www.secure-bluebird.com Open in urlscan Pro
194.32.77.243 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.secure-bluebird.com/
Submission: On November 20 via automatic, source certstream-suspicious (November 20th 2021, 10:34:56 pm UTC) — Scanned from DE

Summary HTTP 80 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 30 domains to perform 80 HTTP transactions. The main IP is 194.32.77.243, located in Frankfurt am Main, Germany and belongs to MVPS www.mvps.net, CY. The main domain is www.secure-bluebird.com.
TLS certificate: Issued by R3 on November 20th 2021. Valid for: 3 months.

This is the only time www.secure-bluebird.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	194.32.77.243 194.32.77.243	202448 (MVPS www....) (MVPS www.mvps.net)
5	2a02:26f0:6c0... 2a02:26f0:6c00:299::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	52.208.127.56 52.208.127.56	16509 (AMAZON-02) (AMAZON-02)
1 1	54.194.191.134 54.194.191.134	16509 (AMAZON-02) (AMAZON-02)
5	104.111.244.187 104.111.244.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:215... 2600:9000:2156:a000:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
2 6	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3 3	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1 2	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.184.216.10 18.184.216.10	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.59.21.149 52.59.21.149	16509 (AMAZON-02) (AMAZON-02)
1 1	143.204.98.33 143.204.98.33	16509 (AMAZON-02) (AMAZON-02)
1 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	3.229.229.140 3.229.229.140	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2600:1f18:612... 2600:1f18:612b:4264:d436:a7a1:a7a:c65e	14618 (AMAZON-AES) (AMAZON-AES)
1	35.156.119.137 35.156.119.137	16509 (AMAZON-02) (AMAZON-02)
1	52.17.218.77 52.17.218.77	16509 (AMAZON-02) (AMAZON-02)
1 2	18.195.106.43 18.195.106.43	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
80	28

35 194.32.77.243 (Frankfurt am Main, Germany)

ASN202448 (MVPS www.mvps.net, CY)
PTR: no-reverse-yet.local

www.secure-bluebird.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00:299::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.208.127.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-127-56.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
incommholdings.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.191.134 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-191-134.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.244.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-244-187.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:a000:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 193.0.160.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

20833175p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

incommholdingsbluebirdprod.112.2o7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.145 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.216.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.21.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-21-149.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.33 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-33.fra50.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.229.229.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-229-140.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:d436:a7a1:a7a:c65e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.119.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-119-137.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.218.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-218-77.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.106.43 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-106-43.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	secure-bluebird.com www.secure-bluebird.com	838 KB
6	rfihub.com 2 redirects 20833175p.rfihub.com a.rfihub.com p.rfihub.com	9 KB
5	evidon.com c.evidon.com	30 KB
5	adobedtm.com assets.adobedtm.com	107 KB
4	doubleclick.net 3 redirects cm.g.doubleclick.net googleads.g.doubleclick.net	2 KB
4	demdex.net dpm.demdex.net incommholdings.demdex.net	6 KB
3	rlcdn.com 1 redirects idsync.rlcdn.com	1010 B
3	gstatic.com www.gstatic.com	328 KB
3	google.com www.google.com	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	everesttech.net 2 redirects cm.everesttech.net sync-tm.everesttech.net	733 B
1	google.de www.google.de	548 B
1	krxd.net beacon.krxd.net	338 B
1	agkn.com aa.agkn.com	238 B
1	tremorhub.com partners.tremorhub.com	183 B
1	addthis.com x.dlx.addthis.com	191 B
1	rtactivate.com bpi.rtactivate.com	109 B
1	rezync.com 1 redirects live.rezync.com	785 B
1	serving-sys.com bs.serving-sys.com	105 B
1	media.net contextual.media.net	614 B
1	eyeota.net ps.eyeota.net	344 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	bluekai.com 1 redirects stags.bluekai.com	676 B
1	googleadservices.com www.googleadservices.com	15 KB
1	2o7.net incommholdingsbluebirdprod.112.2o7.net	394 B
1	googletagmanager.com www.googletagmanager.com	50 KB
1	rfihub.net c1.rfihub.net	6 KB
80	30

