCJ3IjoxNDQsImgiOjgxLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/
4 KB
4 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjIzZGI0NmFkOWNiMGEwZmMzYzE4MWRiMzE5NTgzNTZkYmYzYmI5MmY5ZmEzNmFkMDE5MjliYzFiZWM4ZTZkNDUiLCJ3IjoxNDQsImgiOjgxLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.110.34 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
a896b014e6a8de2dae8b9f1153f0e53e9a53bd8205bf04dc4b21bfe49dcd8348

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:54 GMT
cache-control
max-age=2462342
last-modified
Sat, 19 Jun 2021 16:30:45 GMT
x-traceid
447174dcfa64bb96cfd76a67f4364aa4
timing-allow-origin
*
content-length
3924
content-type
image/webp
eyJpdSI6IjM0OGYzZWEwYWQ1N2U2NWM2MjQ4NzcyNjYyYzljNDM0MjBlMWQyMmE0OTU0NzdkYjEyOWFlMzAyOGRjYTVmZTMiLCJ3IjoxNDQsImgiOjgxLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/
12 KB
12 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjM0OGYzZWEwYWQ1N2U2NWM2MjQ4NzcyNjYyYzljNDM0MjBlMWQyMmE0OTU0NzdkYjEyOWFlMzAyOGRjYTVmZTMiLCJ3IjoxNDQsImgiOjgxLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.110.34 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
f32287d6bb73f9b8f40dd963a4705ee1eac7bdb7a8a1a7bd366ca72bbf51a947

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:54 GMT
cache-control
max-age=2462400
last-modified
Thu, 24 Jun 2021 14:10:50 GMT
x-traceid
3aea6cd1ba5648f2adf9f7bf95035880
timing-allow-origin
*
content-length
12276
content-type
image/webp
eyJpdSI6ImY1ZDk5NThmMjA3ZWJiY2ExZmUzYjZjMDg3YTZkMGYwOWI3MGJlMTNmMWE3ZjYyODY4YzI5Mzc2ODQyOTNlMjIiLCJ3IjoxNDQsImgiOjgxLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/
10 KB
10 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImY1ZDk5NThmMjA3ZWJiY2ExZmUzYjZjMDg3YTZkMGYwOWI3MGJlMTNmMWE3ZjYyODY4YzI5Mzc2ODQyOTNlMjIiLCJ3IjoxNDQsImgiOjgxLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.110.34 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
3d33b1b84625f1197da654f3c71c2ea6ab2e9af51df73c9ac24f77ffb548234c

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:54 GMT
cache-control
max-age=2299558
last-modified
Sun, 06 Jun 2021 18:25:58 GMT
x-traceid
c04732a9f1f31cc469245b5851655e96
timing-allow-origin
*
content-length
9966
content-type
image/webp
beacon.js
sb.scorecardresearch.com/ Frame F260
1 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:02:07 GMT
via
1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
578
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
-_RWpBh1s_NJ3xP3a1GNsEywjkB0hH78vrV9nOuUT6CENy1pJbWBEg==
b2
sb.scorecardresearch.com/ Frame F260
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=39878&cs_ucfr=1&ns__t=1625241834857&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2Fo...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=39878&cs_ucfr=1&ns__t=1625241834857&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2F...
64 B
329 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=39878&cs_ucfr=1&ns__t=1625241834857&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D39878%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DBE&c9=https%3A%2F%2Fwww.refinery29.com%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:54 GMT
via
1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
VEGOheA7D2p75OrsYVFVJkwd5NWqGHmLacZbW29-UAPsH_GUK5Bviw==

Redirect headers

date
Fri, 02 Jul 2021 16:03:54 GMT
via
1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=39878&cs_ucfr=1&ns__t=1625241834857&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D39878%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DBE&c9=https%3A%2F%2Fwww.refinery29.com%2F
content-length
444
x-amz-cf-id
OkdzBhkYhtfwhFqbCu15bHrcvAtLsGiJh9xYgmBCf0N_4ghMO5Rr3Q==
brownstd-regular.woff2
www.refinery29.com/assets/fonts/brown/regular/
25 KB
26 KB
Font
General
Full URL
https://www.refinery29.com/assets/fonts/brown/regular/brownstd-regular.woff2
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
18de2f92c4cd97aaf4b2a950859995b681f1b24fad046e04fac3f16ddcd7dc28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://www.refinery29.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
_pbjs_userid_consent_data=3524755945110770; X-GeoIP-Country-Code=BE; X-GeoIP-Region-Code=VAN; spotim_visitId={%22visitId%22:%22ec908d58-f622-4a86-95a3-6d893c30db9f%22%2C%22creationDate%22:%222021-07-02T16:03:55.103Z%22%2C%22duration%22:0}
:path
/assets/fonts/brown/regular/brownstd-regular.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.refinery29.com
referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.refinery29.com
Referer
https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-geoip-country-code
BE
x-backend
157.52.99.55
age
480
x-geoip-region-code
VAN
x-cache
HIT, HIT
x-ua-device
desktop
x-geolocation
BE
content-length
25964
x-xss-protection
1; mode=block
x-served-by
cache-bwi5155-BWI, cache-hhn4041-HHN
last-modified
Thu, 24 Jun 2021 17:36:14 GMT
x-timer
S1625241835.131263,VS0,VE1
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/font-woff2
cache-control
public, max-age=0
accept-ranges
bytes
x-country-code
BE
x-cache-hits
3, 1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 87C1
14 KB
5 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rexLo99v
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refinery29.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=68853
expires
Sat, 03 Jul 2021 11:11:28 GMT
date
Fri, 02 Jul 2021 16:03:55 GMT
vary
Accept-Encoding
csync
sync.spotim.market/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D271858%2526extuid%253D%2524UID
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=3977922899535124467
86 B
526 B
Image
General
Full URL
https://sync.spotim.market/csync?t=a&ep=271858&extuid=3977922899535124467
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 16:03:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:55 GMT
X-Proxy-Origin
82.102.19.100; 82.102.19.100; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b8853752-f6ce-41c5-b19d-bb821df0288b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.spotim.market/csync?t=a&ep=271858&extuid=3977922899535124467
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=211945
  • https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=1a2c3bf5-db4f-11eb-86d4-141484330206
0
588 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=1a2c3bf5-db4f-11eb-86d4-141484330206
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Fri, 02 Jul 2021 16:03:55 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
88
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Fri, 02 Jul 2021 16:03:55 GMT
Server
nginx
Location
/partner?source=211945&__user_check__=1&sync_id=1a2c3bf5-db4f-11eb-86d4-141484330206
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
2
Connection
keep-alive
Content-Length
0
csync
sync.spotim.market/
Redirect Chain
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP1a1e88f5-db4f-11eb-b06d-02c5fc9f2ed0
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP1a1e88f5-db4f-11eb-b06d-02c5fc9f2ed0&verify=true
  • https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-YVCXcLNE2uEtxg.M8LYrVnBnKJXG_qeA~A~UP1a1e88f5-db4f-11eb-b06d-02c5fc9f2ed0
86 B
582 B
Image
General
Full URL
https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-YVCXcLNE2uEtxg.M8LYrVnBnKJXG_qeA~A~UP1a1e88f5-db4f-11eb-b06d-02c5fc9f2ed0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 16:03:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Date
Fri, 02 Jul 2021 16:03:55 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-YVCXcLNE2uEtxg.M8LYrVnBnKJXG_qeA~A~UP1a1e88f5-db4f-11eb-b06d-02c5fc9f2ed0
Connection
keep-alive
Content-Length
0
/
sync.spotim.market/csync/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=1a2c3bc1-db4f...
  • https://sync.spotim.market/csync/?t=a&ep=301276&extuid=1a2c3b7c-db4f-11eb-ae3f-1d03a5b20306
86 B
543 B
Image
General
Full URL
https://sync.spotim.market/csync/?t=a&ep=301276&extuid=1a2c3b7c-db4f-11eb-ae3f-1d03a5b20306
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 16:03:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Date
Fri, 02 Jul 2021 16:03:55 GMT
Server
nginx
Location
https://sync.spotim.market/csync/?t=a&ep=301276&extuid=1a2c3b7c-db4f-11eb-ae3f-1d03a5b20306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
26
Connection
keep-alive
Content-Length
0
710530.gif
di.rlcdn.com/
0
66 B
Image
General
Full URL
https://di.rlcdn.com/710530.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
via
1.1 google
alt-svc
clear
content-length
0
vendors-main-chunk.js
static-cdn.spot.im/production/ads/tags/v17.2.1/ads/
11 KB
3 KB
Script
General
Full URL
https://static-cdn.spot.im/production/ads/tags/v17.2.1/ads/vendors-main-chunk.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rexLo99v
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:120::211:7b51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
f0874ea51afc495bd55879a45362a95ff94657385504fa197315e23e63984c8d

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
content-encoding
br
server
fasthttp
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
3238
expires
Sun, 03 Jul 2022 16:03:55 GMT
main-chunk.js
static-cdn.spot.im/production/ads/tags/v17.2.1/ads/
8 KB
3 KB
Script
General
Full URL
https://static-cdn.spot.im/production/ads/tags/v17.2.1/ads/main-chunk.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rexLo99v
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:120::211:7b51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
0faf6a64fdd6aeae59afed501b534ae750c86c7598d7d253de20b81c44691368

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
content-encoding
br
server
fasthttp
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
3024
expires
Sun, 03 Jul 2022 16:03:55 GMT
ad-choises.png
publisher-assets.spot.im/yad/
4 KB
4 KB
Image
General
Full URL
https://publisher-assets.spot.im/yad/ad-choises.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
content-encoding
gzip
last-modified
Mon, 02 Jul 2018 15:08:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"643378ef8a85df26380de21f9beb58ba"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
content-length
4191
x-amz-cf-id
SFldp4F3D8aBFuJdZMh92BRiziJpOYoD4XVBkdhjvOsP0k4M4wCkcA==
expires
Sun, 03 Jul 2022 16:03:55 GMT
grumi-ip.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame E19C
11 KB
5 KB
Script
General
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rexLo99v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:6a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4dc4abcd99f7976c1a0938575631974c55fa42bf76681e84ca56aeea3180966e

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 15:45:29 GMT
content-encoding
br
last-modified
Sun, 20 Jun 2021 12:01:43 GMT
server
AmazonS3
age
1107
etag
W/"1f2e2e253216d7dc0988459b5390d3aa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
E8tepMuZEI_lmCDKu37WY2.wC8UNRe39
via
1.1 f54d9ad301a95e7dcfde675e1cd5ba89.cloudfront.net (CloudFront)
cache-control
public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-pop
AMS1-C1
content-type
application/javascript
x-amz-cf-id
dAAEet3-jn4zjUToxw0bPnFdWD4vmfWZGCNfzONGaB6L6jXSEda3vQ==
hb_270443_6630.js
player.spotim.market/prebidlink/451456/ Frame E19C
355 KB
111 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/451456/hb_270443_6630.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
17de803e6c4b0df36effa2d60567de1a5740276fa035a2b01e35329bcce8a049

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
content-encoding
gzip
last-modified
Wed, 30 Jun 2021 16:28:45 GMT
server
nginx
etag
W/"60dc9bbd-58b85"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 02 Jul 2021 17:03:55 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame E19C
69 KB
24 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
5c587f4e5e9b4741fab6372d253712eb13503f65b0d66aab6e0fa93e29a93d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"918 / 706 of 1000 / last-modified: 1625224211"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24289
x-xss-protection
0
expires
Fri, 02 Jul 2021 16:03:55 GMT
wrapper_hb_270443_6630.js
player.spotim.market/prebidlink/451456/ Frame E19C
136 KB
28 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/451456/wrapper_hb_270443_6630.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
daf8352e0e48c693f07bd1fa9dad6e342d69be4589c74ab7f1af0dc223715576

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 11:03:15 GMT
server
nginx
etag
W/"60def273-21e8e"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 02 Jul 2021 17:03:55 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
pubads_impl_2021063001.js
securepubads.g.doubleclick.net/gpt/ Frame E19C
329 KB
114 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
99e3d0a0f7b92b109c9c21035daef51486ff1ed73b5a3bdbe5b487e5619d8240
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 30 Jun 2021 08:36:57 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117131
x-xss-protection
0
expires
Fri, 02 Jul 2021 16:03:55 GMT
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame E19C
232 KB
70 KB
Script
General
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:6a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f081d2381987b06fd8bfc2b2cc7300833ae12e4377174c426d7e705e7f4f0b03

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 15:45:30 GMT
content-encoding
br
last-modified
Fri, 02 Jul 2021 15:28:32 GMT
server
AmazonS3
age
1106
etag
W/"08106a05ae289cc78c1439652706f766"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
uxfuGbJQCtAtkk_mLUhlidE0BGC0GWai
via
1.1 f54d9ad301a95e7dcfde675e1cd5ba89.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
AMS1-C1
content-type
text/javascript
x-amz-cf-id
ZC7s845mXBUBFcmd8tlUMamwxmP_qUr-lf45E9qLau782QmhW2x0ag==
PugMaster
image6.pubmatic.com/AdServer/ Frame 87C1
5 KB
6 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=72621169&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
26c185f19d8230984c32a2066cfd521426a34900832b9a490be48639ca6087dd

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:54 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
player.js
player.aniview.com/script/6.1/
25 KB
9 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v17.2.1/ads/main-chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
809b4c0685581f80e57351f1d4e5ae1baf7b672e97d5bfe8325baa350ddebfab

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UxtQ_UV4srqBHa5yf7GqUI9Je-8YWMDPViekhFMknbEeHJSlm_UOo4kGABuLQ_w9AJaM4Nd_9TSrcWzD_wOZ9h_QCETpw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9069
last-modified
Wed, 23 Jun 2021 10:49:12 GMT
server
UploadServer
etag
"3aa0b5e9906503b555c459a088fa2cf3"
vary
Accept-Encoding
x-goog-hash
crc32c=UY/ntA==, md5=OqC16ZBlA7VVxFmgiPos8w==
content-language
en
access-control-allow-origin
*
x-goog-generation
1624445351928542
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9069
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 02 Jul 2021 16:08:55 GMT
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=5f8484a8cae1e34e567bdbdf&e=playerLoaded&cb=1625241835298&r=https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
grumi.js
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame E19C
232 KB
70 KB
Script
General
Full URL
https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/wrapper_hb_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:6a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b31a1724305381a819d63a0678dba1a69173cb34a30d30787ee7bb9ec0b78c3

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 15:45:29 GMT
content-encoding
br
last-modified
Fri, 02 Jul 2021 15:27:56 GMT
server
AmazonS3
age
1107
etag
W/"47334d2c36fca000c78ffba22ac326bd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
X9vZmDL0zkUN0C1Pzyu4IwFULwEsnDlC
via
1.1 f54d9ad301a95e7dcfde675e1cd5ba89.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
AMS1-C1
content-type
text/javascript
x-amz-cf-id
LwxBXPBqQmbNfpdUEjw8JTansvW10gfEFO_GktcRggFEsdGGiTUwGw==
sync.html
s.adtelligent.com/ Frame 3C6E
1 KB
920 B
Document
General
Full URL
https://s.adtelligent.com/sync.html?aid=572165
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
f7f50ceea4dcad83eea61dff325d95f0b850b87d8624192f5a4e503dfef3ff3c

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.refinery29.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

Server
VertaMedia 1.0
Date
Fri, 02 Jul 2021 16:03:55 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
634
Access-Control-Allow-Origin
https://www.refinery29.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
/
hb.spotim.market/geo/ Frame E19C
134 B
388 B
XHR
General
Full URL
https://hb.spotim.market/geo/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/wrapper_hb_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
9ebe6766cc19f184afe899ae9274e58cd6d18aa451a73940cc3056a9d6d3a196

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.refinery29.com
Date
Fri, 02 Jul 2021 16:03:54 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
134
Content-Type
application/json
tracking
hb.spotim.market/adunit/ Frame E19C
43 B
418 B
XHR
General
Full URL
https://hb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=6630&full_page_url=https%3A%2F%2Fwww.refinery29.com&adid=mj0y1g.an&vpbv=0801&lifecycle_tte=176
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/wrapper_hb_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.refinery29.com
Date
Fri, 02 Jul 2021 16:03:54 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
j.html
p.ytdeliver.com/prebidlink/18810/ Frame C324
1 KB
879 B
Document
General
Full URL
https://p.ytdeliver.com/prebidlink/18810/j.html?i=8201
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf35c9e8af47d8cd7233bebf1b785af16546782547f31501432cb7ad97d84714