	Domain	Requested by
35	www.secure-bluebird.com	www.secure-bluebird.com
5	c.evidon.com	www.secure-bluebird.com c.evidon.com
5	assets.adobedtm.com	www.secure-bluebird.com
4	p.rfihub.com	2 redirects
3	idsync.rlcdn.com	1 redirects
3	cm.g.doubleclick.net	3 redirects
3	dpm.demdex.net	www.secure-bluebird.com
3	www.gstatic.com	www.secure-bluebird.com www.google.com
3	www.google.com	www.secure-bluebird.com www.gstatic.com
2	x.bidswitch.net	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	ib.adnxs.com	1 redirects
1	www.google.de
1	googleads.g.doubleclick.net	www.googleadservices.com
1	sync-tm.everesttech.net	1 redirects
1	beacon.krxd.net
1	aa.agkn.com
1	partners.tremorhub.com
1	x.dlx.addthis.com
1	bpi.rtactivate.com
1	live.rezync.com	1 redirects
1	bs.serving-sys.com
1	contextual.media.net
1	ps.eyeota.net
1	pixel.rubiconproject.com
1	stags.bluekai.com	1 redirects
1	a.rfihub.com
1	www.googleadservices.com	www.secure-bluebird.com
1	incommholdingsbluebirdprod.112.2o7.net
1	www.googletagmanager.com	www.secure-bluebird.com
1	20833175p.rfihub.com	www.secure-bluebird.com
1	c1.rfihub.net	www.secure-bluebird.com
1	cm.everesttech.net	1 redirects
1	incommholdings.demdex.net	www.secure-bluebird.com
80	35

This site contains links to these domains. Also see Links.

Domain
secure.bluebird.com
www.bluebird.com
www.americanexpress.com

Subject Issuer	Validity	Valid
secure-bluebird.com R3	`2021-11-20` - `2022-02-18`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.evidon.com DigiCert SHA2 Secure Server CA	`2021-05-30` - `2022-06-08`	a year	crt.sh
*.rfihub.net Sectigo RSA Domain Validation Secure Server CA	`2021-02-10` - `2022-02-10`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.112.2o7.net DigiCert TLS RSA SHA256 2020 CA1	`2021-04-14` - `2022-04-20`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
bs.serving-sys.com Amazon	`2021-05-10` - `2022-06-08`	a year	crt.sh
rtactivate.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-10-18` - `2022-04-26`	6 months	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.secure-bluebird.com/
Frame ID: A8023839A39231B20509A42C88A6DFF3
Requests: 51 HTTP requests in this frame

Frame: https://www.secure-bluebird.com/index_files/anchor.html
Frame ID: C587A60DE6CDD02C79F69E15EA27A3AC
Requests: 3 HTTP requests in this frame

Frame: https://www.secure-bluebird.com/index_files/saved_resource.html
Frame ID: E62DB38FC789940CB02BF06F1C81C2D9
Requests: 1 HTTP requests in this frame

Frame: https://www.secure-bluebird.com/index_files/saved_resource(1).html
Frame ID: 6F331CF2F0800AB12D015702FB1FBFC2
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeD5cUZAAAAAHHoJkOMsfV0aW3sfJBygFvSYqE4&co=aHR0cHM6Ly93d3cuc2VjdXJlLWJsdWViaXJkLmNvbTo0NDM.&hl=ru&v=yZguKF1TiDm6F3yJWVhmOKQ9&size=invisible&cb=5askfv6q2kdy
Frame ID: AB3E311BBE2C889097BE2A9F29DA64D7
Requests: 3 HTTP requests in this frame

Frame: https://www.secure-bluebird.com/index_files/saved_resource(2).html
Frame ID: 11898FB184FB1F931B030FECE6F8ADC9
Requests: 1 HTTP requests in this frame

Frame: https://incommholdings.demdex.net/dest5.html?d_nsid=0
Frame ID: 8AB1F0DE7CD2B25ABF8A56A610E8B0F8
Requests: 1 HTTP requests in this frame

Frame: https://20833175p.rfihub.com/ca.html?ver=9&rb=44097&ca=20833175&_o=44097&_t=20833175&pe=https%3A%2F%2Fwww.secure-bluebird.com%2F&pf=&ra=18264176434746338
Frame ID: B16431CE1E2D4A7AE174DD510BBDC66F
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - Bluebird

Page Statistics

80
Requests

88 %
HTTPS

26 %
IPv6

30
Domains

35
Subdomains

28
IPs

5
Countries

1398 kB
Transfer

3973 kB
Size

33
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.bluebird.com/#main
Title: Skip to Main Content

Search URL Search Domain Scan URL

URL: https://secure.bluebird.com/

Search URL Search Domain Scan URL

URL: https://secure.bluebird.com/signup1
Title: Create one today!