Request headers

:method
GET
:authority
p.ytdeliver.com
:scheme
https
:path
/prebidlink/18810/j.html?i=8201
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refinery29.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
content-type
text/html; charset=utf-8
server
nginx
last-modified
Wed, 16 Sep 2020 14:50:15 GMT
etag
W/"5f622627-434"
cache-control
max-age=3600
content-encoding
gzip
expires
Fri, 02 Jul 2021 17:03:55 GMT
access-control-allow-origin
*
match
c1.adform.net/serving/cookie/ Frame CAFE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=192EB506-0FDB-434D-843F-6C95D6ECF57F
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=192EB506-0FDB-434D-843F-6C95D6ECF57F
35 B
477 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=192EB506-0FDB-434D-843F-6C95D6ECF57F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=192EB506-0FDB-434D-843F-6C95D6ECF57F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 02 Jul 2021 16:03:55 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=5587202164527897308; expires=Tue, 31 Aug 2021 16:03:55 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Fri, 02 Jul 2021 16:03:55 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=192EB506-0FDB-434D-843F-6C95D6ECF57F
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Mon, 02 Aug 2021 16:03:55 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 87C1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKGgwZPto8Fp7owNmgZvNPQ&google_cver=1
42 B
283 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKGgwZPto8Fp7owNmgZvNPQ&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:510
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKGgwZPto8Fp7owNmgZvNPQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 87C1
43 B
611 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 01 Jul 2021 16:03:55 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 87C1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=951408994814211034
42 B
232 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=951408994814211034
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:507
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:55 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=951408994814211034
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame E4B8
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3541338219267285443
42 B
210 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3541338219267285443
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3541338219267285443
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=192EB506-0FDB-434D-843F-6C95D6ECF57F; chkChromeAb67Sec=1; DPSync3=1626393600%3A201_197_219%7C1625270400%3A174; SyncRTB3=1626393600%3A81_55_99_176_161_3_166_88_165_21_56_71_234_22_8_204_220_54_189_230_222_13_7%7C1625788800%3A2_15_67_223%7C1626480000%3A35%7C1626048000%3A63%7C1627776000%3A203; KRTBCOOKIE_1101=23040-6980360529432803473; PugT=1625241835; PUBMDCID=3; KRTBCOOKIE_409=22966-3rkDABSoVkUpFaNi2mnUXEzD
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 02 Jul 2021 16:03:55 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-3541338219267285443; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 01-Aug-2021 16:03:55 GMT; path=/ PugT=1625241835; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 01-Aug-2021 16:03:55 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 16:03:55 GMT; path=/
x-lat
lhrpug017:0:424
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3541338219267285443
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 87C1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e52960df-38eb-4a00-95db-9625d3a2bf1e&gdpr=0&gdpr_consent=
42 B
486 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e52960df-38eb-4a00-95db-9625d3a2bf1e&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:495
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 02 Jul 2021 16:03:19 GMT
Server
MT3 3799 851f7e8 master cdg-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e52960df-38eb-4a00-95db-9625d3a2bf1e&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 02 Jul 2021 16:03:18 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 87C1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=823f8fa7-c618-4b4b-97f6-a31c58acde0d
42 B
293 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=823f8fa7-c618-4b4b-97f6-a31c58acde0d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:406
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=823f8fa7-c618-4b4b-97f6-a31c58acde0d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
usersync.aspx
dis.criteo.com/dis/ Frame 989D
43 B
338 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Fri, 02 Jul 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1214
date
Fri, 02 Jul 2021 16:03:54 GMT
content-length
43
Pug
image2.pubmatic.com/AdServer/ Frame 87C1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2144464562938829969&gdpr=0&gdpr_consent=
42 B
210 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2144464562938829969&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:452
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:55 GMT
X-Proxy-Origin
82.102.19.100; 82.102.19.100; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
de286413-9508-45dc-8c06-cc95df782018
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2144464562938829969&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 87C1
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=QCaufkUur3pbI6h5F3TnfBcu_ylbJP4qQyRsmIWN
42 B
271 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=QCaufkUur3pbI6h5F3TnfBcu_ylbJP4qQyRsmIWN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:511
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=QCaufkUur3pbI6h5F3TnfBcu_ylbJP4qQyRsmIWN
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5217
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6980360529432803473
42 B
368 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6980360529432803473
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6980360529432803473
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=192EB506-0FDB-434D-843F-6C95D6ECF57F; chkChromeAb67Sec=1; DPSync3=1626393600%3A201_197_219%7C1625270400%3A174; SyncRTB3=1626393600%3A81_55_99_176_161_3_166_88_165_21_56_71_234_22_8_204_220_54_189_230_222_13_7%7C1625788800%3A2_15_67_223%7C1626480000%3A35%7C1626048000%3A63%7C1627776000%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 02 Jul 2021 16:03:55 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6980360529432803473; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 01-Aug-2021 16:03:55 GMT; path=/ PugT=1625241835; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 01-Aug-2021 16:03:55 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 16:03:55 GMT; path=/
x-lat
lhrpug013:0:388
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Fri, 02 Jul 2021 16:03:55 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6980360529432803473; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6980360529432803473
adx
match.prod.bidr.io/cookie-sync/ Frame 1430
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEbk1rN0J2bklBQURaNk5JWkNUQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B
Document
General
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.13.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bito=AADnMk7BvnIAADZ6NIZCTA; bitoIsSecure=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Fri, 02 Jul 2021 16:03:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Fri, 02 Jul 2021 16:03:55 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
set-cookie
IDE=AHWqTUmMboTmvybuPFsqZQtluBhl_tYfUoCWmL1cLy6Vvmsmyj61KMjx15JjVqdmJgE; expires=Wed, 27-Jul-2022 16:03:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Pug
simage2.pubmatic.com/AdServer/ Frame 87C1
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3ee99065-9305-4d2d-9ad4-a465882cccea&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
111 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3ee99065-9305-4d2d-9ad4-a465882cccea&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:436
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3ee99065-9305-4d2d-9ad4-a465882cccea&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 02 Jul 2021 16:03:55 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 80A0
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
93 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=192EB506-0FDB-434D-843F-6C95D6ECF57F; chkChromeAb67Sec=1; DPSync3=1626393600%3A201_197_219%7C1625270400%3A174; SyncRTB3=1626393600%3A81_55_99_176_161_3_166_88_165_21_56_71_234_22_8_204_220_54_189_230_222_13_7%7C1625788800%3A2_15_67_223%7C1626480000%3A35%7C1626048000%3A63%7C1627776000%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 02 Jul 2021 16:03:55 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug016:2:267
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=f6db4315-c4e2-4001-b301-6d4847f9b8ac; path=/; domain=csync.loopme.me; Expires=Mon, 02-Aug-2021 16:03:55 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Fri, 02 Jul 2021 16:03:55 GMT
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 87C1
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
203 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:472
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:54 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3641
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6684494320
  • https://sync.1rx.io/usersync/tradedesk/823f8fa7-c618-4b4b-97f6-a31c58acde0d
  • https://sync.targeting.unrulymedia.com/csync/RX-035f00be-755e-47f0-93a2-a937e68b276a-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-035f00be-755e-47f0-93a2-a937e68b276a-003
42 B
270 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-035f00be-755e-47f0-93a2-a937e68b276a-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-035f00be-755e-47f0-93a2-a937e68b276a-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=192EB506-0FDB-434D-843F-6C95D6ECF57F; chkChromeAb67Sec=1; DPSync3=1626393600%3A201_197_219%7C1625270400%3A174; SyncRTB3=1626393600%3A81_55_99_176_161_3_166_88_165_21_56_71_234_22_8_204_220_54_189_230_222_13_7%7C1625788800%3A2_15_67_223%7C1626480000%3A35%7C1626048000%3A63%7C1627776000%3A203; KRTBCOOKIE_1101=23040-6980360529432803473; PugT=1625241835; PUBMDCID=3; KRTBCOOKIE_409=22966-3rkDABSoVkUpFaNi2mnUXEzD; KRTBCOOKIE_153=19420-QCaufkUur3pbI6h5F3TnfBcu_ylbJP4qQyRsmIWN&KRTB&22979-QCaufkUur3pbI6h5F3TnfBcu_ylbJP4qQyRsmIWN; KRTBCOOKIE_27=16735-uid:e52960df-38eb-4a00-95db-9625d3a2bf1e&KRTB&16736-uid:e52960df-38eb-4a00-95db-9625d3a2bf1e&KRTB&23019-uid:e52960df-38eb-4a00-95db-9625d3a2bf1e&KRTB&23114-uid:e52960df-38eb-4a00-95db-9625d3a2bf1e; KRTBCOOKIE_1074=22956-e_6a2a9a53-17eb-4f54-a151-eb0298946e7b; KRTBCOOKIE_336=5844-3541338219267285443; KRTBCOOKIE_391=22924-951408994814211034&KRTB&23263-951408994814211034; KRTBCOOKIE_377=6810-823f8fa7-c618-4b4b-97f6-a31c58acde0d&KRTB&22918-823f8fa7-c618-4b4b-97f6-a31c58acde0d&KRTB&23031-823f8fa7-c618-4b4b-97f6-a31c58acde0d; KRTBCOOKIE_57=22776-2144464562938829969; KRTBCOOKIE_80=22987-CAESEKGgwZPto8Fp7owNmgZvNPQ&KRTB&16514-CAESEKGgwZPto8Fp7owNmgZvNPQ&KRTB&23025-CAESEKGgwZPto8Fp7owNmgZvNPQ; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_22=14911-6950569829880617825; SPugT=1625229014
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 02 Jul 2021 16:03:55 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-035f00be-755e-47f0-93a2-a937e68b276a-003&KRTB&17107-RX-035f00be-755e-47f0-93a2-a937e68b276a-003; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 16:03:55 GMT; path=/ PugT=1625241835; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 01-Aug-2021 16:03:55 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 16:03:55 GMT; path=/
x-lat
lhrpug013:0:679
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Fri, 02 Jul 2021 16:03:55 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-035f00be-755e-47f0-93a2-a937e68b276a-003%22%7D; path=/; expires=Sat, 02 Jul 2022 16:03:55 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-035f00be-755e-47f0-93a2-a937e68b276a-003
etag
RX035f00be755e47f093a2a937e68b276a003
dpe
ad4m.at/ad/ Frame 0DF5
42 B
130 B
Document
General
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c035 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
66891b5f1f5fd6f1-FRA
Pug
image2.pubmatic.com/AdServer/ Frame 3CB8
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3rkDABSoVkUpFaNi2mnUXEzD
42 B
372 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3rkDABSoVkUpFaNi2mnUXEzD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3rkDABSoVkUpFaNi2mnUXEzD
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=192EB506-0FDB-434D-843F-6C95D6ECF57F; chkChromeAb67Sec=1; DPSync3=1626393600%3A201_197_219%7C1625270400%3A174; SyncRTB3=1626393600%3A81_55_99_176_161_3_166_88_165_21_56_71_234_22_8_204_220_54_189_230_222_13_7%7C1625788800%3A2_15_67_223%7C1626480000%3A35%7C1626048000%3A63%7C1627776000%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 02 Jul 2021 16:03:55 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-3rkDABSoVkUpFaNi2mnUXEzD; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 01-Aug-2021 16:03:55 GMT; path=/ PugT=1625241835; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 01-Aug-2021 16:03:55 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 16:03:55 GMT; path=/
x-lat
lhrpug001:0:445
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Fri, 02 Jul 2021 16:03:55 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=3rkDABSoVkUpFaNi2mnUXEzD; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=3rkDABSoVkUpFaNi2mnUXEzD
strict-transport-security
max-age=0; includeSubDomains;
Pug
simage2.pubmatic.com/AdServer/ Frame 87C1
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2144464562938829969
42 B
110 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2144464562938829969
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:410
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:55 GMT
X-Proxy-Origin
82.102.19.100; 82.102.19.100; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e434368e-14a2-47c9-ad71-0c0582307813
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2144464562938829969
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bridge
cm.adgrx.com/ Frame 84CB
43 B
408 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
ams-mon-1.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Fri, 02 Jul 2021 16:03:55 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-2
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame 83E1
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
396 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=a8noeUw5EGMAaINWhWhdNB3WZa60ET2IsEYhbi7BK
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=amnseFy4ZawEBA9MAJP7fZbFBCvRfvNXLVy3MGFgQc6b3LMZbtKwW2qybyhZaSA8gIeKQqVRj00sK6YXBlZcQwRSN; path=/; domain=.tribalfusion.com; expires=Thu, 30-Sep-2021 16:03:55 GMT; SameSite=None; Secure; ANON_ID_old=amnseFy4ZawEBA9MAJP7fZbFBCvRfvNXLVy3MGFgQc6b3LMZbtKwW2qybyhZaSA8gIeKQqVRj00sK6YXBlZcQwRSN; path=/; domain=.tribalfusion.com; expires=Thu, 30-Sep-2021 16:03:55 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
66891b604f79dfe3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Fri, 02 Jul 2021 16:03:55 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
565
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=a8noeUw5EGMAaINWhWhdNB3WZa60ET2IsEYhbi7BK; path=/; domain=.tribalfusion.com; expires=Thu, 30-Sep-2021 16:03:55 GMT; SameSite=None; Secure; ANON_ID_old=a8noeUw5EGMAaINWhWhdNB3WZa60ET2IsEYhbi7BK; path=/; domain=.tribalfusion.com; expires=Thu, 30-Sep-2021 16:03:55 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
66891b5f2d36dfe3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 87C1
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_6a2a9a53-17eb-4f54-a151-eb0298946e7b
42 B
224 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_6a2a9a53-17eb-4f54-a151-eb0298946e7b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:451
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_6a2a9a53-17eb-4f54-a151-eb0298946e7b
date
Fri, 02 Jul 2021 16:03:55 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
Pug
simage2.pubmatic.com/AdServer/ Frame 09DD
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Wrsft94G7WPx&pid=557219
1 B
87 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Wrsft94G7WPx&pid=557219
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Wrsft94G7WPx&pid=557219
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=192EB506-0FDB-434D-843F-6C95D6ECF57F; chkChromeAb67Sec=1; DPSync3=1626393600%3A201_197_219%7C1625270400%3A174; SyncRTB3=1626393600%3A81_55_99_176_161_3_166_88_165_21_56_71_234_22_8_204_220_54_189_230_222_13_7%7C1625788800%3A2_15_67_223%7C1626480000%3A35%7C1626048000%3A63%7C1627776000%3A203; KRTBCOOKIE_1101=23040-6980360529432803473; PugT=1625241835; PUBMDCID=3; KRTBCOOKIE_409=22966-3rkDABSoVkUpFaNi2mnUXEzD; KRTBCOOKIE_153=19420-QCaufkUur3pbI6h5F3TnfBcu_ylbJP4qQyRsmIWN&KRTB&22979-QCaufkUur3pbI6h5F3TnfBcu_ylbJP4qQyRsmIWN; KRTBCOOKIE_27=16735-uid:e52960df-38eb-4a00-95db-9625d3a2bf1e&KRTB&16736-uid:e52960df-38eb-4a00-95db-9625d3a2bf1e&KRTB&23019-uid:e52960df-38eb-4a00-95db-9625d3a2bf1e&KRTB&23114-uid:e52960df-38eb-4a00-95db-9625d3a2bf1e; KRTBCOOKIE_1074=22956-e_6a2a9a53-17eb-4f54-a151-eb0298946e7b; KRTBCOOKIE_336=5844-3541338219267285443
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 02 Jul 2021 16:03:55 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 16:03:55 GMT; path=/
x-lat
lhrpug018:0:380
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-8474b759f8-wqn2q
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Wrsft94G7WPx&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=df4636400866c328; path=/; HttpOnly; Secure; SameSite=None
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame C78E
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ff589604-da6b-4efa-846c-b48544e6cc32-tuct7d8be6b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
76 B
Document
General
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ff589604-da6b-4efa-846c-b48544e6cc32-tuct7d8be6b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ff589604-da6b-4efa-846c-b48544e6cc32-tuct7d8be6b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=ff589604-da6b-4efa-846c-b48544e6cc32-tuct7d8be6b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Fri, 02 Jul 2021 16:03:55 GMT
via
1.1 varnish
x-served-by
cache-hhn11530-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1625241835.413326,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=ff589604-da6b-4efa-846c-b48544e6cc32-tuct7d8be6b;Version=1;Path=/;Domain=.taboola.com;Expires=Sat, 02-Jul-2022 16:03:55 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ff589604-da6b-4efa-846c-b48544e6cc32-tuct7d8be6b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Fri, 02 Jul 2021 16:03:55 GMT
via
1.1 varnish
x-served-by
cache-fra19141-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1625241835.389085,VS0,VE9
x-vcl-time-ms
9
content-length
0
Cookie set csync
sync.spotim.market/ Frame E957
86 B
543 B
Document
General
Full URL
https://sync.spotim.market/csync?t=a&ep=281178&extuid=192EB506-0FDB-434D-843F-6C95D6ECF57F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.spotim.market
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
VertaMedia 1.0
Date
Fri, 02 Jul 2021 16:03:55 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=3c86bfcc0b9b7450; expires=Thu, 02 Sep 2021 16:03:55 GMT; domain=.spotim.market; path=/; secure; SameSite=None a281178=192EB506-0FDB-434D-843F-6C95D6ECF57F; expires=Thu, 02 Sep 2021 16:03:55 GMT; domain=.spotim.market; path=/; secure; SameSite=None
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 87C1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GS61Bg_bQ02EP2yV1uz1fw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=68853
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Sat, 03 Jul 2021 11:11:28 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 87C1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e52960df-38eb-4a00-95db-9625d3a2bf1e
0
128 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e52960df-38eb-4a00-95db-9625d3a2bf1e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 12:29:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 02 Jul 2021 16:03:19 GMT
Server
MT3 3799 851f7e8 master cdg-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e52960df-38eb-4a00-95db-9625d3a2bf1e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 02 Jul 2021 16:03:18 GMT
mw
mwzeom.zeotap.com/ Frame 87C1
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=192EB506-0FDB-434D-843F-6C95D6ECF57F
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=8aebff32ac92360e7c9ab4865644fb9e
  • https://spl.zeotap.com/?zdid=1332&zcluid=c1ea65bbb22ac0fe
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d7ef4d51-34a1-4d6e-579e-3bc47f95603a&reqId=8f2a2bc9-4cea-4121-7679-aefcc3a79d38&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEPOB52EpI8VfDnynxaP-_9c&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d7ef4d51-34a1-4d6e-579e-3bc47f95603a&reqId=8f2a2bc9-4cea-4121-7679-aef...
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEPOB52EpI8VfDnynxaP-_9c&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d7ef4d51-34a1-4d6e-579e-3bc47f95603a&reqId=8f2a2bc9-4cea-4121-7679-aefcc3a79d38&zcluid=c1ea65bbb22ac0fe&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
66891b6129b516ea-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEPOB52EpI8VfDnynxaP-_9c&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d7ef4d51-34a1-4d6e-579e-3bc47f95603a&reqId=8f2a2bc9-4cea-4121-7679-aefcc3a79d38&zcluid=c1ea65bbb22ac0fe&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 87C1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTkyRUI1MDYtMEZEQi00MzRELTg0M0YtNkM5NUQ2RUNGNTdG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:392
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
192EB506-0FDB-434D-843F-6C95D6ECF57F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 87C1
43 B
702 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/192EB506-0FDB-434D-843F-6C95D6ECF57F?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 87C1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=192EB506-0FDB-434D-843F-6C95D6ECF57F&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YafBeklE2uV6QY_.OZXED187QW4wqS0-~A&gdpr=0&gdpr_consent=
0
128 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YafBeklE2uV6QY_.OZXED187QW4wqS0-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 12:30:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 02 Jul 2021 16:03:55 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YafBeklE2uV6QY_.OZXED187QW4wqS0-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 87C1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YN846wACLYcDBwBg&gdpr=0&gdpr_consent=&_test=YN846wACLYcDBwBg
1 B
237 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YN846wACLYcDBwBg&gdpr=0&gdpr_consent=&_test=YN846wACLYcDBwBg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:411
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1625241836.636753,VS0,VE0
x-served-by
cache-fra19146-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YN846wACLYcDBwBg&gdpr=0&gdpr_consent=&_test=YN846wACLYcDBwBg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 87C1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d428f45f-a10f-43a8-b785-1a168448b744&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=302c5313-e773-454b-af56-c094c9ff95de&expires=1&user_group=5&ssp=pubmatic&bsw_param=d428f45f-a10f-43a8-b785-1a168448b744
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d428f45f-a10f-43a8-b785-1a168448b744&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d428f45f-a10f-43a8-b785-1a168448b744&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:559
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d428f45f-a10f-43a8-b785-1a168448b744&gdpr=&gdpr_consent=&gdpr_pd=
date
Fri, 02 Jul 2021 16:03:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 87C1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6950569829880617825&gdpr=0&gdpr_consent=&us_privacy=
1 B
167 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6950569829880617825&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:475
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6950569829880617825&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 02 Jul 2021 16:03:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 87C1
0
103 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=192EB506-0FDB-434D-843F-6C95D6ECF57F&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:55 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
AVmanager.js
player.aniview.com/script/6.1/ Frame 9FE8
340 KB
97 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
319cd584d0eafd2b782b2fcd8919d64b7a57286abb0be4dbb7e5b725ce235ef3

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UwTNI0an_DGLQMYS_SwESsQydFP9ZHijkwIsdr16wjQ-s5BDeHI_xFe91LnSla2eIMTRulwXiwslzsL-MseAzE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
98488
last-modified
Wed, 23 Jun 2021 10:48:36 GMT
server
UploadServer
etag
"bce4cecf47b100649e3194bf47af330f"
vary
Accept-Encoding
x-goog-hash
crc32c=yl+Wtg==, md5=vOTOz0exAGSeMZS/R68zDw==
content-language
en
access-control-allow-origin
*
x-goog-generation
1624445316505787
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
98488
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 02 Jul 2021 16:08:55 GMT
config.json
player.adtelligent.com/exchange_rates/279896/ Frame E19C
2 KB
1 KB
XHR
General
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fwww.refinery29.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/hb_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a4639b045699fb4568c1f9b6e7f2fb727c6533d22d337d3e13027934ca020d68

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 12:01:09 GMT
server
nginx
etag
W/"60df0005-85c"
content-type
application/json
access-control-allow-origin
https://www.refinery29.com
expires
Fri, 02 Jul 2021 17:03:55 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?r=www.refinery29.com&sn=&cd1=sp_rexLo99v&cd2=Desktop&cd3=reactions&cd4=11d1c77f-84ec-470a-be01-269fce580333&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd6=true&ic=0&tgt=0&app=&wi=400&he=300&test=&apppkg=&fv=3&proto=https&pid=5e0e296628a061270b21ccab&cid=5f8484a8cae1e34e567bdbdf&stagid=&stplid=&e=inventory&vi=0&cb=1625241835467
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pbm_307825_8201.js
p.ytdeliver.com/prebidlink/18810/ Frame C324
34 KB
13 KB
Script
General
Full URL
https://p.ytdeliver.com/prebidlink/18810/pbm_307825_8201.js
Requested by
Host: p.ytdeliver.com
URL: https://p.ytdeliver.com/prebidlink/18810/j.html?i=8201
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
00360bf7da5877d4987d9eb767ecf8d4093abcf131489f924c181a5edccea89c

Request headers

Referer
https://p.ytdeliver.com/prebidlink/18810/j.html?i=8201
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 09:59:50 GMT
server
nginx
etag
W/"60dee396-884a"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Fri, 02 Jul 2021 17:03:55 GMT
/
go1.aniview.com/api/adserver/tag/
6 KB
2 KB
XHR
General
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_rexLo99v&AV_CDIM2=Desktop&AV_CDIM3=reactions&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_rexLo99v%2C1%2C%2C%2C&AV_CDIM4=11d1c77f-84ec-470a-be01-269fce580333&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f8484a8cae1e34e567bdbdf&format=json&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.refinery29.com&AV_DADPOS=3&v=6.1.1.243&avtoken=835466&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=1625241835496
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.241.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
b3108e183126c0f649bd0c5e1c5dc852fc11de1e1fecdd7d2007d708c09834ee

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:56 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.refinery29.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 21 Jun 2021 02:17:16 GMT
csync
sync.adtelligent.com/ Frame 3C6E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
86 B
521 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=572165
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 16:03:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:54 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
tracking
ghb.adtelligent.com/adunit/ Frame C324
43 B
417 B
XHR
General
Full URL
https://ghb.adtelligent.com/adunit/tracking?pubbid=0&event=11&full_page_url=https%3A%2F%2Fwww.refinery29.com&adid=1a4975bb2d3949&vpbv=M053&client_id=307825&site_id=8201&lifecycle_tte=166
Requested by
Host: p.ytdeliver.com
URL: https://p.ytdeliver.com/prebidlink/18810/pbm_307825_8201.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://p.ytdeliver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://p.ytdeliver.com
Date
Fri, 02 Jul 2021 16:03:55 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
csyncs
hb.spotim.market/ Frame E19C
886 B
704 B
XHR
General
Full URL
https://hb.spotim.market/csyncs?aid1=537181&aid2=572165&aid3=573838&aid4=605039&aid5=623328
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/wrapper_hb_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
71b6b6ac60e26eb01b3e6aa32331a5d76b3dc489f00dea6f0b7a2e0fed776fde