Search URL Search Domain Scan URL

URL: https://secure.bluebird.com/login/forgotcredentials
Title: Forgot username/password?

Search URL Search Domain Scan URL

URL: https://www.bluebird.com/bankaccount
Title: Bluebird Bank Account

Search URL Search Domain Scan URL

URL: https://www.bluebird.com/prepaidaccount
Title: Bluebird Prepaid Debit Account

Search URL Search Domain Scan URL

URL: https://secure.bluebird.com/activate
Title: Activate My Card

Search URL Search Domain Scan URL

URL: https://secure.bluebird.com/retailcard
Title: Check Temporary Card Balance

Search URL Search Domain Scan URL

URL: https://www.bluebird.com/legal
Title: Legal/Privacy

Search URL Search Domain Scan URL

URL: https://www.bluebird.com/faqs
Title: FAQs

Search URL Search Domain Scan URL

URL: https://www.bluebird.com/faqs#contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.bluebird.com/legal/member-agreement
Title: Member Agreement

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/prepaid/state-licensing.html
Title: Click here

Search URL Search Domain Scan URL

URL: https://www.bluebird.com/faqs/stay-in-the-know
Title: Click here

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/company/privacy-center/online-privacy-disclosures/
Title: Privacy Statement

Search URL Search Domain Scan URL

URL: https://www.bluebird.com/legal/bankaccount-privacy
Title: Privacy Statement

Search URL Search Domain Scan URL

URL: https://www.bluebird.com/legal/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://cm.everesttech.net/cm/dd?d_uuid=39912129146877572931063879265252898452 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZl4CwAAAL2JugQE

Request Chain 58

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEyNDMyMjMyMDM0NjM1NDY0MA==&forward= HTTP 302
https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEyNDMyMjMyMDM0NjM1NDY0MA==&forward=&google_tc= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEAFGSTIJoS_xI-c4AZ4z9dw&google_cver=1

Request Chain 59

https://ib.adnxs.com/setuid?entity=18&code=5124322320346354640 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5124322320346354640

Request Chain 60

https://stags.bluekai.com/site/4722?id=5124322320346354640&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=

Request Chain 63

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5124322320346354640&bid=omt9pi0

Request Chain 66

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322320346354640&referrer=https%3A%2F%2Fwww.secure-bluebird.com%2F HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=12f763da-1ebf-4f0e-8eba-31d574bc7475%3A1637447691.89&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D12f763da-1ebf-4f0e-8eba-31d574bc7475%253A1637447691.89 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=12f763da-1ebf-4f0e-8eba-31d574bc7475%3A1637447691.89 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJ5AeOlr0WuxJIE1FAYnSII&google_cver=1

Request Chain 68

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322320346354640&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322320346354640&forward=&C=1

Request Chain 71

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322320346354640&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322320346354640&img=1&__user_check__=1&sync_id=13a40adc-4a52-11ec-b340-1708f5200406

Request Chain 75

https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322320346354640&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322320346354640&expires=30

Request Chain 76

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=YZl4CwAAAL2JugQE

80 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.secure-bluebird.com/ 18 KB
6 KB 39ms
11ms Document
text/html 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 08dd3fea0cacd7dc3f816ede89b9234d6746ead0d3be4cf06ee3493f40f604d4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Type: text/html
Content-Length: 6341
Connection: keep-alive
Last-Modified: Sat, 20 Nov 2021 22:33:51 GMT
ETag: "4845-5d13ffc657268-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK recaptcha__ru.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
www.secure-bluebird.com/index_files/ 380 KB
138 KB 56ms
56ms Script
application/javascript 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/recaptcha__ru.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: d59d8f4b25b32c07d4a42a0b568cd7ea715878dcd3251de27cb9502aee2bc787