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 16:03:54 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.refinery29.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
411
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.refinery29.com%2F&domain=www.refinery29.com&cw=1&lsw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.refinery29.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.refinery29.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1375
date
Fri, 02 Jul 2021 16:03:54 GMT
content-encoding
gzip
vary
Accept-Encoding
prebid
prebid.deepintent.com/ Frame
0
0
Preflight
General
Full URL
https://prebid.deepintent.com/prebid
Protocol
H2
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.refinery29.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://www.refinery29.com
vary
Origin,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, DELETE
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 02 Jul 2021 16:03:55 GMT
server
a
rtb
trends.revcontent.com/ Frame
0
0
Preflight
General
Full URL
https://trends.revcontent.com/rtb?apiKey=b7b594eb3a542d84f1718555eb51303d1083ca46&userId=152441
Protocol
H2
Server
34.249.31.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.refinery29.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
content-type
text/plain
content-length
13
server
Grizzly/2.4.4
allow
POST,OPTIONS
access-control-allow-origin
https://www.refinery29.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
sid
mug.criteo.com/ Frame E19C
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.refinery29.com%2F&domain=www.refinery29.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=HFaFt3x6VlkvbmdDR0txaFBBSU8ydGFZSlc3aVFqMlNsR2U5UVFBdm1nUCs5NzFKanM5aCthNERWdk55dE5NY3RSNG9yTWxiS2hCaU11NnZhR2VvZmJ4SERoOTZzbzNnN1dPN3ovU0pOb3UxT0U4YWlMOUdMM3oyamgvZX...
347 B
603 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=HFaFt3x6VlkvbmdDR0txaFBBSU8ydGFZSlc3aVFqMlNsR2U5UVFBdm1nUCs5NzFKanM5aCthNERWdk55dE5NY3RSNG9yTWxiS2hCaU11NnZhR2VvZmJ4SERoOTZzbzNnN1dPN3ovU0pOb3UxT0U4YWlMOUdMM3oyamgvZXNJOHVRdHgwdnVpaFFwMVpVQnZ1M0FKenh4OTBjbHlLend2UEJFeUlGSndZbUhBNUozbXYyeU1VNTNOY1lDS0EzWldleXRSMWdERUdLZzJIaEI2Y2NFdmJEakpNOVJ4NE9XMldiREY5aGhQU1ZLblhBOVpyTUo2cDVNM1BBSkRTYTNZTDludXJ0fA&cppv=2
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
bc07b0934a07ee3d0f7ceeacf93e5f6c838786907fe831316f85b63a3a66be6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 02 Jul 2021 16:03:55 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2058
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 02 Jul 2021 16:03:55 GMT
location
https://mug.criteo.com/sid?cpp=HFaFt3x6VlkvbmdDR0txaFBBSU8ydGFZSlc3aVFqMlNsR2U5UVFBdm1nUCs5NzFKanM5aCthNERWdk55dE5NY3RSNG9yTWxiS2hCaU11NnZhR2VvZmJ4SERoOTZzbzNnN1dPN3ovU0pOb3UxT0U4YWlMOUdMM3oyamgvZXNJOHVRdHgwdnVpaFFwMVpVQnZ1M0FKenh4OTBjbHlLend2UEJFeUlGSndZbUhBNUozbXYyeU1VNTNOY1lDS0EzWldleXRSMWdERUdLZzJIaEI2Y2NFdmJEakpNOVJ4NE9XMldiREY5aGhQU1ZLblhBOVpyTUo2cDVNM1BBSkRTYTNZTDludXJ0fA&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.refinery29.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1703
content-length
509
expires
0
/
b1h.zemanta.com/api/bidder/prebid/bid/ Frame E19C
0
124 B
XHR
General
Full URL
https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/hb_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.refinery29.com
Access-Control-Allow-Credentials
true
/
ghb.adtelligent.com/v2/auction/ Frame E19C
967 B
757 B
XHR
General
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/hb_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
9b0aa07a85cc58c818c900dc3cc824c360db91a240cbf11349a149cc5ef570bf

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 02 Jul 2021 16:03:56 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.refinery29.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
464
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E19C
264 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=785062&size_id=15&alt_size_ids=16%2C159&rp_schain=1.0,1!spotim.market,sp_rexLo99v,1,,,&eid_pubcid.org=742e14d3-4ece-4757-b90e-7d99e6dab358%5E1&rf=https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon&tk_flint=pbjs_lite_v4.41.0-pre&x_source.tid=f589b93e-f035-4203-bf36-9b3acf07ca61&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5624480468319655
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/hb_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ff52217d99a27a2d5b606b3930f79174800fe1f79e8d83a7d0a6834f72ef6309

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:55 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.refinery29.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
264
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ Frame E19C
25 B
373 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=356568&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22108c928a8da3859%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.41.0-pre%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_rexLo99v%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2211e5b4c09a0331a%22%2C%22ext%22%3A%7B%22siteID%22%3A356568%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2211e5b4c09a0331a%22%2C%22ext%22%3A%7B%22siteID%22%3A356568%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2211e5b4c09a0331a%22%2C%22ext%22%3A%7B%22siteID%22%3A356568%2C%22sid%22%3A%22320x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/hb_270443_6630.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f639e1a971f1b8f1739213cf4a57559afbe37c737f3c742344830f7f959fd1e5

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:56 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.100], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.refinery29.com
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
28
expires
Fri, 02 Jul 2021 16:03:56 GMT
bids
prebid-us.creativecdn.com/bidder/prebid/ Frame E19C
0
180 B
XHR
General
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/hb_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.refinery29.com
date
Fri, 02 Jul 2021 16:03:56 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bidRequest
c2shb.ssp.yahoo.com/ Frame E19C
62 B
478 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694c0017474985ad89cda5ed603fd&pos=4850946&cmd=bid&secure=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/hb_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
2c1994f59b9b548a1c2c91902a59635895a9769e6eda7fac131f7bb2e7ff1e3c

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 02 Jul 2021 16:03:55 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.refinery29.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ Frame E19C
62 B
478 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694c0017474985ad89cda5ed603fd&pos=5242527&cmd=bid&secure=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/hb_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
d5d8142c2f02eda71189ac046aa11019d8ca8519ae030f6549d12c7ebf7fe991

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 02 Jul 2021 16:03:55 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.refinery29.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ Frame E19C
62 B
478 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694c0017474985ad89cda5ed603fd&pos=8a969435017777a74966b045e6a00410&cmd=bid&secure=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/hb_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
c42c2f9a137aec026a841e1e4fe2aea76e97fbd40305f14721a6145676749305

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 02 Jul 2021 16:03:55 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.refinery29.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame E19C
374 B
727 B
XHR
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon&SafeFrame=true&CanonicalUrl=https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon&PublisherDomain=https%3A%2F%2Fwww.refinery29.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/hb_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 Nanterre, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
e594f2d564eea7558f79bc92e84cde4ce0a7f2dd89bbff00112d9023d09ade1f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:55 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.refinery29.com
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
143
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
374
expires
0
prebid
prebid.deepintent.com/ Frame E19C
0
228 B
XHR
General
Full URL
https://prebid.deepintent.com/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/hb_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 02 Jul 2021 16:03:55 GMT
server
a
vary
Origin
access-control-allow-methods
POST, GET, OPTIONS, DELETE
access-control-allow-origin
https://www.refinery29.com
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
translator
hbopenbid.pubmatic.com/ Frame E19C
0
62 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/hb_270443_6630.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.refinery29.com
date
Fri, 02 Jul 2021 16:03:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
ghb1.adtelligent.com/v2/auction/ Frame E19C
121 B
390 B
XHR
General
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/hb_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
043620585bc36b30e13dab7d9a8a85e8baa82be8897a19e4e4a269114409b8da

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.refinery29.com
Date
Fri, 02 Jul 2021 16:03:55 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
121
Content-Type
application/json; charset=UTF-8
prebid
ib.adnxs.com/ut/v3/ Frame E19C
144 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/hb_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
fba03f80d4f80db33a4bafca980ecf3849c538988d1beedc747fa982b6850c5d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:55 GMT
X-Proxy-Origin
82.102.19.100; 82.102.19.100; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4bd1c4ed-1879-45c8-be24-8977f23306dc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.refinery29.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rtb
trends.revcontent.com/ Frame E19C
80 B
269 B
XHR
General
Full URL
https://trends.revcontent.com/rtb?apiKey=b7b594eb3a542d84f1718555eb51303d1083ca46&userId=152441
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/hb_270443_6630.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.31.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash
c364bbd3730196adce028605e7c630389a6a2736fceb342dbaceea8b5f19e338

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.refinery29.com
date
Fri, 02 Jul 2021 16:03:57 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
content-length
80
content-type
application/json
arj
spot-im-d.openx.net/w/1.0/ Frame E19C
172 B
357 B
XHR
General
Full URL
https://spot-im-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f589b93e-f035-4203-bf36-9b3acf07ca61%2Cf589b93e-f035-4203-bf36-9b3acf07ca61%2Cf589b93e-f035-4203-bf36-9b3acf07ca61&nocache=1625241835760&pubcid=742e14d3-4ece-4757-b90e-7d99e6dab358&schain=1.0%2C1!spotim.market%2Csp_rexLo99v%2C1%2C%2C%2C&aus=300x250%2C336x280%2C320x250%7C300x250%2C336x280%2C320x250%7C300x250%2C336x280%2C320x250&divids=div-gpt-ad-1595432533481-0%2Cdiv-gpt-ad-1595432533481-0%2Cdiv-gpt-ad-1595432533481-0&aucs=%2C%2C&auid=540934835%2C541192057%2C543856208
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/hb_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
d5d2baa2ac651262e559202c0f1fc95683b64f0ba903c55219788b95e348425d

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:55 GMT
content-encoding
gzip
server
OXGW/16.210.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.refinery29.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame E19C
0
191 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.41.0-pre&cb=92639884476
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/hb_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.refinery29.com
date
Fri, 02 Jul 2021 16:03:54 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
bid
ap.lijit.com/rtb/ Frame E19C
93 B
759 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.41.0-pre
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/hb_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
715896ae5970af69c2f5fb3ba95af7930a3fd9a224052e60d49bbb8711fa64cb

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 02 Jul 2021 16:03:55 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.refinery29.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
prebid
ib.adnxs.com/ut/v3/ Frame C324
144 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: p.ytdeliver.com
URL: https://p.ytdeliver.com/prebidlink/18810/pbm_307825_8201.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
99959ab76c3608135bf3f8d70865816747e4c9e25ac69bc1003689e358b80ba3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://p.ytdeliver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:55 GMT
X-Proxy-Origin
82.102.19.100; 82.102.19.100; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a25f84b2-6ff0-4cbd-8d68-554438d99b07
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://p.ytdeliver.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame C324
0
188 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.22&cb=67777789625
Requested by
Host: p.ytdeliver.com
URL: https://p.ytdeliver.com/prebidlink/18810/pbm_307825_8201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.ytdeliver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://p.ytdeliver.com
date
Fri, 02 Jul 2021 16:03:54 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid-request
onetag-sys.com/ Frame C324
15 B
371 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: p.ytdeliver.com
URL: https://p.ytdeliver.com/prebidlink/18810/pbm_307825_8201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://p.ytdeliver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://p.ytdeliver.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
hb
ice.360yield.com/ Frame C324
99 B
517 B
XHR
General
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2215bf418d10fd351%22%2C%22version%22%3A%226.1.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.refinery29.com%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22144f0aebadcb71a%22%2C%22currency%22%3A%22USD%22%2C%22pid%22%3A22386768%2C%22tid%22%3A%22137835e7b8e4b2e%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: p.ytdeliver.com
URL: https://p.ytdeliver.com/prebidlink/18810/pbm_307825_8201.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.99.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1ce694dab027e07c11bf9ac6eadea70d86513e62aa742deef0cb30b1eb2e6dc7

Request headers

Referer
https://p.ytdeliver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://p.ytdeliver.com
date
Fri, 02 Jul 2021 16:03:56 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
99
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame C324
0
177 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: p.ytdeliver.com
URL: https://p.ytdeliver.com/prebidlink/18810/pbm_307825_8201.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.ytdeliver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://p.ytdeliver.com
date
Fri, 02 Jul 2021 16:03:55 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=HFaFt3x6VlkvbmdDR0txaFBBSU8ydGFZSlc3aVFqMlNsR2U5UVFBdm1nUCs5NzFKanM5aCthNERWdk55dE5NY3RSNG9yTWxiS2hCaU11NnZhR2VvZmJ4SERoOTZzbzNnN1dPN3ovU0pOb3UxT0U4YWlMOUdMM3oyamgvZXNJOHVRdHgwdnVpaFFwMVpVQnZ1M0FKenh4OTBjbHlLend2UEJFeUlGSndZbUhBNUozbXYyeU1VNTNOY1lDS0EzWldleXRSMWdERUdLZzJIaEI2Y2NFdmJEakpNOVJ4NE9XMldiREY5aGhQU1ZLblhBOVpyTUo2cDVNM1BBSkRTYTNZTDludXJ0fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1421
date
Fri, 02 Jul 2021 16:03:55 GMT
content-encoding
gzip
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame E19C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
86 B
521 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 16:03:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:55 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Cookie set csync
sync.adtelligent.com/ Frame 4E37
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D&s=189529&C=1
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YN846yknIwQuo6L8HtE.OwAA%261218
86 B
540 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YN846yknIwQuo6L8HtE.OwAA%261218
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.refinery29.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
vmuid=09be72d539e6c5f8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

Server
VertaMedia 1.0
Date
Fri, 02 Jul 2021 16:03:56 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=09be72d539e6c5f8; expires=Thu, 02 Sep 2021 16:03:56 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None a323546=YN846yknIwQuo6L8HtE.OwAA&1218; expires=Thu, 02 Sep 2021 16:03:56 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None

Redirect headers

Server
Apache
Content-Length
279
Content-Type
text/html; charset=iso-8859-1
Location
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YN846yknIwQuo6L8HtE.OwAA%261218
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 02 Jul 2021 16:03:55 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:55 GMT
Connection
keep-alive
Set-Cookie
CMID=YN846yknIwQuo6L8HtE.OwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Jul 2022 16:03:55 GMT CMPS=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Sep 2021 16:03:55 GMT CMPRO=1218;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Sep 2021 16:03:55 GMT CMST=YN8462DfOOsA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 03 Jul 2021 16:03:55 GMT
usync.html
eus.rubiconproject.com/ Frame CE5B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.refinery29.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 02 Jul 2021 16:03:56 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17184-d
Date
Fri, 02 Jul 2021 16:03:55 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
csync
sync.adtelligent.com/ Frame E19C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=323548&extuid=3977922899535124467
86 B
530 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=323548&extuid=3977922899535124467
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 16:03:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:55 GMT
X-Proxy-Origin
82.102.19.100; 82.102.19.100; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2ee28afd-f7e3-43e8-9b95-0e93e8dbe1c3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=323548&extuid=3977922899535124467
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/
125 KB
126 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
437a7c683780875b20ca2e73888396c8111ccbf7a6aa26f035d7c33cc57af360

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=977412-1105627

Response headers

Date
Fri, 02 Jul 2021 16:03:56 GMT
Content-Range
bytes 977412-1105627/1123676
Connection
keep-alive
Content-Length
128216
X-Served-By
cache-wdc5539-WDC
Last-Modified
Fri, 02 Jul 2021 15:29:29 GMT
Server
cloudinary
X-Timer
S1625239778.768889,VS0,VE0
ETag
"59fe4a7de90795ef4ed559b9ea48d031"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31555537
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/ Frame
0
0
Preflight
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
Protocol
HTTP/1.1
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.refinery29.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Fri, 02 Jul 2021 16:03:56 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
usync.html
eus.rubiconproject.com/ Frame EF96
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.refinery29.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KQMJ0YEQ-4-2DRZ; rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCune56eVAXOxtVOpC2SrFECnVCf6RDSlnhlW1wM1rEAVOp/hQEJK/2msCb8MYvaTRc+LdQHAVOjOykUPOC/vzP1eZLc+wfUpabulIz+QSOk=; ses15=; vis15=163630^1; audit=1|0o8zzNO5o4YNsBuRkaBTY81+1ZYfrZ/aTZXxjzMnNJNVWCmYXfW8xsISPS5ref4QqQwgVNyC4dbgcRgjl6EitUxkBIWMWoVW3OlDu/ORdD8=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 02 Jul 2021 16:03:56 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Date
Fri, 02 Jul 2021 16:03:56 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cookie set usermatch
ssum.casalemedia.com/ Frame BE57
2 KB
3 KB
Document
General
Full URL
https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241836077-993474091252-026384-011-001895%26biddername%3D42%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9746bb1893c00f5233ab9c6b2a2785def994591bf1a00e46957399ef0309dd13

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.refinery29.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YN846yknIwQuo6L8HtE.OwAA; CMPS=1111; CMPRO=1218; CMST=YN8462DfOOsA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|230|39|241|130|81|8|195
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1819
Expires
Fri, 02 Jul 2021 16:03:56 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:56 GMT
Connection
keep-alive
Set-Cookie
CMID=YN846yknIwQuo6L8HtE.OwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Jul 2022 16:03:56 GMT CMPS=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Sep 2021 16:03:56 GMT CMPRO=1218;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Sep 2021 16:03:56 GMT CMRUM3=2d60df38ec05a0&8260df38eca8c0&5160df38ec05a0&c360df38ec05a00&e660df38ec2760&2760df38ec0b40&0860df38ec05a00&f160df38ec05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Jul 2022 16:03:56 GMT CMST=YN8462DfOOwA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 03 Jul 2021 16:03:56 GMT
sync
pixel.advertising.com/ups/58268/ Frame DA8B
0
0
Document
General
Full URL
https://pixel.advertising.com/ups/58268/sync?&gdpr=1&gdpr_consent=&redir=true
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.254.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.advertising.com
:scheme
https
:path
/ups/58268/sync?&gdpr=1&gdpr_consent=&redir=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refinery29.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
APID=UP1a1e88f5-db4f-11eb-b06d-02c5fc9f2ed0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

date
Fri, 02 Jul 2021 16:03:56 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security
max-age=31536000
cookiesyncendpoint
sync.aniview.com/ Frame 3FDA
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241836077-993474091252-026384-011-001895%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=1625241836077-993474091252-026384-011-001895&biddername=55&key=3977922899535124467
0
215 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1625241836077-993474091252-026384-011-001895&biddername=55&key=3977922899535124467
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1625241836077-993474091252-026384-011-001895&biddername=55&key=3977922899535124467
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refinery29.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
aniC=1625241836077-993474091252-026384-011-001895
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

date
Fri, 02 Jul 2021 16:03:56 GMT
content-length
0
set-cookie
2_C_55=3977922899535124467; Path=/; Domain=aniview.com; Expires=Sat, 03 Jul 2021 16:03:56 GMT; Secure; SameSite=None 2_C_55=3977922899535124467; Path=/; Expires=Sat, 03 Jul 2021 16:03:56 GMT; Secure; SameSite=None

Redirect headers

Server
nginx/1.17.9
Date
Fri, 02 Jul 2021 16:03:56 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1625241836077-993474091252-026384-011-001895&biddername=55&key=3977922899535124467
AN-X-Request-Uuid
727e59c2-b657-48ce-aa0e-1f3b023db76f
Set-Cookie
uuid2=3977922899535124467; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 30-Sep-2021 16:03:56 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
82.102.19.100; 82.102.19.100; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
cookiesyncendpoint
sync.aniview.com/ Frame 256D
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241836077-993474091252-026384-011-001895%26biddername%3D2%26key%3D%24S...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1625241836077-993474091252-026384-011-001895&biddername=2&key=1a2c3b7c-db4f-11eb-ae3f-1d03a5b20306
0
236 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1625241836077-993474091252-026384-011-001895&biddername=2&key=1a2c3b7c-db4f-11eb-ae3f-1d03a5b20306
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1625241836077-993474091252-026384-011-001895&biddername=2&key=1a2c3b7c-db4f-11eb-ae3f-1d03a5b20306
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refinery29.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
aniC=1625241836077-993474091252-026384-011-001895
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

date
Fri, 02 Jul 2021 16:03:56 GMT
content-length
0
set-cookie
2_C_2=1a2c3b7c-db4f-11eb-ae3f-1d03a5b20306; Path=/; Domain=aniview.com; Expires=Sat, 03 Jul 2021 16:03:56 GMT; Secure; SameSite=None 2_C_2=1a2c3b7c-db4f-11eb-ae3f-1d03a5b20306; Path=/; Expires=Sat, 03 Jul 2021 16:03:56 GMT; Secure; SameSite=None

Redirect headers

Server
nginx
Date
Fri, 02 Jul 2021 16:03:56 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Set-Cookie
audience=1a2c3b7c-db4f-11eb-ae3f-1d03a5b20306; expires=Sat, 02-Jul-2022 17:10:36 GMT; path=/; domain=.spotxchange.com; SameSite=none; Secure
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1625241836077-993474091252-026384-011-001895&biddername=2&key=1a2c3b7c-db4f-11eb-ae3f-1d03a5b20306
X-fe
76
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0FFB
14 KB
5 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241836077-993474091252-026384-011-001895%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241836077-993474091252-026384-011-001895%26biddername%3D1%26key%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refinery29.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES; KADUSERCOOKIE=192EB506-0FDB-434D-843F-6C95D6ECF57F; chkChromeAb67Sec=1; DPSync3=1626393600%3A201_197_219%7C1625270400%3A174; SyncRTB3=1626393600%3A81_55_99_176_161_3_166_88_165_21_56_71_234_22_8_204_220_54_189_230_222_13_7%7C1625788800%3A2_15_67_223%7C1626480000%3A35%7C1626048000%3A63%7C1627776000%3A203; KRTBCOOKIE_1101=23040-6980360529432803473; PugT=1625241835; PUBMDCID=3; KRTBCOOKIE_409=22966-3rkDABSoVkUpFaNi2mnUXEzD; KRTBCOOKIE_153=19420-QCaufkUur3pbI6h5F3TnfBcu_ylbJP4qQyRsmIWN&KRTB&22979-QCaufkUur3pbI6h5F3TnfBcu_ylbJP4qQyRsmIWN; KRTBCOOKIE_27=16735-uid:e52960df-38eb-4a00-95db-9625d3a2bf1e&KRTB&16736-uid:e52960df-38eb-4a00-95db-9625d3a2bf1e&KRTB&23019-uid:e52960df-38eb-4a00-95db-9625d3a2bf1e&KRTB&23114-uid:e52960df-38eb-4a00-95db-9625d3a2bf1e; KRTBCOOKIE_1074=22956-e_6a2a9a53-17eb-4f54-a151-eb0298946e7b; KRTBCOOKIE_336=5844-3541338219267285443; KRTBCOOKIE_391=22924-951408994814211034&KRTB&23263-951408994814211034; KRTBCOOKIE_377=6810-823f8fa7-c618-4b4b-97f6-a31c58acde0d&KRTB&22918-823f8fa7-c618-4b4b-97f6-a31c58acde0d&KRTB&23031-823f8fa7-c618-4b4b-97f6-a31c58acde0d; KRTBCOOKIE_57=22776-2144464562938829969; KRTBCOOKIE_80=22987-CAESEKGgwZPto8Fp7owNmgZvNPQ&KRTB&16514-CAESEKGgwZPto8Fp7owNmgZvNPQ&KRTB&23025-CAESEKGgwZPto8Fp7owNmgZvNPQ; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_22=14911-6950569829880617825; SPugT=1625229014; KRTBCOOKIE_594=17105-RX-035f00be-755e-47f0-93a2-a937e68b276a-003&KRTB&17107-RX-035f00be-755e-47f0-93a2-a937e68b276a-003; KRTBCOOKIE_218=22978-YN846wACLYcDBwBg&KRTB&23194-YN846wACLYcDBwBg&KRTB&23209-YN846wACLYcDBwBg&KRTB&23244-YN846wACLYcDBwBg; KRTBCOOKIE_466=16530-d428f45f-a10f-43a8-b785-1a168448b744
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=68852
expires
Sat, 03 Jul 2021 11:11:28 GMT
date
Fri, 02 Jul 2021 16:03:56 GMT
vary
Accept-Encoding
cookiesyncendpoint
sync.aniview.com/ Frame 50B3
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241836077-993474091252-026384-011-001895%26biddername%3D72%26pid%3D5e0e...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1625241836077-993474091252-026384-011-001895&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
0
37 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1625241836077-993474091252-026384-011-001895&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1625241836077-993474091252-026384-011-001895&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refinery29.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
aniC=1625241836077-993474091252-026384-011-001895
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

date
Fri, 02 Jul 2021 16:03:56 GMT
content-length
0

Redirect headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.aniview.com/cookiesyncendpoint?auid=1625241836077-993474091252-026384-011-001895&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
content-length
0
date
Fri, 02 Jul 2021 16:03:55 GMT
server
AC1.1
vast.xml
optimized-by.rubiconproject.com/a/api/
28 B
901 B
XHR
General
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=17184&site_id=267122&zone_id=1323128&size_id=201&tg_c.language=en&width=400&height=300&rp_schain=1.0,1!spotim.market,sp_rexLo99v,1,,,&gdpr=1&gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.50.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:57 GMT
server
nginx/1.16.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.refinery29.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/xml
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/
28 B
902 B
XHR
General
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=17184&site_id=267122&zone_id=1323128&size_id=201&tg_c.language=en&width=400&height=300&rp_schain=1.0,1!spotim.market,sp_rexLo99v,1,,,&gdpr=1&gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.50.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:57 GMT
server
nginx/1.16.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.refinery29.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/xml
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
avpb3.js
player.aniview.com/script/6.1/ Frame 9FE8
282 KB
89 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
14fc395ad49ae416330b86596c58cfa774d3910503b94a25c51743a35a5a6288

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:56 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uzafgk_GO4dFGROVh7LPv-FSozRh2vSB7IEzxqzK1IPQtg-KxbJ-JoseY5TTfXcgpFabV-1n8M8XtvabWbHZ9HcAh_dNg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
90379
last-modified
Wed, 23 Jun 2021 10:47:56 GMT
server
UploadServer
etag
"cddb29ba1fbe753fa70d0a2f6004ba8c"
vary
Accept-Encoding
x-goog-hash
crc32c=/c9QSQ==, md5=zdspuh++dT+nDQovYAS6jA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1624445276759644
access-control-expose-headers
Content-Type
cache-control
no-transform, max-age=300
x-goog-stored-content-length
90379
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 02 Jul 2021 16:08:56 GMT
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.refinery29.com&rs=www.refinery29.com&sid=52007&t=1625241836&cip=82.102.19.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1625241836077-993474091252-026384-011-001895&cha=0.05&stagid=&stplid=&cb=71061407224&cd1=sp_rexLo99v&cd2=Desktop&cd3=reactions&cd4=11d1c77f-84ec-470a-be01-269fce580333&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd6=true&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f8484a8cae1e34e567bdbdf&e=request&cb=1625241836158&asid=606ad3fbab545d54873de6d4%2C5ff5a0f32840af74254bb1d3%2C5e85d2f0d23d91608a46c4b2&ofpr=5.5%2C%2C&fpo=%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:56 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
usync.js
eus.rubiconproject.com/ Frame CE5B
31 KB
9 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ad7f5d82e23fafe6f8edb75b2568d4b145bf6a4525cbe2eeb4b30b9f0db74795

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 16:03:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Jun 2021 16:13:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31838
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9274
Expires
Sat, 03 Jul 2021 00:54:34 GMT
cygnus
htlb.casalemedia.com/
24 B
372 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22188502fe9a64a3%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.42.1%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_rexLo99v%22%7D%5D%2C%22ver%22%3A%221.0%22%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2221c237f864ed55%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22sid%22%3A%22400x300%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A5.5%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
909fb0fd4e85eea2a2cd5ad8c30347057a5e2ea28bdd5844128971c45d028ad6

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:56 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.100], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.refinery29.com
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
28
expires
Fri, 02 Jul 2021 16:03:56 GMT
crum
dsum-sec.casalemedia.com/ Frame BE57
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YN846yknIwQuo6L8HtE.OwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOtZTrmOQ1hMcx2jwuNj68I&google_cver=1&gdpr=1&google_hm=2
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOtZTrmOQ1hMcx2jwuNj68I&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241836077-993474091252-026384-011-001895%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 02 Jul 2021 16:03:56 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOtZTrmOQ1hMcx2jwuNj68I&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame BE57
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YN846yknIwQuo6L8HtE-OwAABMIAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEB89Jpzt9C3A66Ldo15a39Y&google_cver=1
43 B
315 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEB89Jpzt9C3A66Ldo15a39Y&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241836077-993474091252-026384-011-001895%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 02 Jul 2021 16:03:56 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEB89Jpzt9C3A66Ldo15a39Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame BE57
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YN846yknIwQuo6L8HtE.OwAA&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241836077-993474091252-026384-011-001895%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame BE57
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN846yknIwQuo6L8HtE-OwAABMIAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN846yknIwQuo6L8HtE-OwAABMIAAAIB&dcc=t
43 B
433 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN846yknIwQuo6L8HtE-OwAABMIAAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241836077-993474091252-026384-011-001895%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:56 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:56 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN846yknIwQuo6L8HtE-OwAABMIAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame BE57
43 B
430 B
Image
General
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241836077-993474091252-026384-011-001895%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.13.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:57 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BE57
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=8TUBqfQ9AK3qMAeupmdIq6Y9UP7qN1H98je49g8s
43 B
1014 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=8TUBqfQ9AK3qMAeupmdIq6Y9UP7qN1H98je49g8s
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241836077-993474091252-026384-011-001895%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 02 Jul 2021 16:03:56 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:56 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=8TUBqfQ9AK3qMAeupmdIq6Y9UP7qN1H98je49g8s
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BE57
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=c8d2021e-6ac2-4429-a5e6-0c3a670122b3&expiration=1656777838
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=c8d2021e-6ac2-4429-a5e6-0c3a670122b3&expiration=1656777838
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241836077-993474091252-026384-011-001895%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 02 Jul 2021 16:03:58 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=c8d2021e-6ac2-4429-a5e6-0c3a670122b3&expiration=1656777838
date
Fri, 02 Jul 2021 16:03:58 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame BE57
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-5be9be47-291e-4f75-9c32-173e0cdb202c
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-5be9be47-291e-4f75-9c32-173e0cdb202c
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241836077-993474091252-026384-011-001895%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 02 Jul 2021 16:03:58 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-5be9be47-291e-4f75-9c32-173e0cdb202c
date
Fri, 02 Jul 2021 16:03:58 GMT
server
Apache-Coyote/1.1
content-length
0
cookiesyncendpoint
sync.aniview.com/ Frame BE57
0
233 B
Image
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1625241836077-993474091252-026384-011-001895&biddername=42&key=YN846yknIwQuo6L8HtE.OwAA%261218
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625241836077-993474091252-026384-011-001895%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:56 GMT
content-length
0
multitracking
hb.spotim.market/adunit/ Frame E19C
0
209 B
XHR
General
Full URL
https://hb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/wrapper_hb_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.refinery29.com
Date
Fri, 02 Jul 2021 16:03:56 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
mut
ghb.adtelligent.com/adunit/ Frame C324
0
206 B
XHR
General
Full URL
https://ghb.adtelligent.com/adunit/mut
Requested by
Host: p.ytdeliver.com
URL: https://p.ytdeliver.com/prebidlink/18810/pbm_307825_8201.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.ytdeliver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://p.ytdeliver.com
Date
Fri, 02 Jul 2021 16:03:56 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
usync.js
eus.rubiconproject.com/ Frame EF96
31 KB
9 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ad7f5d82e23fafe6f8edb75b2568d4b145bf6a4525cbe2eeb4b30b9f0db74795

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 16:03:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Jun 2021 16:13:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=31838
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9274
Expires
Sat, 03 Jul 2021 00:54:34 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame CE5B
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&us_privacy=1---
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 8810
995 B
875 B
Document
General
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: p.ytdeliver.com
URL: https://p.ytdeliver.com/prebidlink/18810/pbm_307825_8201.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://p.ytdeliver.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=3977922899535124467; icu=ChgI4axaEAoYASABKAEw6_H8hgY4AUABSAEQ6_H8hgYYAA..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://p.ytdeliver.com/

Response headers

Server
nginx/1.13.10
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Sat, 02 Jul 2022 16:03:57 GMT
Date
Fri, 02 Jul 2021 16:03:57 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame FAC7
2 KB
823 B
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1625241836949
Requested by
Host: p.ytdeliver.com
URL: https://p.ytdeliver.com/prebidlink/18810/pbm_307825_8201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1625241836949
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://p.ytdeliver.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://p.ytdeliver.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame EF96
0
239 B
Image
General
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17184&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
c57992b917a1c5de787b922c662fdf18
Content-Type
image/gif
async_usersync
secure.adnxs.com/ Frame 8810
0
731 B
Script
General
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:57 GMT
X-Proxy-Origin
82.102.19.100; 82.102.19.100; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
576bd5b0-44dc-4fd3-8557-aef481c5368f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 2548
2 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.refinery29.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 02 Jul 2021 16:03:57 GMT
Connection
keep-alive
integrator.js
adservice.google.be/adsid/ Frame E19C
107 B
165 B
Script
General
Full URL
https://adservice.google.be/adsid/integrator.js?domain=www.refinery29.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 02 Jul 2021 16:03:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E19C
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.refinery29.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 02 Jul 2021 16:03:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame E19C
24 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3027707577561216&correlator=3934598115726668&output=ldjh&impl=fifs&eid=31061664%2C31061750%2C21064371%2C31061035%2C31061181%2C31061719&vrg=2021063001&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210702&iu_parts=39694909%2CReactions%2CReact-Refinery29&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C336x280%7C320x250&prev_scp=reactionsSpotId%3Dsp_rexLo99v%26source_version%3Dv17.2.1%26topSpotId%3Dsp_rexLo99v%26source%3Dreactions%26pageViewId%3D11d1c77f-84ec-470a-be01-269fce580333%26isStandaloneAdUnit%3Dtrue%26excl_cat%3DPREPOST&eri=5&cookie_enabled=1&cdm=www.refinery29.com&bc=31&abxe=1&dt=1625241837110&dlt=1625241835185&idt=205&ea=0&frm=23&biw=1600&bih=1200&isw=336&ish=280&oid=3&adxs=250&adys=2992&adks=3760265333&ucis=wkgxwbqv8uu&ifi=1&ifk=38843023&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=www.refinery29.com&loc=https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon&top=www.refinery29.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x280&msz=336x0&ga_vid=1524491145.1625241837&ga_sid=1625241837&ga_hid=514640978&ga_fc=false&fws=260&ohw=336&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ed3f20f434fc8b826736fc729a246b0defbb1d6fd93f146f291ce72e68890478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13605
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.refinery29.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6627
6 KB
3 KB
Document
General
Full URL
https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refinery29.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 02 Jul 2021 16:03:57 GMT
expires
Sat, 02 Jul 2022 16:03:57 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 0716
1 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f50922b0c4e9921da0238ce6040397ac33b884e2eb8c618c3f18535c5ab841ab

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YN846yknIwQuo6L8HtE.OwAA; CMPS=1111; CMPRO=1218; CMST=YN8462DfOOwA; CMRUM3=2760df38ec0b40&0860df38ec05a00&f160df38ec05a0&8260df38eca8c0&5160df38ec27608TUBqfQ9AK3qMAeupmdIq6Y9UP7qN1H98je49g8s&c360df38ec05a00&e660df38ec2760&2d60df38ec2760CAESEOtZTrmOQ1hMcx2jwuNj68I
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|4|206|130|65|190|152
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1467
Expires
Fri, 02 Jul 2021 16:03:57 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:57 GMT
Connection
keep-alive
Set-Cookie
CMID=YN846yknIwQuo6L8HtE.OwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Jul 2022 16:03:57 GMT CMPS=1111;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Sep 2021 16:03:57 GMT CMPRO=1218;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Sep 2021 16:03:57 GMT CMST=YN8462DfOO0A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 03 Jul 2021 16:03:57 GMT CMRUM3=f160df38ec05a0&0860df38ec05a00&4960df38ed05a0&2760df38ec0b40&e660df38ec2760&be60df38ed05a0&2e60df38ed05a0&0460df38ed05a0&8260df38eda8c0&5160df38ec27608TUBqfQ9AK3qMAeupmdIq6Y9UP7qN1H98je49g8s&c360df38ec05a00&ce60df38ed05a0&9860df38ed05a00&2d60df38ec2760CAESEOtZTrmOQ1hMcx2jwuNj68I&4160df38ed05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Jul 2022 16:03:57 GMT
YN846yknIwQuo6L8HtE-OwAABMIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0716
43 B
192 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YN846yknIwQuo6L8HtE-OwAABMIAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:57 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 0716
0
0
Image
General
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

rum
dsum-sec.casalemedia.com/ Frame 0716
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=6950569829880617825
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=6950569829880617825
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 02 Jul 2021 16:03:57 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=6950569829880617825
pragma
no-cache
date
Fri, 02 Jul 2021 16:03:56 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sync
ups.analytics.yahoo.com/ups/55940/ Frame 0716
0
234 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YN846yknIwQuo6L8HtE-OwAABMIAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 16:03:58 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ie
match.prod.bidr.io/cookie-sync/ Frame 0716
43 B
430 B
Image
General
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.13.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:57 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame 0716
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1625328237&gdpr=1
43 B
315 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1625328237&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 02 Jul 2021 16:03:58 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1625328237&gdpr=1
pragma
no-cache
date
Fri, 02 Jul 2021 16:03:57 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
getuid
ib.adnxs.com/ Frame 0716
0
0
Image
General
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

crum
dsum-sec.casalemedia.com/ Frame 0716
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=6033b807-9f32-44f9-a9d7-866259b87586
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=6033b807-9f32-44f9-a9d7-866259b87586
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 02 Jul 2021 16:03:57 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:57 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=6033b807-9f32-44f9-a9d7-866259b87586
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 0716
43 B
425 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YN846yknIwQuo6L8HtE.OwAA%261218
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.refinery29.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 16:03:57 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2715
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 02 Jul 2021 16:49:12 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/
28 B
901 B
XHR
General
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=17184&site_id=267122&zone_id=1323128&size_id=201&tg_c.language=en&width=400&height=300&rp_schain=1.0,1!spotim.market,sp_rexLo99v,1,,,&gdpr=1&gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.50.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:57 GMT
server
nginx/1.16.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.refinery29.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/xml
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/
28 B
901 B
XHR
General
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=17184&site_id=267122&zone_id=1323128&size_id=201&tg_c.language=en&width=400&height=300&rp_schain=1.0,1!spotim.market,sp_rexLo99v,1,,,&gdpr=1&gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.50.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:57 GMT
server
nginx/1.16.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.refinery29.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/xml
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.refinery29.com&rs=www.refinery29.com&sid=52007&t=1625241836&cip=82.102.19.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1625241836077-993474091252-026384-011-001895&cha=0.05&stagid=&stplid=&cb=71061407224&cd1=sp_rexLo99v&cd2=Desktop&cd3=reactions&cd4=11d1c77f-84ec-470a-be01-269fce580333&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd6=true&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f8484a8cae1e34e567bdbdf&e=request&cb=1625241837318&asid=606ad3fbab545d54873de6d4%2C5ff5a0f32840af74254bb1d3%2C5e85d2f0d23d91608a46c4b2&ofpr=5.5%2C%2C&fpo=%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:57 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
cygnus
htlb.casalemedia.com/
24 B
372 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22430d432a444e0f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.42.1%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_rexLo99v%22%7D%5D%2C%22ver%22%3A%221.0%22%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%225653f0500c4014%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22sid%22%3A%22400x300%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A5.5%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
240402e77a958d701d4efc64edd7ce0569182676b328b07603874c07a4ca4683

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:57 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.100], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.refinery29.com
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
28
expires
Fri, 02 Jul 2021 16:03:57 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 87C1
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156758&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 12:29:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
container.html
7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E4EE
6 KB
3 KB
Document
General
Full URL
https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refinery29.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 02 Jul 2021 16:03:57 GMT
expires
Sat, 02 Jul 2022 16:03:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame E19C
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a9a19e56cdf55a52ccdc15ae0f7bc04cf281e9039c1f33383266fe60df71b51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:57 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1625082173397852"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27722
x-xss-protection
0
expires
Fri, 02 Jul 2021 16:03:57 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E19C
10 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021063001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17437cbb14bbf7e945e5d70666a56d564df893e57b30215c654f61cd91ce02da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 02 Jul 2021 16:03:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
track
atrack.avplayer.com/
0
70 B
Image
General
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M18&cb=1625241837450&cid=5e6baa664ac213650365e3f9&VERSION=4.66.0&cou=DE&AV_PAGE_LOAD_UID=6ae96952-34a8-4d89-a3b3-93ee4ab00d7b&AV_CDIM4=6ae96952-34a8-4d89-a3b3-93ee4ab00d7b&AV_ABTEST_TEMPLATE_WIGHT=100&AV_CDIM6=100&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.237.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:57 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E19C
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 02 Jul 2021 16:03:57 GMT
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame E4EE
232 KB
70 KB
Script
General
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:6a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f081d2381987b06fd8bfc2b2cc7300833ae12e4377174c426d7e705e7f4f0b03