Request headers

Referer: https://www.secure-bluebird.com/
Origin: https://www.secure-bluebird.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 22:33:39 GMT
Server: nginx
ETag: "5ee48-5d13ffbb4cf50-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK et.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
www.secure-bluebird.com/index_files/ 98 B
417 B 60ms
9ms Script
application/javascript 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/et.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 139d3073d96ba2e8741c8a7247d4bc4705ad01c1fdef207043080e8288ff3298

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 22:33:42 GMT
Server: nginx
ETag: "62-5d13ffbe4f788-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 117

GET
H/1.1 200
OK 6.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
www.secure-bluebird.com/index_files/ 1 KB
1 KB 9ms
9ms Script
application/javascript 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/6.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 9c6d7cfc7c456b2530513c5b7e40e6ee657cc3fea60a45ded262ebbc6e60973f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 22:33:47 GMT
Server: nginx
ETag: "411-5d13ffc31a0ae-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 830

GET
H/1.1 200
OK f.txt Show response
www.secure-bluebird.com/index_files/ 37 KB
14 KB 11ms
10ms Script
text/plain 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/f.txt
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 4f84baa916f797921af359b333dc340ab665b913c483e1f252617eaf3b85de51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 22:33:44 GMT
Server: nginx
ETag: W/"619977c8-9486"
Vary: Accept-Encoding
Content-Type: text/plain
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK tc.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
www.secure-bluebird.com/index_files/ 19 KB
6 KB 14ms
12ms Script
application/javascript 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/tc.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 22:33:33 GMT
Server: nginx
ETag: "4c2a-5d13ffb522d1f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6162

GET
H/1.1 200
OK cc.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
www.secure-bluebird.com/index_files/ 37 KB
15 KB 16ms
15ms Script
application/javascript 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/cc.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 77e03cda4a666914edca889a658cd3ce889dc91dff0f4e7fbef66d8d42dd3c65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 22:33:47 GMT
Server: nginx
ETag: "953d-5d13ffc2c032b-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14779

GET
H/1.1 200
OK nly-Crima-Tray-how-All-Malcompt-I-helpe-deliuenl Show response
www.secure-bluebird.com/index_files/ 127 KB
127 KB 14ms
13ms Script
text/plain 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/nly-Crima-Tray-how-All-Malcompt-I-helpe-deliuenl
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: bc09aea0d52534a53b4aa787e07761565df63ba6d6010409f0da4f1622c5d719

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Last-Modified: Sat, 20 Nov 2021 22:33:41 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
ETag: "1fbc1-5d13ffbcf1dbd"
Content-Length: 129985

GET
H/1.1 200
OK env-config.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
www.secure-bluebird.com/index_files/ 790 B
758 B 56ms
33ms Script
application/javascript 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/env-config.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 02eebb68d23e29b3c8b0557b6e4087f3c6b875301255fe960efb7f1ec3049111

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 22:33:34 GMT
Server: nginx
ETag: "316-5d13ffb658649-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 457

GET
H/1.1 200
OK launch-44ba98fb83ed.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
www.secure-bluebird.com/index_files/ 319 KB
90 KB 23ms
21ms Script
application/javascript 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/launch-44ba98fb83ed.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 09a6dc4063514e71d9f7a441fe529a5acde00e622c36146aecc21cbaa20207be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 22:33:44 GMT
Server: nginx
ETag: "4faf6-5d13ffc053198-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK Bluebird_GlobalDLO.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
www.secure-bluebird.com/index_files/ 4 KB
986 B 43ms
19ms Script
application/javascript 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/Bluebird_GlobalDLO.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 971e89223e30f7db5ce5fff50c26ac94177701cbf5df62b2a580f72d6dfa8ad8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 22:33:49 GMT
Server: nginx
ETag: "103c-5d13ffc478a19-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 684

GET
H/1.1 200
OK messageapi.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
www.secure-bluebird.com/index_files/ 126 KB
33 KB 64ms
37ms Script
application/javascript 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/messageapi.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 71df5d1b9ec8f5ad2f7d3ff70373775c509e88ebbab8710c16a2de354353b3a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 22:33:36 GMT
Server: nginx
ETag: "1f956-5d13ffb8458f8-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33968