Request headers

Referer
https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 15:45:30 GMT
content-encoding
br
last-modified
Fri, 02 Jul 2021 15:28:32 GMT
server
AmazonS3
age
1108
etag
W/"08106a05ae289cc78c1439652706f766"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
uxfuGbJQCtAtkk_mLUhlidE0BGC0GWai
via
1.1 f54d9ad301a95e7dcfde675e1cd5ba89.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
AMS1-C1
content-type
text/javascript
x-amz-cf-id
X3gBi_v_eP-rXwDVaY2DALxLohlqnROzAqOt8hvCBnnlSH8tsoYGZw==
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1210
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refinery29.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 02 Jul 2021 15:21:50 GMT
expires
Sat, 02 Jul 2022 15:21:50 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2527
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 7FDB
783 B
768 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
14110e99338f4a4d46f3962d79084ad0e5c056e12d83a6614cc8f66f8de25c2f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RscaX0RqjPbpgZWC9LaWvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refinery29.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

expires
Fri, 02 Jul 2021 16:03:57 GMT
date
Fri, 02 Jul 2021 16:03:57 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-RscaX0RqjPbpgZWC9LaWvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
init
gw.geoedge.be/api/ Frame E4EE
0
104 B
XHR
General
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.200.170.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Fri, 02 Jul 2021 16:03:57 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
content-length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 26E1
624 B
344 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNWnb6z3N-jUKY_hzqbhxM2NUxolKcuiD1_9Cpqb5m03nlKPi5dhIx431cc2zMCRqlEMYlzWGE8FQHnzc6PtNplGGuFr89ZK5Q18EKlMIyVZRnMk515MpheBRXniZyn_YGs9tBIySPqd0-RyYnPllRU_Fl5fD1BxUQzXoNIsC-mc4hr0cUQ
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNWnb6z3N-jUKY_hzqbhxM2NUxolKcuiD1_9Cpqb5m03nlKPi5dhIx431cc2zMCRqlEMYlzWGE8FQHnzc6PtNplGGuFr89ZK5Q18EKlMIyVZRnMk515MpheBRXniZyn_YGs9tBIySPqd0-RyYnPllRU_Fl5fD1BxUQzXoNIsC-mc4hr0cUQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUklB4TBdKXsLNaV-nSN6bNixzMTgeszLxSKIsx_0shBOkgdBheFxWYoXKWSX3g
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 02 Jul 2021 16:03:57 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame E4EE
24 KB
12 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BF3d_m_xx3BA6F9GHSEGwwjGB85Ob2coTpLu7dLKELBwgiox4Psi7VgUdYMEhExzAd8QRlzpFjGLN6ukVl-xOd_Eialx9R9T8LdFGYC953R75QzrS9dQJ9eujSWFaCjkmJY0R1AyHRcgwcI1IwVMD4IEeCjw&cry=1&dbm_d=AKAmf-DPxI2BGYCvpraLSVxjtIeei59hfLFY6G-AfHLDD2tF0GKhuG5OqbEppv_BfngSEUqZVeh0zv6F8q3uJ3c_cUmo4cWn1t9kzj7LoMglKGbrYccQhzNeSdpd4yZuCkGJTM-tqeFiZ_JEdhm11tcB_CI1auQPyRY31-UzisjdIBMFTFjPNX5sMm8TEHUo8aub3W4l8f6qkTq3QpWcZ3Ts9kDHLSXg89t5Dna3y3bNVaMmQQ7d1__T6UXCjxh0uRyk3enc7DWUrq6kdRlTEYvsxNcBckwFfy8odwQMIr5xkke5-2DU0Ychdqe27lKoez9za9w3gqGlljBfuKaiiojpYIW1oLGMneGRNdDT-tMsWKDAAEsxMgZyOqckgWrpds8jANU2TPPuwoca34zFYEQLIS1XtmEKo9FiV3An8u2D3M4XGQza2CvVoKonpvf3U_vIsLuLXn8-5v3bXTVPDGtp2WLSctqRe56oDcHgNkttpb7ScsKKi7wLWTHRmTpa0DuehwxGhF1GDqwex4e6SSfL2SBMscYC1w8r_FaTzmGCt4kYKD1kfC36hfpxVxClbTL7LJfxRVo5Qi4nPLe6I8KkmVVY9_4UEi4tW-BmT4rgci41W4YiueI4BDB_NEXSCvF5U1KHAVlRj3RtFl4knwmB4rKADp2dy_y6jpIDbguhgBvanjgsJfnDCBXTSPdPlT3GyB-fjZ6TVlLgYasEePNpZfQ7sf3xZL-vjMioYuh0PZs9czy0cnY-woPVC5RXfw-817_5AHJUOE50jsQMa8GrsXsKRmhAAlFgPfBPO6GSJ9MHZdp5IvQdkwFO8MJYUXbThwyzlHXeDdNuYmwFdtjgcpeVga7-vmtBpL1uN2GBaRCWJuWPPFI4vpE848ArWieJXN79gha9phWFIzdvImKjUO1JAFTbSGJfBx3niHsei7NOQ8YKEU-f2alUHQJWtNYbcedKOiCJbS6XeWWC8JFR3Tm38QKhu6lqq40T5x1w7nD-Z2kiV__2jwwRLsW8K_mYohfNpWe7gcwZnSE3bUnd-iJJf3d4p8swe7zYEp_QTsevgJ1Q7kkgk7IhGXLJNuq3JF95YOckbFOqreVTfmVPlkTN4x65CDa7GxpAbSj9FI1Rp7k8-APdNBrRIPpyVIBPJa-1qAsUjx_1TU2b6CnzhQ5gT96eRDGXliAYYclXV9LHcRJN-9Nq5PUUmDt-vXD0Y1zlbSqUic2LrFR4QCYQ3wtoYeFPTnCke6wrdAu7c8rPW3aEPDm-yIvORZLaT86PCfBnNPTH4J-_aFLtq-85uo1jB61lBf-1Z1MzBm81jAIITyEN9Z5SPA3LUwYNA0WlJw9R_AFeEM6gVMxrAwpdtvkTL2X6bGF90lfYrt2x6zBmg7tXpb9eXAzOt1_roXoR-b3Na2KKQsgv61p8Az-_Json2WlX-QrFnZ54HNo_0WoQOHNZM4nRj3pv35ld5oM1LlBxmvd5isUZ3oUlTyl3SDHkChG1pGBsUmsz5LPmfItA_fGjowAA4Em4fqsymHX_Axi5HA_Q7hRxHf_OZ6Y2OjZarTtT7cImmZzRkrtBaHBnnxa3yxPjN4-1WqQua9luQxlY-Hg3sCEyc0euf6Um_nMXJ1z8FzfrEtJq0vQCEDS5pZtvWFk_tIxfVaxliSrtnrrjrAeH_h7Pq1ShdOymG0zfq3-mKUu4YPDYqFE6ct1UahH3NEq3sATLAg7BCJAEkkNbkNZ6TwHNcaPoN4brFfAiu5oMSVuteofipf_j5FjYmNhNrAUFGUr9APOb1B-nH0YWJ7V_P8qPhwHkvoR7NP7yblprh6RAVp2Lo2oHmKuMkP7klYimB7iAnibJzJJxM4gdo_Z4FwYa15wNJ6gcveGwjUNNPQmot6AkeYx1WK8PF14LI6oMyUHSSjKD4VI-rJJDe49X9OMLS5ojPeo9V1dgeNGVIfTkDkwxtIdVI__nZc5eZ5XHGpEprjyufqShFM97peZzGtCR5jX3kVUr7FOsLZis0cnB0fTTH54zpXRB49-BudFFvrj7Wox98PyBhFg-u44VxCIaOAO4t_X3M63PuSxMtnHk1V5HDvzjbzurTu3syT_Nv5oEKkyQ8eXoaTELONu--oRdiHGYyreLDZe6nyP-hlie8Up-FSjBfOWfKFA5eVMCPzHej-IfhwoKjhLul1XafXm5eCaaKuj9bszS0nU7bkmtQIXg-06Qjjas9UEQegGHwIcFCsSE2eh12hcnN8Y9hpu_gCElVSByQfhR2SvCfiB-D_76EMqrrnPQyEOAabo_EJDHiil9drKBGB254S-37HnHqQZmxXXPnW8MWdPcshp6fxM1Kb6ZWzDO94JkeiZ_PEIdGWr2QRMsrypZMGjDl6PySd-ms54DmsD3G--lQyXziaOS41eoyh8DfstEq8SAYH20ojPLo57iqcAa2ZCIMjdSEwNlO96OsDDl60zrpDpbyEBfht23NOkmp5dGwxN_ZSX4gxumpndgzEOLvsq3mxMdOnq_q1SIRLYdh_qZtjHZ0mYqMTu3jZyYQcnG0mQRg4ticoUg1e599ZeRUbn4-Ve7g6ng83-Mx_uC60vrkhLyZuoyUd_RpqYF_L-sXzTaZF-uNwVlDxStUyPNCGaNqPYcOIpe0uOBuU7M83FYgpLWVPMB0-NEP3pMWiG2VRuWF2uvZWGTMTlttUiHWQl3BUILrU9ESTj5NuIy87GDQ4lVNe8dbHDDWvbhxYB6a-d0qWAvfyO94VqYdtbbDE_VXyk4PU1N8vLpG-OPHMNCuExa64rjMff4RfWjua4botDAtZMCBgG2_ZfMOp4D1eeJrd4e4MF8EvehWBY-FcQ50VZ7sNo7sB9Pyrl7ukdg1Wmmyzq-4_01fVCLsVJD9QYI6PrhpAv7fPBS1bx4p6tX9vKZ51NUb6C5VLtgLFvhLwOLXpPbJbb_N-MRmUaliIOiVdkK9vWZcG2_wEIpiaYptfOLgZ9PAfSEIpU6Myocjpyw-XsV-iifWjWvuAyylPzN-_1zZtMxXX57W5MQwiIATrhYXm4VqXUywT56kizZ9nogv7hFY6YEppCt4Xdqu1-L5-F5QqKTrL26UC2ygs6f25zpL_IZ8SUO32V5EVATqj5-C040-k-eyHI1_q17ejIyCN0_mEXfleNQrgpJR-fTKwyi2n-ctyvTV1ya5nrPPMXuEq1mRpFtx4jhLBefyvqdrh8jmitdGHpn6rCrhEZ94UUFQ1mOWFD7UqHcZArHVqI&cid=CAASEuRoezRr60xV4S2i7AVEKoJiOA&rfl=2%2Chttps%253A%252F%252Fwww.refinery29.com%242%2Chttps%253A%252F%252Fwww.refinery29.com%252F%240
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
195b2557cb235fb953c3202bed1e41bef6e7c502eb146ec0dd3868148c5682b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame E4EE
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:01:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Jul 2021 16:01:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E4EE
125 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71008215cb62c211dcfc83974988e24793e527ded21a5a3443caf7f2732aaaab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:57 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1625082185441780"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38802
x-xss-protection
0
expires
Fri, 02 Jul 2021 16:03:57 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame E4EE
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 15:53:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
645
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6207
x-xss-protection
0
server
cafe
etag
17140096307539089235
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Jul 2021 15:53:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E4EE
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CnZuAUzEmAOEon1UDZARK6NDlSViM5cefgNsq6uwD8UXQ_oDyIfHvSuvxWAluTsqxr2Ee6b34Xt_V8Y-IdIHUhQfH8AYuryngxPA1w9pMfPc1mttk
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js
pagead2.googlesyndication.com/bg/ Frame 1210
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 10:49:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
18848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13211
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 16:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Jul 2022 10:49:49 GMT
rum
dsum-sec.casalemedia.com/ Frame 26E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOtZTrmOQ1hMcx2jwuNj68I&google_cver=1
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOtZTrmOQ1hMcx2jwuNj68I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNWnb6z3N-jUKY_hzqbhxM2NUxolKcuiD1_9Cpqb5m03nlKPi5dhIx431cc2zMCRqlEMYlzWGE8FQHnzc6PtNplGGuFr89ZK5Q18EKlMIyVZRnMk515MpheBRXniZyn_YGs9tBIySPqd0-RyYnPllRU_Fl5fD1BxUQzXoNIsC-mc4hr0cUQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 02 Jul 2021 16:03:57 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOtZTrmOQ1hMcx2jwuNj68I&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 26E1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YN846yknIwQuo6L8HtE.OwAA
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_hm=YN846yknIwQuo6L8HtE.OwAA&google_tc=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK8cB3f2fYsLsug-60Cg3pQ&google_cver=1&google_hm=2
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK8cB3f2fYsLsug-60Cg3pQ&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNWnb6z3N-jUKY_hzqbhxM2NUxolKcuiD1_9Cpqb5m03nlKPi5dhIx431cc2zMCRqlEMYlzWGE8FQHnzc6PtNplGGuFr89ZK5Q18EKlMIyVZRnMk515MpheBRXniZyn_YGs9tBIySPqd0-RyYnPllRU_Fl5fD1BxUQzXoNIsC-mc4hr0cUQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 02 Jul 2021 16:03:57 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK8cB3f2fYsLsug-60Cg3pQ&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 26E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOu2rtft1hIarpJUShS7pQU&google_cver=1
43 B
1004 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOu2rtft1hIarpJUShS7pQU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNWnb6z3N-jUKY_hzqbhxM2NUxolKcuiD1_9Cpqb5m03nlKPi5dhIx431cc2zMCRqlEMYlzWGE8FQHnzc6PtNplGGuFr89ZK5Q18EKlMIyVZRnMk515MpheBRXniZyn_YGs9tBIySPqd0-RyYnPllRU_Fl5fD1BxUQzXoNIsC-mc4hr0cUQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:57 GMT
X-Proxy-Origin
82.102.19.100; 82.102.19.100; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
119f47be-07f1-4513-93c9-181995936dba
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOu2rtft1hIarpJUShS7pQU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 26E1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk3NzkyMjg5OTUzNTEyNDQ2Nw%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk3NzkyMjg5OTUzNTEyNDQ2Nw%3D%3D&google_tc=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk3NzkyMjg5OTUzNTEyNDQ2Nw%3D%3D&google_tc=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY28mRLzAB&v=APEucNWnb6z3N-jUKY_hzqbhxM2NUxolKcuiD1_9Cpqb5m03nlKPi5dhIx431cc2zMCRqlEMYlzWGE8FQHnzc6PtNplGGuFr89ZK5Q18EKlMIyVZRnMk515MpheBRXniZyn_YGs9tBIySPqd0-RyYnPllRU_Fl5fD1BxUQzXoNIsC-mc4hr0cUQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk3NzkyMjg5OTUzNTEyNDQ2Nw%3D%3D&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame E4EE
22 KB
8 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8676
x-xss-protection
0
server
cafe
etag
11618055936852703379
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Jul 2021 16:03:23 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E4EE
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 15:53:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86998
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Jul 2022 15:53:59 GMT
8udwcfe35vf5
hal9000.redintelligence.net/zone/ Frame E4EE
11 KB
4 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/8udwcfe35vf5?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWIiB7TjfYMHoCci83gPevIOICbv6hIpX7Yut3P0J8C4QASCFzOYxYLn4x4DcAcgBCakCmx3TxmTVsz6oAwGqBNgBT9B07TXa719VoKvj7rfYCXLGG4fehLlptcUiGOlxgG3LCdKaibX9cB2CSpXFUdWp04_RR1TvPWjg4DSnpI1uMMnDJByOVdSlvJv7KDXE6bGtuxgyFRz3ySdYOZTF5Po_Aabht00ft8swYz2wFhV779yf5cY8S9shybf9PCQxJB9Lp0-oBY5TTw9tkM_orQ78VXPvSTBUTAmWppZvqEZCR0fiOUl3Vp3zu62AEcg_TRlOi2v1s02JYfC9OqU6U7ZcoS4f_3G1qT62FgJUKqJv5AF0T7Ncg4CRwASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTExNDczNzE1MzA5NjM4NDSACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoezRr60xV4S2i7AVEKoJiOA%26sig%3DAOD64_3HrJckP_mrsWZBTZ-_FA371kZWUA%26client%3Dca-pub-5616046187545019%26dbm_c%3DAKAmf-DXVFnWoCYQ6gpRe9ei2BQAw2jBtvmqeD-fP-lTol348aNZB63zw_yU4izMHMBv_ZTG0hM-bQ62_V3LWMTL5yVgXGltd072LxHcCjVk8F5QngxoJGZT7WIlOxWoSjY2bxtcUlEi-WX_EQcddNYc4fjzs7w95w%26cry%3D1%26dbm_d%3DAKAmf-CxtS2q4-fKfjqnmh_DEGLwVkXFoEjGbeMMd9x-tbKrrv8w0kLzXy7TFhkcUjWQHkcL0Ti7W5_iyiqTuCISC-C212Y4Dwr6zUysFz1k_mST_qS0_vldHiyKnAH4jJ7tmNKH-37ceuVIO0exp1IUJHTklIiuLtA0mkPtQJuMLpkfRKLqVZvcXf1iSJOs2XaKqEUqCdWOMPWMyw4MhbXOr19uvytKmD7HtBVCpyG2-6fMfPMZ1EOTh1AgM40k74J9tGp4iao0-zqXLYfTCVL2xA-LhttBBX4g79ZQjDYj3RIv0UYNaXIc0Im00iQVRqRZ5dnudRF7wxn7ApAUBq1PdsSWvdpG9NBEatTahIdyxpKw2yvjSndtzKjM38DKvZjP8Gku9cAFLTfgYfzRZQmOaO28ebQqkQwIpgXXmcSJAtYbLUC2kUxfFC0_ufDLtwB3M0OiFZLN%26adurl%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
70d96ef568bd8d31143ff7812e0d302225cb5ce822da92907e5c4f8a80187dc9

Request headers

Referer
https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 16:03:58 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3925
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0C2F
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 02 Jul 2021 12:22:47 GMT
expires
Sat, 02 Jul 2022 12:22:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
13270
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
pagead2.googlesyndication.com/bg/ Frame 0C2F
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 20:52:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
69111
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5744
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Jul 2022 20:52:06 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame E19C
83 KB
27 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/hb_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:57 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 14:09:58 GMT
server
nginx
etag
W/"60b79136-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 03 Jul 2021 16:03:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E19C
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021063001&jk=3027707577561216&bg=!EBOlE1fNAAbV4AdB1eA7ACkAdvg8WkjUNG0QcS66OTR91Sn7VDf9mV6SsRzGSgLt8wjthDJnzR4r0gIAAADoUgAAABFoAQeZAqBUtKP1zwN5PoC0TmAxweoqqkzxMvmY2o5YZrA_7IVvMBabi9BK4EHOBKBnz8LdI3AalFTZz6QzKOG9CzBtUwbGP0_QMGQEtNRtMAcOOqRQyKdTfMFl9sCAfaQdjalJLY-uhQsS79MlKjiRJrnM1FRldk-sKMcz49wKbDuFJXfO3XNxswTn9IF_wl8cvmy8XP8x-S7I_7K8qLg_gdpukZaZvlF7cV9GWbRCC5r3rNWsnEVES5AedS_pC2vBDFoo48BgXTl9DKClb2jt06vNO_up2OSexbSihIRqOLkjRBpYMIs7asxLxNHv_6rtQ8vvZ607HX_4uSORFR019zr3wJG966U0a1PeIeFksUPQCJsTjYydjms-Iyk0W3rpyV-YFQLe_ViOwgWWuAsviN1eul39TJuGFeVUWnUn1EoxeJzd_gSdxszudKXAZPmzHBWfLu7PRwlInkyzY_OeSczApFeD1ckph4GRc4Hzx6a1-oA4K0zviT3nnO-EWIptFkU58TTGSQDuRa0cjiYroNxWuG0qdqpy7f7K4Rf37k1yCSfiCbKForux-7swDMOLnaOgsOzqLYCDLCQ190moU3cGUAMzZNnepe8BBwiQYuhCVr0G4LuM4c773VK8fjuGXuH1uMkN6GgL-6PJENy2qv-ml39VsdDwjABsquvl8g9RjRCfBAFc0iGZaLM3UtAaCQkZrsedpQCVSj_-5nuc3zKWLVr23gMD35qzQsEjLGk-NKLzYao1dXcj8eSbAhob8tvH9AX5WpxuQ-sPdUDHtSqLJ_x9k2domeEcI4LAl0K4pHir66PFjPIN3FIIaePsP4foMof2n8mmClfMwyrXckUwM4GEKecsXGG32yILYbQmfEpTjkS3gP-4slHn_powK295kmg
Requested by
Host: www.refinery29.com
URL: https://www.refinery29.com/en-us/hello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C2F
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVFPP7TjfYKiFIuGV7_UPxtmP2AoAAAAAOAHgBAI&bg=!f3ylfDjNAAYo4NJEKOA7ACkAdvg8WorrSkIw7o97KB6dBOQ_mAhHMXYZj6GedZzivw6CNDB-U5ncvQIAAACPUgAAAAxoAQeZAuO5b1pdyF59pZNzpkZ8yAtgXm6tJAvDgM5GH9teaihllq1_dYIoPrU5E4-yM-xKqbzJRte3Ap1CQIQjacmke7Qkg3MAcM4jT3LCPnpxbipnQKxmsSdghCJtM7EfRgTWZZW9UM_JX5-qkiVUf4re4Gm99PUgRZCTT-EidTevPZsNs25r_6q8LZ-EKjCInr4r2NzC1X14_6z1tNnKp_bQvR1wZ8Wtq0zNpU9Nmob-lkzvS6hX6XvPQmQIAjbZvlIlGMpqh30TArA__vOvYgVOfQGwMzKMaWl-WDJFQQOjav11uOnuWntswUYMd_GGl9ataQP3gu-bfhxfUDn8ovRyM5zDwOhxLaCtUYe81zM27mh-6nh2KJItRrPkQewq5T5Jf8rL3fqe58e-49BacKvVBhv6YZY-4YXdB-9PZa78k_Iwo88-HP5XFO5y3DpQYHyhzju_mGi-digvTvwL_zS611_mBTuFVoj_GdAlnr-lZCuSfpbMNohgD-2ZXEisHQk9iJ0_BJ4tarobnNnEccNK3wRvg-WKAozt8JQNkTs-hgOujExanBTxekCa4BSuRy3HKMEFACGKPUE5lRHedZB_ZZc2mYEeFNs6VuHVFJ6K-mcjdoE6My-DQpa8dtlzbY_NLf7nFl51Refr3r39GmYm30XXGvQ4I9vmkvXsQ0nyg-VYn5h8TVH4FRu_iVHx3xA5KsnBIAYYtMfp1JFjJLVBgU4qwEig7atXr28M7bkqouLltSTFJNv6_IlAIHTSsMLKL9pbThvCoCZax2VW4b5igtKiMNEhJoZDGBnDGh68iIPXdI-LVixyCziy1kPr2sINR8krUHfonfb7GUSoMvwbNhDkmDkIoTkJRM3ckD2R_IAFYtOc7Ss0YLa6x_oUKN7ZKI6XkGm2yqCyruI-rhGAZCUmFZCaZ58s9ij0I3o5kFqen1uiaGhX-TAPWCRyK2vsIsa7Ru8ToDRoN64Icu5WnNw5Mvc_
Requested by
Host: 7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com
URL: https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 9B3F
291 B
724 B
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.refinery29.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=www.refinery29.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refinery29.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1599
set-cookie
uid=8c08d351-bfae-4993-b408-023d67522c81; expires=Sat, 02 Jul 2022 16:03:57 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Fri, 02 Jul 2021 16:03:57 GMT
content-length
321
publishertag.prebid.js
static.criteo.net/js/ld/ Frame E19C
83 KB
27 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:58 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 14:09:58 GMT
server
nginx
etag
W/"60b79136-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 03 Jul 2021 16:03:58 GMT
multitracking
hb.spotim.market/adunit/ Frame E19C
0
209 B
XHR
General
Full URL
https://hb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/wrapper_hb_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.refinery29.com
Date
Fri, 02 Jul 2021 16:03:57 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
v3_270443_6630.json
player.spotim.market/prebidlink/2708736/ Frame E19C
89 KB
7 KB
XHR
General
Full URL
https://player.spotim.market/prebidlink/2708736/v3_270443_6630.json?cb=www.refinery29.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/wrapper_hb_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
5757b5dc1d1b18999d2297d763c13f7ced7b7b8c2eaf42f383d8234585d1ffb8

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:58 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 11:03:16 GMT
server
nginx
etag
W/"60def274-16220"
content-type
application/json
access-control-allow-origin
https://www.refinery29.com
expires
Fri, 02 Jul 2021 17:03:58 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
request.php
hal900024.redintelligence.net/ Frame E4EE
Redirect Chain
  • https://hal900024.redintelligence.net/request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=442dc696f4&subid=&uid=3f4ae470f3ced5d4&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900024.redintelligence.net/request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=442dc696f4&subid=&uid=3f4ae470f3ced5d4&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
613 B
936 B
Script
General
Full URL
https://hal900024.redintelligence.net/request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=442dc696f4&subid=&uid=3f4ae470f3ced5d4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWIiB7TjfYMHoCci83gPevIOICbv6hIpX7Yut3P0J8C4QASCFzOYxYLn4x4DcAcgBCakCmx3TxmTVsz6oAwGqBNgBT9B07TXa719VoKvj7rfYCXLGG4fehLlptcUiGOlxgG3LCdKaibX9cB2CSpXFUdWp04_RR1TvPWjg4DSnpI1uMMnDJByOVdSlvJv7KDXE6bGtuxgyFRz3ySdYOZTF5Po_Aabht00ft8swYz2wFhV779yf5cY8S9shybf9PCQxJB9Lp0-oBY5TTw9tkM_orQ78VXPvSTBUTAmWppZvqEZCR0fiOUl3Vp3zu62AEcg_TRlOi2v1s02JYfC9OqU6U7ZcoS4f_3G1qT62FgJUKqJv5AF0T7Ncg4CRwASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTExNDczNzE1MzA5NjM4NDSACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoezRr60xV4S2i7AVEKoJiOA%26sig%3DAOD64_3HrJckP_mrsWZBTZ-_FA371kZWUA%26client%3Dca-pub-5616046187545019%26dbm_c%3DAKAmf-DXVFnWoCYQ6gpRe9ei2BQAw2jBtvmqeD-fP-lTol348aNZB63zw_yU4izMHMBv_ZTG0hM-bQ62_V3LWMTL5yVgXGltd072LxHcCjVk8F5QngxoJGZT7WIlOxWoSjY2bxtcUlEi-WX_EQcddNYc4fjzs7w95w%26cry%3D1%26dbm_d%3DAKAmf-CxtS2q4-fKfjqnmh_DEGLwVkXFoEjGbeMMd9x-tbKrrv8w0kLzXy7TFhkcUjWQHkcL0Ti7W5_iyiqTuCISC-C212Y4Dwr6zUysFz1k_mST_qS0_vldHiyKnAH4jJ7tmNKH-37ceuVIO0exp1IUJHTklIiuLtA0mkPtQJuMLpkfRKLqVZvcXf1iSJOs2XaKqEUqCdWOMPWMyw4MhbXOr19uvytKmD7HtBVCpyG2-6fMfPMZ1EOTh1AgM40k74J9tGp4iao0-zqXLYfTCVL2xA-LhttBBX4g79ZQjDYj3RIv0UYNaXIc0Im00iQVRqRZ5dnudRF7wxn7ApAUBq1PdsSWvdpG9NBEatTahIdyxpKw2yvjSndtzKjM38DKvZjP8Gku9cAFLTfgYfzRZQmOaO28ebQqkQwIpgXXmcSJAtYbLUC2kUxfFC0_ufDLtwB3M0OiFZLN%26adurl%3D&documentReferer=https%3A%2F%2Fwww.refinery29.com%2F&ancestorOrigins=https%3A%2F%2Fwww.refinery29.com%2Chttps%3A%2F%2Fwww.refinery29.com&random=5824645767016&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com
URL: https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
645ea3f3d0b5a84fb7834cf7ddd7152d4204cdfbed508fba54fa92a7d866b6c0

Request headers

Referer
https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:58 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
97609800117603000628852011643024
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
330
Expires
Fri, 02 Jul 2021 17:03:58 +0200

Redirect headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 16:03:58 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=8udwcfe35vf5&nw=20&renderingType=javascript&namespace=442dc696f4&subid=&uid=3f4ae470f3ced5d4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWIiB7TjfYMHoCci83gPevIOICbv6hIpX7Yut3P0J8C4QASCFzOYxYLn4x4DcAcgBCakCmx3TxmTVsz6oAwGqBNgBT9B07TXa719VoKvj7rfYCXLGG4fehLlptcUiGOlxgG3LCdKaibX9cB2CSpXFUdWp04_RR1TvPWjg4DSnpI1uMMnDJByOVdSlvJv7KDXE6bGtuxgyFRz3ySdYOZTF5Po_Aabht00ft8swYz2wFhV779yf5cY8S9shybf9PCQxJB9Lp0-oBY5TTw9tkM_orQ78VXPvSTBUTAmWppZvqEZCR0fiOUl3Vp3zu62AEcg_TRlOi2v1s02JYfC9OqU6U7ZcoS4f_3G1qT62FgJUKqJv5AF0T7Ncg4CRwASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTExNDczNzE1MzA5NjM4NDSACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoezRr60xV4S2i7AVEKoJiOA%26sig%3DAOD64_3HrJckP_mrsWZBTZ-_FA371kZWUA%26client%3Dca-pub-5616046187545019%26dbm_c%3DAKAmf-DXVFnWoCYQ6gpRe9ei2BQAw2jBtvmqeD-fP-lTol348aNZB63zw_yU4izMHMBv_ZTG0hM-bQ62_V3LWMTL5yVgXGltd072LxHcCjVk8F5QngxoJGZT7WIlOxWoSjY2bxtcUlEi-WX_EQcddNYc4fjzs7w95w%26cry%3D1%26dbm_d%3DAKAmf-CxtS2q4-fKfjqnmh_DEGLwVkXFoEjGbeMMd9x-tbKrrv8w0kLzXy7TFhkcUjWQHkcL0Ti7W5_iyiqTuCISC-C212Y4Dwr6zUysFz1k_mST_qS0_vldHiyKnAH4jJ7tmNKH-37ceuVIO0exp1IUJHTklIiuLtA0mkPtQJuMLpkfRKLqVZvcXf1iSJOs2XaKqEUqCdWOMPWMyw4MhbXOr19uvytKmD7HtBVCpyG2-6fMfPMZ1EOTh1AgM40k74J9tGp4iao0-zqXLYfTCVL2xA-LhttBBX4g79ZQjDYj3RIv0UYNaXIc0Im00iQVRqRZ5dnudRF7wxn7ApAUBq1PdsSWvdpG9NBEatTahIdyxpKw2yvjSndtzKjM38DKvZjP8Gku9cAFLTfgYfzRZQmOaO28ebQqkQwIpgXXmcSJAtYbLUC2kUxfFC0_ufDLtwB3M0OiFZLN%26adurl%3D&documentReferer=https%3A%2F%2Fwww.refinery29.com%2F&ancestorOrigins=https%3A%2F%2Fwww.refinery29.com%2Chttps%3A%2F%2Fwww.refinery29.com&random=5824645767016&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Fri, 02 Jul 2021 17:03:58 +0200
track
track1.aniview.com/
0
93 B
XHR
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.refinery29.com&rs=www.refinery29.com&sid=28523&t=1625241827&cip=82.102.19.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=320&he=181&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=4&aafaid=&proto=https&uid=1625241827876-980440603252-006976-004-007468&cha=0.05&stagid=&stplid=&cb=35508022667&cd6=100&cd7=main&cd1=4.66.0&cd4=6ae96952-34a8-4d89-a3b3-93ee4ab00d7b&cd5=default&d9=1000&AV_WIDTH=320&AV_HEIGHT=181
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 02 Jul 2021 16:03:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
request_content.php
hal900024.redintelligence.net/ Frame 8B36
4 KB
2 KB
Document
General
Full URL
https://hal900024.redintelligence.net/request_content.php?s=97609800117603000628852011643024&a=b151b68f
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
3ea87d8ad4e47054cb34576d94196bf11313a7f705a6b38eb13807de2a02433d

Request headers

Host
hal900024.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=6a2da99f384225c1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/

Response headers

Date
Fri, 02 Jul 2021 16:03:59 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Fri, 02 Jul 2021 17:03:59 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1425
Connection
close
Content-Type
text/html; charset=utf-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6B41
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com
URL: https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 02 Jul 2021 08:59:18 GMT
expires
Sat, 03 Jul 2021 08:59:18 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
25480
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame E4EE
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
579662a37887b9d38fdb80d1f6aba9dd2ad1f830d2906cc372d593a9c0dd86da

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6B41
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGV6WZvy7rDQGHRY3ciQ4Cg&google_cver=1&google_push=AYg5qPIwjYXypmvQB2l2-WgoVxdIftSg0F3go8obZj74kSb5hMc6zSev5Xu21lJwNWkEbOVWFGwX0f5kBxHFzW9S91NnQgGMD5U
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NjkyNjkyNzAzMTM0ODU1MDQ5Nw==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELhxREj_lqrnXJChU-tK_nk&google_cver=1
43 B
407 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELhxREj_lqrnXJChU-tK_nk&google_cver=1
Requested by
Host: 7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com
URL: https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELhxREj_lqrnXJChU-tK_nk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6B41
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBOng4IFzXnSx7nQrQzxAqg&google_push=AYg5qPK36inmZsFEQT1zIa-SM5gPkCLh6gpdhtHeJgExoYxc517sBERmch...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBOng4IFzXnSx7nQrQzxAqg&google_push=AYg5qPK36inmZsFEQT1zIa-SM5gPkCLh6gpdhtHeJgExoYxc517sBERmchP16SmOzZQBZINP9o4KpH8ar20Jtyc8qDzpZjALoiA
Requested by
Host: 7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com
URL: https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:59 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1625241839.056206,VS0,VE93
x-served-by
cache-fra19146-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBOng4IFzXnSx7nQrQzxAqg&google_push=AYg5qPK36inmZsFEQT1zIa-SM5gPkCLh6gpdhtHeJgExoYxc517sBERmchP16SmOzZQBZINP9o4KpH8ar20Jtyc8qDzpZjALoiA
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame 6B41
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOUBNC_pW280qVAEU2AAH1c&google_cver=1&google_push=AYg5qPL1nDKUfyN0BgmTTt1smcNYmsMuwU8nxG9NCpFk5c-6NDPoQFfH74j7322pH0Yi-F6ukd3zqe0ppNMvdyB4e774r_Mh8iMi
Requested by
Host: 7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com
URL: https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:59 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 6B41
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEHsyzm7m7ONnt2gD-ORaXWM&google_cver=1&google_push=AYg5qPKj8PLmstVpSGQX37o46m3Fg7CMlWFm8aEVvGbz7jVVjcj5ISmtFxLfQ_dgpPyib9awLxW...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEHsyzm7m7ONnt2gD-ORaXWM&google_cver=1&google_push=AYg5qPKj8PLmstVpSGQX37o46m3Fg7CMlWFm8aEVvGbz7jVVjcj5ISmtFxLfQ_dgpPyib9awLxW...
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=MxaimmxQS3ud2C_CEClihg&gdpr=1&gdpr_consent=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=MxaimmxQS3ud2C_CEClihg&gdpr=1&gdpr_consent=
Requested by
Host: 7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com
URL: https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:59 GMT
server
Apache-Coyote/1.1
location
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=MxaimmxQS3ud2C_CEClihg&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
pixel
cm.g.doubleclick.net/ Frame 6B41
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENGN72KQuVTqaIKRwgJM5h0&google_cver=1&google_push=AYg5qPIPw3O1A1BwdopdsoUMLPasdbkXQ99iRl0eQlTGvBhdLaPz2bfjL4Dk3eOde3VqGnjl97HIX5ZbyeTdKubIcTSv...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENGN72KQuVTqaIKRwgJM5h0&google_cver=1&google_push=AYg5qPIPw3O1A1BwdopdsoUMLPasdbkXQ99iRl0eQlTGvBhdLaPz2bfjL4Dk3eOde3VqGnjl97HIX5ZbyeTdKu...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIPw3O1A1BwdopdsoUMLPasdbkXQ99iRl0eQlTGvBhdLaPz2bfjL4Dk3eOde3VqGnjl97HIX5ZbyeTdKubIcTSvAGKLB_za&google_hm=60lHirY6R92IceKIPqw7Qg==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIPw3O1A1BwdopdsoUMLPasdbkXQ99iRl0eQlTGvBhdLaPz2bfjL4Dk3eOde3VqGnjl97HIX5ZbyeTdKubIcTSvAGKLB_za&google_hm=60lHirY6R92IceKIPqw7Qg==
Requested by
Host: 7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com
URL: https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIPw3O1A1BwdopdsoUMLPasdbkXQ99iRl0eQlTGvBhdLaPz2bfjL4Dk3eOde3VqGnjl97HIX5ZbyeTdKubIcTSvAGKLB_za&google_hm=60lHirY6R92IceKIPqw7Qg==
date
Fri, 02 Jul 2021 16:03:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
gg_pixel
sync.adaptv.advertising.com/ Frame 6B41
0
0

pixel
cm.g.doubleclick.net/ Frame 6B41
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMO0O2tNNhilxXiUQA5cQwc&google_cver=1&google_push=AYg5qPKCBTbcGrVW94aExVXESn6mmGLJ_ElrP0CsDoDjAwMhjeN2NuUOps-ejccbiWlhbKG8p6VcH4fLqmZR0GD3...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKCBTbcGrVW94aExVXESn6mmGLJ_ElrP0CsDoDjAwMhjeN2NuUOps-ejccbiWlhbKG8p6VcH4fLqmZR0GD3oNAWAMBsYOc
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKCBTbcGrVW94aExVXESn6mmGLJ_ElrP0CsDoDjAwMhjeN2NuUOps-ejccbiWlhbKG8p6VcH4fLqmZR0GD3oNAWAMBsYOc
Requested by
Host: 7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com
URL: https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 02 Jul 2021 16:03:59 GMT
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKCBTbcGrVW94aExVXESn6mmGLJ_ElrP0CsDoDjAwMhjeN2NuUOps-ejccbiWlhbKG8p6VcH4fLqmZR0GD3oNAWAMBsYOc
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
ETNbO-oyyqwdKGbBM_mqC8Arf0sTNluBV07Xv1FM_qOndLEtlfp8ew==
attr
cm.g.doubleclick.net/pixel/ Frame 6B41
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I3zqGNPTrPmkjFocZoCMtWXawurdorjYLVixtN7c1r-vhahprOCip8YQiPiwD3z8zgcbgN
Requested by
Host: 7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com
URL: https://7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:59 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
office-be-336.jpg
cdn.contentspread.net/24i/advertiser/33027/creativesup/ Frame 8B36
44 KB
44 KB
Image
General
Full URL
https://cdn.contentspread.net/24i/advertiser/33027/creativesup/office-be-336.jpg
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=97609800117603000628852011643024&a=b151b68f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.21.70.99.88.clients.your-server.de
Software
nginx /
Resource Hash
b4857233da2154c00b47698c6f1981544c0a714e6dec16f404d6aa477e1cf3cb

Request headers

Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 16:03:59 GMT
Last-Modified
Mon, 04 Jul 2016 10:01:04 GMT
Server
nginx
ETag
"577a33e0-afe3"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
45027
viewability
hal900024.redintelligence.net/ Frame 8B36
0
150 B
Script
General
Full URL
https://hal900024.redintelligence.net/viewability?s=97609800117603000628852011643024&a=9cb144f5&vb=m
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=97609800117603000628852011643024&a=b151b68f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal900024.redintelligence.net/request_content.php?s=97609800117603000628852011643024&a=b151b68f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 16:03:59 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 8B36
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
vast2
tag.targeting.unrulymedia.com/rmp/216513/0/
168 B
382 B
XHR
General
Full URL
https://tag.targeting.unrulymedia.com/rmp/216513/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon&w=320&h=181&cbb=5241839124
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:03:59 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://www.refinery29.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.refinery29.com&rs=www.refinery29.com&sid=28523&t=1625241827&cip=82.102.19.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=320&he=181&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=4&aafaid=&proto=https&uid=1625241827876-980440603252-006976-004-007468&cha=0.05&stagid=&stplid=&cb=35508022667&cd6=100&cd7=main&cd1=4.66.0&cd4=6ae96952-34a8-4d89-a3b3-93ee4ab00d7b&cd5=default&d9=1000&AV_WIDTH=320&AV_HEIGHT=181&nid=56ea678d181f46c76f8b45fb&ncid=5e6baa664ac213650365e3f9&e=request&cb=1625241839124&asid=5fcde7149ee69a0eff338914%2C5ee3d57071193a26344a4076%2C603dfaa0b211d83d29732b44%2C5fbe5d4370a94c4b696b7ccc%2C5e1b272e28a06142643c20cd%2C5fc8b1c9ba2b560f616098b8%2C5fbe5add3443ef680f0480d7&ofpr=4%2C%2C3%2C2.8%2C2.5%2C2%2C&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:59 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
305916
search.spotxchange.com/openrtb/2.3/dados/
0
1 KB
XHR
General
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/305916?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 02 Jul 2021 16:03:59 GMT
X-SpotX-Timing-Transform
0.000289
X-SpotX-Timing-SpotMarket
0.005451
X-SpotX-Timing-Page-Mux
0.000961
X-SpotX-Timing-Page-Require
0.000294
X-fe
092
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000028
X-SpotX-Timing-Page
0.010550
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000378
Last-Modified
Fri, 02 Jul 2021 16:03:59 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005451
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.refinery29.com
X-SpotX-Timing-Page-Misc
0.003138
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mvo
tag.1rx.io/rmp/227469/0/
0
174 B
XHR
General
Full URL
https://tag.1rx.io/rmp/227469/0/mvo?z=1r&hbv=4.42.1,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.refinery29.com
pragma
no-cache
date
Fri, 02 Jul 2021 16:03:59 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/203144/0/
0
174 B
XHR
General
Full URL
https://tag.1rx.io/rmp/203144/0/mvo?z=1r&hbv=4.42.1,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.refinery29.com
pragma
no-cache
date
Fri, 02 Jul 2021 16:03:59 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/216551/0/
0
0

translator
hbopenbid.pubmatic.com/
0
62 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.refinery29.com
date
Fri, 02 Jul 2021 16:03:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.refinery29.com&rs=www.refinery29.com&sid=28523&t=1625241827&cip=82.102.19.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=320&he=181&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=4&aafaid=&proto=https&uid=1625241827876-980440603252-006976-004-007468&cha=0.05&stagid=&stplid=&cb=35508022667&cd6=100&cd7=main&cd1=4.66.0&cd4=6ae96952-34a8-4d89-a3b3-93ee4ab00d7b&cd5=default&d9=1000&AV_WIDTH=320&AV_HEIGHT=181&nid=56ea678d181f46c76f8b45fb&ncid=5e6baa664ac213650365e3f9&e=bid&cb=1625241839252&asid=5ee3d57071193a26344a4076&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:59 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame BDA3
339 KB
116 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a50a48990ea984747f071ddf811d218f9444896dd5e9fbaf76feea41ceeadda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118860
x-xss-protection
0
expires
Fri, 02 Jul 2021 16:03:59 GMT
bridge3.470.1_en.html
imasdk.googleapis.com/js/core/ Frame DF51
576 KB
189 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5729c30306a6c06f52259ec28fcecf999e87e53d7560a2ad7c67292af888016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.470.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refinery29.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.refinery29.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
193313
date
Tue, 29 Jun 2021 16:15:51 GMT
expires
Wed, 29 Jun 2022 16:15:51 GMT
last-modified
Tue, 29 Jun 2021 16:12:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
258488
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame BDA3
44 KB
16 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Fri, 02 Jul 2021 16:03:59 GMT
integrator.js
adservice.google.com/adsid/ Frame BDA3
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.refinery29.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 02 Jul 2021 16:03:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D0EF
36 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 15:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 02 Jul 2021 16:09:58 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame DF51
156 B
185 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4408904184613367&sdkv=h.3.470.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=3272231947&sdk_apis=2%2C8&sid=F5B4597A-A70B-4697-A87E-93CBC29A07DF&url=https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon&dt=1625241839450&cookie_enabled=1&scor=823546051893823&ged=ve4_td0_tt0_pd0_la0_er167.1030.321.1330_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:03:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/
18 KB
18 KB
XHR
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
dedbd0552d1e2e6046eefbc3e207dba9e630161ceaf1c717204a8f0ef3e5a628

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=1105628-1123675

Response headers

Date
Fri, 02 Jul 2021 16:04:00 GMT
Content-Range
bytes 1105628-1123675/1123676
Connection
keep-alive
Content-Length
18048
X-Served-By
cache-wdc5539-WDC
Last-Modified
Fri, 02 Jul 2021 15:29:29 GMT
Server
cloudinary
X-Timer
S1625239778.768889,VS0,VE0
ETag
"59fe4a7de90795ef4ed559b9ea48d031"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31555533
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/ Frame
0
0
Preflight
General
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1625239755/landscapea5782190-eb52-4b70-bb3b-8672f657282b_1625239301474.ts
Protocol
HTTP/1.1
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.refinery29.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Fri, 02 Jul 2021 16:04:00 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
692.json
id5-sync.com/g/v2/ Frame E19C
213 B
536 B
XHR
General
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/hb_270443_6630.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.110 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
1a3222b50ed6ed13d597edf2e860cf5a3da0af68a68937d30c7c251a4ba5fdf0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.refinery29.com
Date
Fri, 02 Jul 2021 16:04:01 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame E19C
0
46 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1432
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/hb_270443_6630.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Jul 2021 16:04:00 GMT
via
1.1 google
alt-svc
clear
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.refinery29.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
rid
match.adsrvr.org/track/ Frame E19C
109 B
545 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1qnzqyj&fmt=json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/451456/hb_270443_6630.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
2f1243de8a2fa46400142a7f450cbd82e2df74390a1c0abd9ba54fa0c20a0fea

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Jul 2021 16:04:00 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.refinery29.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sun, 01 Aug 2021 16:04:00 GMT
track
track1.aniview.com/
0
93 B
XHR
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.refinery29.com&rs=www.refinery29.com&sid=52007&t=1625241836&cip=82.102.19.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&aafaid=&proto=https&uid=1625241836077-993474091252-026384-011-001895&cha=0.05&stagid=&stplid=&cb=71061407224&cd1=sp_rexLo99v&cd2=Desktop&cd3=reactions&cd4=11d1c77f-84ec-470a-be01-269fce580333&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd6=true&d9=1000&AV_WIDTH=400&AV_HEIGHT=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 02 Jul 2021 16:04:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
log
firebaselogging.googleapis.com/v0cc/
475 B
1 KB
Fetch
General
Full URL
https://firebaselogging.googleapis.com/v0cc/log?format=json_proto
Requested by
Host: vice-web-statics-cdn.vice.com
URL: https://vice-web-statics-cdn.vice.com/vendor/ad-lib/v2.30.0/vice-ad-lib.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
5eebf16fec164a6ac54a1cec49c23fbb752042aabf1be2722575a712946856af
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 02 Jul 2021 16:04:02 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://www.refinery29.com
cache-control
private
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
286
x-xss-protection
0
expires
Fri, 02 Jul 2021 16:04:02 GMT
pixels
pix.spot.im/api/v1/
0
0
Ping
General
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rexLo99v
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.165 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

track
track1.aniview.com/
0
93 B
XHR
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.refinery29.com&rs=www.refinery29.com&sid=28523&t=1625241827&cip=82.102.19.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=320&he=181&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=4&aafaid=&proto=https&uid=1625241827876-980440603252-006976-004-007468&cha=0.05&stagid=&stplid=&cb=35508022667&cd6=100&cd7=main&cd1=4.66.0&cd4=6ae96952-34a8-4d89-a3b3-93ee4ab00d7b&cd5=default&d9=1000&AV_WIDTH=320&AV_HEIGHT=181
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 02 Jul 2021 16:04:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vast2
tag.targeting.unrulymedia.com/rmp/216513/0/
168 B
382 B
XHR
General
Full URL
https://tag.targeting.unrulymedia.com/rmp/216513/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon&w=320&h=181&cbb=5241844703
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:04:04 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://www.refinery29.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.refinery29.com&rs=www.refinery29.com&sid=28523&t=1625241827&cip=82.102.19.100&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=320&he=181&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=4&aafaid=&proto=https&uid=1625241827876-980440603252-006976-004-007468&cha=0.05&stagid=&stplid=&cb=35508022667&cd6=100&cd7=main&cd1=4.66.0&cd4=6ae96952-34a8-4d89-a3b3-93ee4ab00d7b&cd5=default&d9=1000&AV_WIDTH=320&AV_HEIGHT=181&nid=56ea678d181f46c76f8b45fb&ncid=5e6baa664ac213650365e3f9&e=request&cb=1625241844703&asid=5ddfcaee28a06109914a6e5c%2C5fbe5d4370a94c4b696b7ccc%2C5e1b272e28a06142643c20cd%2C5fbe5add3443ef680f0480d7&ofpr=2%2C2.8%2C2.5%2C&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 16:04:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/216551/0/
0
174 B
XHR
General
Full URL
https://tag.1rx.io/rmp/216551/0/mvo?z=1r&hbv=4.42.1,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.refinery29.com
pragma
no-cache
date
Fri, 02 Jul 2021 16:04:04 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/203144/0/
0
174 B
XHR
General
Full URL
https://tag.1rx.io/rmp/203144/0/mvo?z=1r&hbv=4.42.1,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.refinery29.com
pragma
no-cache
date
Fri, 02 Jul 2021 16:04:04 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cygnus
htlb.casalemedia.com/
25 B
373 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=373648&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2241aa8856adf416e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.refinery29.com%2Fen-us%2Fhello-kitty-creator-introduces-fashion-forward-pup-rebecca-bonbon%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.42.1%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22sid%22%3A%220012000001GwdDpAAJ%22%2C%22rid%22%3A%223fff269220f71b8309ee8bbcd878fd3c_172315322%22%2C%22domain%22%3A%22refinery29.com%22%2C%22hp%22%3A1%2C%22name%22%3A%22Refinery%2029%22%2C%22asi%22%3A%22playbuzz.com%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22424548508eed952%22%2C%22ext%22%3A%7B%22siteID%22%3A%22373648%22%2C%22sid%22%3A%22320x181%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A320%2C%22h%22%3A181%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4b26332c85d19bca235c5b44dc0b161232a5082945fd624df3f1045fadc487b

Request headers

Referer
https://www.refinery29.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 16:04:04 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.100], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.refinery29.com
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
28
expires
Fri, 02 Jul 2021 16:04:04 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.refinery29.com
URL
https://www.refinery29.com/bin/entry/1ca/x/60188/rebecca-bonbon.jpg
Domain
sync.adaptv.advertising.com
URL
https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEJhOMwVji2Tc_Unc5zFap3Q&google_cver=1&google_push=AYg5qPIfnieNGvjZgbCUTbK83e1t7Q5NUEajaQpEUW3NZ_yi-fEfhdbyWBtEcNcoYcwc2nhgZ0hkPEUVBZuedrdlrPmyQIgQNtJ_
Domain
tag.1rx.io
URL
https://tag.1rx.io/rmp/216551/0/mvo?z=1r&hbv=4.42.1,2.1

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| loadAdLib object| _cc5283 object| LOTCC string| __SENTRY_ADDRESS__ object| webpackJsonp number| adBundleLoadTime object| regeneratorRuntime object| __AdLib object| core function| setImmediate function| clearImmediate boolean| _babelPolyfill function| globalSkimlinksDataCallback object| Raven object| __dateFnsLocales__ function| ga object| _dataLayer object| _sf_async_config object| _cbq number| _sf_endpt object| _comscore function| twq object| dataLayerMetadata object| ccauds function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| CookieConsent object| CookieControl object| Cookiebot object| SPOTIM object| CookiebotDialog object| CookieConsentDialog object| cookieTable object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| com object| STREAM_CONFIGS string| STREAM_ID string| __EXCO_INTEGRATION_TYPE function| _avcp object| pbStream string| pbPageIdentifier object| __EXCO object| googletag function| Hls object| ggeac object| google_js_reporting_queue function| av_sciv_hndlr1625241827590 object| storageAni object| gs_channels function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| headertag function| headertag_render object| rubicontag object| pbjs number| google_global_correlator object| closure_lm_691818 object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| __OW_CONFIG__ object| webpackChunk_spotim_launcher string| OW_AD_UNIT_TYPE object| __OPEN_WEB__ string| __SPOTIM_PAGE_VIEW_ID__ object| __SPOTIM__ object| webpackChunkads object| process boolean| __OW_STANDALONE_SCRIPT_RUN__ object| __OW_ASYNC_CALL_POST_IDS__ string| $$SPOTIM_VID$$ string| $$SPOTIM_BID$$ object| style string| article_link string| hot_fix_article function| owActionQueue object| __OW_AD_OPS_CONFIG__ function| __SPOTIM_DISABLE_ADS__ function| avPlayer object| closure_lm_521547

42 Cookies

Domain/Path Name / Value
.tapad.com/ Name: TapAd_TS
Value: 1625241832100
.taboola.com/ Name: t_gid
Value: 8eee6314-8b97-4315-a65a-4044c0daa0bf-tuct7d8be65
.tribalfusion.com/ Name: ANON_ID
Value: aNnseFyg6AarA7u8QGkNn3AbZa7H13sFugsOUy0hUo3ZbnQF1HYPLGCKtM0i84AopAw2yRQn5l4V4BECucbRAS
.adform.net/ Name: uid
Value: 998037746419238237
.bidr.io/ Name: bitoIsSecure
Value: ok
.openx.net/ Name: pd
Value: v2|1625241828|gekin0vNiygu
.openx.net/ Name: i
Value: 36695aa7-aa0c-050b-0039-cb7a4e33be5b|1625241828
.casalemedia.com/ Name: CMRUM3
Value: 2760df38e40b40&f160df38e405a0&e660df38e42760&9860df38e52760c208d805-7134-479b-b72c-4f52cb6d4eae&0360df38e5276090f160df-38e4-4800-8383-96241e455d63&4060df38e52760no-consent&bf60df38e405a0&2d60df38e405a0
.casalemedia.com/ Name: CMST
Value: YN845GDfOOUA
.casalemedia.com/ Name: CMPS
Value: 1111
.casalemedia.com/ Name: CMID
Value: YN845Dy1BloOg1PpevnF9wAA
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-vuYO9089TbdDAFR-6Y7PdVJmE2Q
.pubmatic.com/ Name: PugT
Value: 1625241832
.tapad.com/ Name: TapAd_DID
Value: 50ebfd1e-eec1-419f-b6c8-125c4b21ccb0
.pubmatic.com/ Name: DPSync3
Value: 1626393600%3A226_227_219_201_197_221%7C1627776000%3A232%7C1625270400%3A174
.casalemedia.com/ Name: CMPRO
Value: 1133
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2490000750454604952
.ads.pubmatic.com/ Name: KCCH
Value: YES
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4090915419576464172
.pubmatic.com/ Name: KADUSERCOOKIE
Value: AB681BA2-B447-4ADE-9FB3-EEBC59EAC68F
.ads.pubmatic.com/ Name: repi
Value: 1
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: SyncRTB3
Value: 1630368000%3A69%7C1627776000%3A203%7C1625788800%3A223_67_15_2%7C1626393600%3A104_99_54_165_55_161_8_220_230_21_204_5_3_234_231_78_166_81_13_56_222_233_189_7_22_88_71_176_57%7C1626048000%3A63%7C1626480000%3A35
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-609b6d99-0e04-46af-8309-54e882fc4e08
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-1872ad88-db4f-11eb-ac00-09df6ac257b8&KRTB&23011-1872ad88-db4f-11eb-ac00-09df6ac257b8
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1354727252458488337&KRTB&23263-1354727252458488337
.pubmatic.com/ Name: KRTBCOOKIE_1074
Value: 22956-e_a2b022ee-fe94-4465-8fd8-70dd676595c5
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-YN845gACLYuSTQBg&KRTB&23194-YN845gACLYuSTQBg&KRTB&23209-YN845gACLYuSTQBg&KRTB&23244-YN845gACLYuSTQBg
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:90f160df-38e4-4800-8383-96241e455d63&KRTB&16736-uid:90f160df-38e4-4800-8383-96241e455d63&KRTB&23019-uid:90f160df-38e4-4800-8383-96241e455d63&KRTB&23114-uid:90f160df-38e4-4800-8383-96241e455d63
.pubmatic.com/ Name: SPugT
Value: 1625228942
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4573237674140556129
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEOmnp8f3cZjEZrwz0H6pzI0&KRTB&16514-CAESEOmnp8f3cZjEZrwz0H6pzI0&KRTB&23025-CAESEOmnp8f3cZjEZrwz0H6pzI0
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-59f9e458-333f-4515-97d2-b47fd0fdc293&KRTB&22918-59f9e458-333f-4515-97d2-b47fd0fdc293&KRTB&23031-59f9e458-333f-4515-97d2-b47fd0fdc293
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-6980360503650482321
.bidr.io/ Name: bito
Value: AABFJk7BvnIAADYeNxIrPA
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-948ba217-f4ad-4c93-bf1a-225c1e5e8709-003&KRTB&17107-RX-948ba217-f4ad-4c93-bf1a-225c1e5e8709-003
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-WMN0qF3LdfpDliH5CsE9rQ_HJ_dDxHSsDcXJfGRv&KRTB&22979-WMN0qF3LdfpDliH5CsE9rQ_HJ_dDxHSsDcXJfGRv
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:DIPHcvFK1LZlDW5
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-3rkDABSoVkUpFaNi2mnUXEzD

16 Console Messages

Source Level URL
Text
console-api log URL: https://vice-web-statics-cdn.vice.com/vendor/ad-lib/v2.30.0/vice-ad-lib.js(Line 7)
Message:
%cERROR: Browser does not support localStorage. TypeError: Cannot read property 'setItem' of null (18:03:46:775) color:#f44141;font-weight:bold
console-api log URL: https://vice-web-statics-cdn.vice.com/vendor/ad-lib/v2.30.0/vice-ad-lib.js(Line 7)
Message:
console.trace
console-api log URL: https://vice-web-statics-cdn.vice.com/vendor/ad-lib/v2.30.0/vice-ad-lib.js(Line 7)
Message:
%cERROR: Browser does not support localStorage. TypeError: Cannot read property 'setItem' of null (18:03:46:790) color:#f44141;font-weight:bold
console-api log URL: https://vice-web-statics-cdn.vice.com/vendor/ad-lib/v2.30.0/vice-ad-lib.js(Line 7)
Message:
console.trace
console-api log URL: https://vice-web-statics-cdn.vice.com/vendor/ad-lib/v2.30.0/vice-ad-lib.js(Line 7)
Message:
%cERROR: Browser does not support localStorage. TypeError: Cannot read property 'setItem' of null (18:03:46:790) color:#f44141;font-weight:bold
console-api log URL: https://vice-web-statics-cdn.vice.com/vendor/ad-lib/v2.30.0/vice-ad-lib.js(Line 7)
Message:
console.trace
console-api log URL: https://vice-web-statics-cdn.vice.com/vendor/ad-lib/v2.30.0/vice-ad-lib.js(Line 7)
Message:
%cERROR: Browser does not support localStorage. TypeError: Cannot read property 'setItem' of null (18:03:46:864) color:#f44141;font-weight:bold
console-api log URL: https://vice-web-statics-cdn.vice.com/vendor/ad-lib/v2.30.0/vice-ad-lib.js(Line 7)
Message:
console.trace
console-api log URL: https://vice-web-statics-cdn.vice.com/vendor/ad-lib/v2.30.0/vice-ad-lib.js(Line 7)
Message:
%cERROR: Browser does not support localStorage. TypeError: Cannot read property 'setItem' of null (18:03:46:864) color:#f44141;font-weight:bold
console-api log URL: https://vice-web-statics-cdn.vice.com/vendor/ad-lib/v2.30.0/vice-ad-lib.js(Line 7)
Message:
console.trace
console-api warning URL: https://www.refinery29.com/assets/vendor.ef10d385d2de89999e23.js(Line 11)
Message:
loadable: `loadableReady()` requires state, please use `getScriptTags` or `getScriptElements` server-side
console-api info URL: https://player.ex.co/player/ecbe91fe-1e87-40e3-99b1-49179fd6673c(Line 6)
Message:
[exco-log] - 7/2/2021, 6:03:47 PM: logger - enabled
console-api warning URL: https://player.ex.co/player/ecbe91fe-1e87-40e3-99b1-49179fd6673c(Line 6)
Message:
[exco-log] - 7/2/2021, 6:03:47 PM: absoluteUrls targeting was not met
console-api warning URL: https://player.ex.co/player/ecbe91fe-1e87-40e3-99b1-49179fd6673c(Line 6)
Message:
[exco-log] - 7/2/2021, 6:03:47 PM: queryParams targeting was not met
console-api log URL: https://launcher.spot.im/spot/sp_rexLo99v(Line 4)
Message:
[OpenWeb Launcher] v2.56.3
console-api warning URL: https://player.spotim.market/prebidlink/451456/hb_270443_6630.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7ed9c389cdd56474fe4bb76877f12958.safeframe.googlesyndication.com
a.tribalfusion.com
acdn.adnxs.com
ad.crwdcntrl.net
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
adservice.google.be
adservice.google.com
ap.lijit.com
api-2-0.spot.im
api.rlcdn.com
atrack.avplayer.com
aud.pubmatic.com
b1h.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cdn.contentspread.net
cdn.playbuzz.com
cm.adgrx.com
cm.g.doubleclick.net
consent.cookiebot.com
csync.loopme.me
d.adroll.com
d5i9o0tpq9sa1.cloudfront.net
d5p.de17a.com
di.rlcdn.com
direct-events-collector.spot.im
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
events-collector.spot.im
fastlane.rubiconproject.com
firebaseinstallations.googleapis.com
firebaselogging.googleapis.com
firebaseremoteconfig.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
ghb1.adtelligent.com
go1.aniview.com
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
gw.geoedge.be
hal9000.redintelligence.net
hal900024.redintelligence.net
hb-api.omnitagjs.com
hb.spotim.market
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
imasdk.googleapis.com
js-sec.indexww.com
launcher.spot.im
loada.exelator.com
loadm.exelator.com
log.outbrainimg.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mcd.ex.co
mcdp-chidc2.outbrain.com
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
odb.outbrain.com
onetag-sys.com
optimized-by.rubiconproject.com
p.ytdeliver.com
pagead2.googlesyndication.com
pix.spot.im
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
playbuzzltd-d.openx.net
player.adtelligent.com
player.aniview.com
player.avplayer.com
player.ex.co
player.spotim.market
pm.w55c.net
pr-bh.ybp.yahoo.com
prd-collector-anon.ex.co
prebid-eu.creativecdn.com
prebid-us.creativecdn.com
prebid.deepintent.com
premiumsrv.aniview.com
pubads.g.doubleclick.net
publisher-assets.spot.im
pubmatic-match.dotomi.com
r.turn.com
rtb.gumgum.com
rumcdn.geoedge.be
s.ad.smaato.net
s.adtelligent.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
spot-im-d.openx.net
ssum-sec.casalemedia.com
ssum.casalemedia.com
static-cdn.spot.im
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.adaptv.advertising.com
sync.adtelligent.com
sync.aniview.com
sync.crwdcntrl.net
sync.extend.tv
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
sync.spotim.market
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
tag.1rx.io
tag.targeting.unrulymedia.com
tags.crwdcntrl.net
tcheck.outbrainimg.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
trc.taboola.com
trends.revcontent.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vice-staging-web-statics-cdn.viceops.net
vice-web-statics-cdn.vice.com
visitor.fiftyt.com
vmg-ash.gscontxt.net
widget-pixels.outbrain.com
widgets.outbrain.com
ws.rqtrk.eu
www.congreso-hidalgo.gob.mx
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.refinery29.com
x.bidswitch.net
sync.adaptv.advertising.com
tag.1rx.io
www.refinery29.com
104.109.78.125
104.111.232.26
129.213.193.172
13.224.193.129
13.224.193.44
13.224.194.214
13.248.242.197
138.201.84.252
142.250.185.98
151.101.113.132
151.101.114.132
151.101.13.132
151.101.14.137
151.101.14.49
159.253.128.188
159.65.196.12
162.55.6.212
169.197.150.8
178.250.0.163
178.250.2.131
178.250.2.146
18.156.99.44
18.157.50.45
18.198.69.109
18.208.241.4
18.235.17.58
184.73.29.148
185.184.10.30
185.184.8.65
185.255.84.150
185.29.135.234
185.33.220.241
185.33.221.89
185.64.189.112
185.64.189.249
185.64.190.78
185.64.190.80
185.64.190.81
185.94.180.123
185.94.180.125
187.210.168.163
198.148.27.140
199.232.137.44
2.16.186.139
2.18.232.130
2.18.232.28
2.18.233.180
2.18.234.190
2.18.234.21
2.19.35.65
2001:678:cb4:bbbb::11
213.155.156.167
213.174.135.1
213.174.135.2
213.19.147.43
213.19.147.44
213.19.162.31
216.58.212.162
23.227.137.155
23.37.38.181
23.55.161.136
23.55.161.154
23.55.161.155
23.55.161.165
2600:9000:2104:6a00:4:b37b:9440:93a1
2606:4700:10::6816:1857
2606:4700:3039::6815:c035
2606:4700::6812:d05
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1450:4001:800::2002
2a00:1450:4001:800::200a
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:802::200a
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:812::200a
2a00:1450:4001:813::2006
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2003
2a02:2638:1::13
2a02:2638::3
2a02:26f0:120::211:7b51
2a02:26f0:6c00:2ab::2c79
2a02:26f0:6c00::210:ba83
2a02:26f0:6c00::210:bb21
2a02:fa8:8806:12::1400
2a04:4e42:3::300
2a05:d018:24:b001:cff3:ca6f:14e6:5ad7
2a0c:5c81:5139::2
2a0c:5c81:5142::2
3.126.56.137
3.66.135.160
3.91.110.183
34.120.133.55
34.202.70.106
34.203.187.185
34.204.19.158
34.239.198.206
34.249.31.122
34.251.173.19
34.254.147.143
34.98.107.212
35.201.96.126
35.227.248.159
35.241.40.233
35.244.159.8
35.244.174.68
37.157.2.235
38.27.122.126
51.68.39.188
51.75.146.160
51.89.7.110
51.89.9.253
52.200.170.47
52.28.203.152
52.28.254.214
52.30.140.199
52.44.237.179
52.46.130.13
52.48.137.92
52.58.55.232
54.236.220.178
54.246.13.173
54.38.38.194
54.74.23.153
54.78.254.47
54.86.120.215
54.91.110.216
62.149.0.72
63.251.232.170
64.202.112.191
64.74.236.159
65.9.77.69
66.155.71.25
69.173.144.138
69.173.144.139
70.42.32.95
72.251.249.14
77.243.60.138
8.43.72.97
85.114.159.93
87.98.252.5
88.99.165.19
88.99.70.21
96.16.110.34
00360bf7da5877d4987d9eb767ecf8d4093abcf131489f924c181a5edccea89c
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
018192dc51109d6eee66295993dbd0ea41d4f555e822a841de6c9cd4f6fbc9d7
0211373f81969f94f38b469f296ed0f9bdb49e25f9b2198fe27cff81f69d07b9
043620585bc36b30e13dab7d9a8a85e8baa82be8897a19e4e4a269114409b8da
04b2684e2a85ed8bf65eb0e6a3b4d942ebe82fcec4169bf3b322b9ad06f6565f
051b7ca69f1539dc7a0a4eac38e091bf9e782f4bc48236778e94cf6a6f860d88
06754109cf2f4c003217a82b0b49ef07788e288b44374def0d55f7f6327737c9
08623e37a99882f5ed8feec7beb0bdc8a55742d8a65af3599ea08889c03fd7f4
0b31a1724305381a819d63a0678dba1a69173cb34a30d30787ee7bb9ec0b78c3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d786c19ebcad5db8fa1786cd02c41cde0f76cd421eb4569b714ca9a286f1db2
0f28701b83871db34ce9710c05825f96bcb773cb6d86874e4999af81f59976d3
0faf6a64fdd6aeae59afed501b534ae750c86c7598d7d253de20b81c44691368
1272dca7cfd9ed1d1335d738a2fe09be6cebccec87fabe2b3d4dc111abc43a98
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
132350ee70f4330bcc43d2773e1715fcbdb48838b3d42135854f4a997a48ffb9
14110e99338f4a4d46f3962d79084ad0e5c056e12d83a6614cc8f66f8de25c2f
14fc395ad49ae416330b86596c58cfa774d3910503b94a25c51743a35a5a6288
17437cbb14bbf7e945e5d70666a56d564df893e57b30215c654f61cd91ce02da
17de803e6c4b0df36effa2d60567de1a5740276fa035a2b01e35329bcce8a049
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18de2f92c4cd97aaf4b2a950859995b681f1b24fad046e04fac3f16ddcd7dc28
195b2557cb235fb953c3202bed1e41bef6e7c502eb146ec0dd3868148c5682b5
1a3222b50ed6ed13d597edf2e860cf5a3da0af68a68937d30c7c251a4ba5fdf0
1c41479fb36480ef6fa1bf9a6d80e8736185f251667925d0bdb0f79a1cbfa672
1cb1fb7abc14c9f0c1aebb5358667d989c94169f5c130d4a22e1ae1f543df395
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
1ce694dab027e07c11bf9ac6eadea70d86513e62aa742deef0cb30b1eb2e6dc7
1d98f8c7fc5e855c620d9b8f0c9094b7d66777ce9706bf970c7bad399cd3381c
206d36d72b44c9350e1637827b29b646a6aa57a6d9fdf00ba934c86a3bacbc44
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
23727e1fd90dc2bc2566aeef37ee69dd72c888dd8ba8d726f45e843c85eb0d67
23c0947572f2ebf64a7de618bfcd053231bf0e5403cd33b3cc4a7f26ab63b145
23d8a2ebafc8a0dbd3e3641007e8f05fb051152e4b87219f4653866ba522c689
240402e77a958d701d4efc64edd7ce0569182676b328b07603874c07a4ca4683
25018815690d6ad0c3f271dbd8c5454a437bde3b99b810b91a0c1c0b52784300
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26c185f19d8230984c32a2066cfd521426a34900832b9a490be48639ca6087dd
295a5b6bc90a379ca00d7887c5d42f06184aa14561e4e03549d4a0a808c74d6c
2c1994f59b9b548a1c2c91902a59635895a9769e6eda7fac131f7bb2e7ff1e3c
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0bf78091b6d41efcb26d970994b0403a9ca35c540e37c729676282eb30f9a7
2f1243de8a2fa46400142a7f450cbd82e2df74390a1c0abd9ba54fa0c20a0fea
2f6e41f66e70d5e030908e8f8ce058f35a019aaf6eaeabd216cecc9c01745396
319cd584d0eafd2b782b2fcd8919d64b7a57286abb0be4dbb7e5b725ce235ef3
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37ef45c78918f8fe2b762cb99838abc2b2f013f77991c7d717a0d342d282c946
384b1ed11a30aa808b3c3ee83198f8e4be3e9d1e17bd616f2652ed640b2e374c
386fdc063748f08acf965b57f33d9a1aae61ca6750f987cb7049cdc6716249eb
3a50a48990ea984747f071ddf811d218f9444896dd5e9fbaf76feea41ceeadda
3d33b1b84625f1197da654f3c71c2ea6ab2e9af51df73c9ac24f77ffb548234c
3de1e0aea6370e0f8c570ebba1529c47a3fe619dd674fc729524dab1c12df699
3ea87d8ad4e47054cb34576d94196bf11313a7f705a6b38eb13807de2a02433d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f053d9748f3b5be9a42c15a9f2c798afc22fd98cdb5bec5cb4c54d735efcc92
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
427ebdb6e349df648813d08e0e98b3f2f9540a7bf489bc4721263e46aaa8bc3f
437a7c683780875b20ca2e73888396c8111ccbf7a6aa26f035d7c33cc57af360
452d1771c6e4f4a4981f681d311aabb02f3b79661e4b3688293506891c4549ad
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492495e9e680b7bfd951e115b400497f16c2c8f9dc7ac291acaefc9a040a1990
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dc4abcd99f7976c1a0938575631974c55fa42bf76681e84ca56aeea3180966e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f29b4389a6e08bf3ffcdfb097597d5621b4abac31a74f89c3fa3537dc428e68
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52aadf7af134fd4eaa2463dbc847706115c7d75e86f19484ba4f4fe1d75286a7
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
569747c40f2ce2235766abb3e511985130c809f46cc5e0c707fc1fe84579f925
5757b5dc1d1b18999d2297d763c13f7ced7b7b8c2eaf42f383d8234585d1ffb8
579662a37887b9d38fdb80d1f6aba9dd2ad1f830d2906cc372d593a9c0dd86da
598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd
59baab146d327cae9a561c7af606700a5c2945a24cf30a0d4e175f8895b4107c
5c587f4e5e9b4741fab6372d253712eb13503f65b0d66aab6e0fa93e29a93d91
5cc9bef7737bcbc1b92fb601a0ef3d0960929abca9bb96a6813c2d0637a61153
5eebf16fec164a6ac54a1cec49c23fbb752042aabf1be2722575a712946856af
61080b98536b5045037b7bf361a8a452649b6b59e83a868c2a8045bd051e4c14
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
645ea3f3d0b5a84fb7834cf7ddd7152d4204cdfbed508fba54fa92a7d866b6c0
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
688966c3a481f6f6867e350d3882f4df19687902adc581a4f6caf4770d18e11c
68e7df26059086d9272d508faf4c81a7bf36e9919eaf7ece231e3dcca8200697
6a66f950e222c9678ddcd06a8bd62cb881de35d2d7e54ff7112e03b363ba9228
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6fbbbb4a940df270c3add2c7e1e4f35c5a0065bf6031858c9160a0ff8fd32e8c
70d96ef568bd8d31143ff7812e0d302225cb5ce822da92907e5c4f8a80187dc9
71008215cb62c211dcfc83974988e24793e527ded21a5a3443caf7f2732aaaab
715896ae5970af69c2f5fb3ba95af7930a3fd9a224052e60d49bbb8711fa64cb
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc
71b6b6ac60e26eb01b3e6aa32331a5d76b3dc489f00dea6f0b7a2e0fed776fde
71f5d45a5b58d9a8e981a880f3f3a688de7b944cb69d40b95dbf52a23ca718cf
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7361ffd3db7b17d11ee47213d9492a977f233a0768dffd9c0254702b1c329960
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7771494e6151c8a9e0320a6409144b034a766e13bb7440f9c7d7c4a0bfd0ddf8
7b2fc98d710e1338b207958e7ae3555c4e9bcf287d162ce4192bdb72fb802bd8
7b87fae8b003dab4883f88e460c89fba25a13d656590af43aa77ae49ab2fb301
7c7213c0a1ab0dcae398e0306e5712dddce4a8a999ac90e57b7dbe67868fefba
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7e01a23e178bc8f11198ebde7cd63f13129ad28eb751cfb86f51fe8f1986320f
7e35ca1a15fb5e4ea40f5cd6e8ba9ae2546fdf6e589d35f7e2caf47cb12c5894
7eb9eab81b5093d996e805087b27a81d823b13e362558dd43b3bf837445503d7
7ec932d1b3ac045e6357a42ff0c7b392bc561d6b7cfcc4dbf1eb6ec6df1468ec
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
809b4c0685581f80e57351f1d4e5ae1baf7b672e97d5bfe8325baa350ddebfab
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8357f3409662c3ba2feb772eff501704fd22b462e3df397759dd4b4e22be8671
84e5ec7f19575223d5e52b59337e0d7238c7e21af8dc4e3ec0e913a2ad759103
865893b1a8f102f54903e3276785626b28a9ab81e96d8b7417520134b0e1f34d
86be0cca0343bf694250198cf44ef0067171c63835751e738d88ebee314a24ac
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
893a6d7cdfeccfb53593a24522b8fe543dbb9d58cf25e593134b04df737bbcfe
89b21e69ab4d73a2f4676d62d6fa47fe4c2f6a21239ef20bcb628f50316e5cb8
89f9523ed6ee42db29969af142573a35a677d32f880875f4a0ca50c894d9faf3
8a9a19e56cdf55a52ccdc15ae0f7bc04cf281e9039c1f33383266fe60df71b51
8af3e315d35d120dd008e9eb06084091f1358839999e1f5fd452b9949d9776b8
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
902dde5c61e28b2ea557a81ff2d3a2be505654f7a8d74b35c52410f47dc75f66
905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4
909fb0fd4e85eea2a2cd5ad8c30347057a5e2ea28bdd5844128971c45d028ad6
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
92a4971ae47eb037307e17f0bbcc41d312a2181dae5d1e0df302b1e06ea8aa71
938dba42941f6d282ecb122474ab6ad8f06aebfb0360f37449b71eef87e46f5d
941b91d66b7755eb06831c086cdf8f0141146bbfebfd65b8e68698b606a6cc4c
9746bb1893c00f5233ab9c6b2a2785def994591bf1a00e46957399ef0309dd13
986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb
98ccd33e523985efa588344a13932892db38b1335243f989dd366450db8ea68d
99959ab76c3608135bf3f8d70865816747e4c9e25ac69bc1003689e358b80ba3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99e3d0a0f7b92b109c9c21035daef51486ff1ed73b5a3bdbe5b487e5619d8240
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b0aa07a85cc58c818c900dc3cc824c360db91a240cbf11349a149cc5ef570bf
9cba4d9bade84259b9cc61590128fd0c560c9ac70d804fe25b8a807eae405cbc
9ebe6766cc19f184afe899ae9274e58cd6d18aa451a73940cc3056a9d6d3a196
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4639b045699fb4568c1f9b6e7f2fb727c6533d22d337d3e13027934ca020d68
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b26332c85d19bca235c5b44dc0b161232a5082945fd624df3f1045fadc487b
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a896b014e6a8de2dae8b9f1153f0e53e9a53bd8205bf04dc4b21bfe49dcd8348
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b
aa53c157bec914c2021681efef78d3dca872c70fce23c2349a804543ba03aa81
ad7f0af3ee47cdc38859bad1450767a136cccb0e031f2ac08fb478f34e4b3af7
ad7f5d82e23fafe6f8edb75b2568d4b145bf6a4525cbe2eeb4b30b9f0db74795
affb464f93a3bb105a3a4bf11a2e07a415d0fa82b88c5b95c26a1201b27ec300
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3108e183126c0f649bd0c5e1c5dc852fc11de1e1fecdd7d2007d708c09834ee
b4857233da2154c00b47698c6f1981544c0a714e6dec16f404d6aa477e1cf3cb
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
bc07b0934a07ee3d0f7ceeacf93e5f6c838786907fe831316f85b63a3a66be6e
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bfa312138adeb8f6b77482996407875374b6fd277b673f2dd2b65848833b63d1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c364bbd3730196adce028605e7c630389a6a2736fceb342dbaceea8b5f19e338
c42c2f9a137aec026a841e1e4fe2aea76e97fbd40305f14721a6145676749305
c5729c30306a6c06f52259ec28fcecf999e87e53d7560a2ad7c67292af888016
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdca62769b403ef70d7ffb1cf302036c91a633fb5673a3bfcb9a83c74cac465b
ce5c122b136af230ee8568d3a48bc5629b0ddee56690ae3079aba76afba91139
ceba3fcb041ce8b7a2ce0758b0f7404f07c12955fa89ae3429d9bd44d90d1999
cf35c9e8af47d8cd7233bebf1b785af16546782547f31501432cb7ad97d84714
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d56a977c5da17374230f62a573fddc29445cd6d0b03d077711c635f8f5c379a3
d5d2baa2ac651262e559202c0f1fc95683b64f0ba903c55219788b95e348425d
d5d8142c2f02eda71189ac046aa11019d8ca8519ae030f6549d12c7ebf7fe991
d667eb2aa3572d7e9ab137db2eb4d37f07fabe1f4a0e8e3be3cd1d630ddc31a9
d670b344e25b5eb3855cab47be4a004ff12027e03d9462751efb14ddd7332145
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293
da20aad92ff5801fb2533cd2211769e1c39dca54844a9521b33d88654b652f0b
da47d25bde260aaac30fba5ce9ff1ccd5b62b15e3884f1fc40d4d5c5222b8740
daf8352e0e48c693f07bd1fa9dad6e342d69be4589c74ab7f1af0dc223715576
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dedbd0552d1e2e6046eefbc3e207dba9e630161ceaf1c717204a8f0ef3e5a628
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e594f2d564eea7558f79bc92e84cde4ce0a7f2dd89bbff00112d9023d09ade1f
e96512295b6e834f5387435cffa346e7af51a41748daa6ce8cffb9b4eda3b2f4
ed276c4260d06014aaf9d73539a25eecaebb556de926a27a687fcdf62fc23efe
ed3f20f434fc8b826736fc729a246b0defbb1d6fd93f146f291ce72e68890478
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f081d2381987b06fd8bfc2b2cc7300833ae12e4377174c426d7e705e7f4f0b03
f0874ea51afc495bd55879a45362a95ff94657385504fa197315e23e63984c8d
f1e60bcd1bee9cd8ecb993ec95882ce53c5ebc06c3e3925cb2531b4b396b2252
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989
f32287d6bb73f9b8f40dd963a4705ee1eac7bdb7a8a1a7bd366ca72bbf51a947
f50922b0c4e9921da0238ce6040397ac33b884e2eb8c618c3f18535c5ab841ab
f639e1a971f1b8f1739213cf4a57559afbe37c737f3c742344830f7f959fd1e5
f677418329f1492ff13d5041c5872f1570eda43eaca5d1854a61de27385dab66
f7f50ceea4dcad83eea61dff325d95f0b850b87d8624192f5a4e503dfef3ff3c
fba03f80d4f80db33a4bafca980ecf3849c538988d1beedc747fa982b6850c5d
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fd4403ab2efacd25b50b97b137055ec9d17f6be416339e44261ecc4692abb873
feea77174e6a3918d390de5fc46c19925da87adbb3398c79ecc3e434daf3e6ae
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9
ff52217d99a27a2d5b606b3930f79174800fe1f79e8d83a7d0a6834f72ef6309