GET
H/1.1 200
OK 2.07d45e55.chunk.css
www.secure-bluebird.com/index_files/ 15 KB
7 KB 26ms
13ms Stylesheet
text/css 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/2.07d45e55.chunk.css
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: d89c3dfb07867e92b19b354ae45f6597df000acd7293bf8c41a3fb4814b7c1d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 22:33:27 GMT
Server: nginx
ETag: W/"619977b7-3a4b"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main.b5198c8d.chunk.css
www.secure-bluebird.com/index_files/ 517 KB
60 KB 37ms
23ms Stylesheet
text/css 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/main.b5198c8d.chunk.css
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: aeb54a5d166b2cad99916c0913421995cfb2b24a76a39a920263b17e1e15c7e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 22:33:28 GMT
Server: nginx
ETag: W/"619977b8-81332"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK AppMeasurement.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
www.secure-bluebird.com/index_files/ 33 KB
12 KB 17ms
16ms Script
application/javascript 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/AppMeasurement.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 92c5b25edbc4647c55be848b92ea22fd4618cc3252a2364025262e18a7430f84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 22:33:41 GMT
Server: nginx
ETag: "82c9-5d13ffbcc7ddc-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12186

GET
H/1.1 200
OK AppMeasurement_Module_ActivityMap.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
www.secure-bluebird.com/index_files/ 3 KB
2 KB 9ms
8ms Script
application/javascript 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/AppMeasurement_Module_ActivityMap.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 0821bd2158b7c2d4165a43a999f30fdc1dc977c6f216ae950298b0237189c0e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 22:33:42 GMT
Server: nginx
ETag: "ce7-5d13ffbdfe6a5-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1593

GET
H/1.1 200
OK js Show response
www.secure-bluebird.com/index_files/ 133 KB
133 KB 11ms
11ms Script
text/plain 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/js
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: e19493be7608180b96b83602b373bb56b970ed535553321d63aa1846e235c6bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Last-Modified: Sat, 20 Nov 2021 22:33:31 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
ETag: "212d3-5d13ffb379092"
Content-Length: 135891

GET
H/1.1 200
OK f(1).txt Show response
www.secure-bluebird.com/index_files/ 2 KB
1 KB 49ms
7ms Script
text/plain 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/f(1).txt
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 153c4a34711595fd4d5626d337570664e0c8b5946df17574a28563ed7612eda7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 22:33:45 GMT
Server: nginx
ETag: W/"619977c9-6b7"
Vary: Accept-Encoding
Content-Type: text/plain
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Logo.79a8bd90.svg
www.secure-bluebird.com/index_files/ 2 KB
1 KB 11ms
7ms Image
image/svg+xml 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.secure-bluebird.com/index_files/Logo.79a8bd90.svg
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 363c5f667467a45d02192430f1cad5782a529d74a92acd6b3711d4007bfa52c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 22:33:46 GMT
Server: nginx
ETag: W/"619977ca-9eb"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK api.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
www.secure-bluebird.com/index_files/ 884 B
886 B 9ms
9ms Script
application/javascript 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/api.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 97a17cc1a4f61bf019046b53ed7dbba0289ed3daec451dc4417f758ae0afdc38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 22:33:29 GMT
Server: nginx
ETag: "374-5d13ffb1746e2-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 585

GET
H2 200 launch-44ba98fb83ed.min.js Show response
assets.adobedtm.com/749c35e733e5/8fa4f1f1a52e/ 320 KB
91 KB 50ms
15ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/749c35e733e5/8fa4f1f1a52e/launch-44ba98fb83ed.min.js
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 5df96911f0f8c3aae5d4281ea958f34f51f1f32e926f1f12ba213d14917b912f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 22:34:51 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 19:34:41 GMT
server: AkamaiNetStorage
etag: "54faafbe47b2efd7c59f04ed341c4825:1636659281.411308"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.secure-bluebird.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 92747
expires: Sat, 20 Nov 2021 23:34:51 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/350469249/ 42 B
548 B 42ms
17ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/350469249/?random=1636978311630&cv=9&fst=1636977600000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=864&u_w=1536&u_ah=826&u_aw=1536&u_cd=24&u_his=3&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.bluebird.com%2F&ref=https%3A%2F%2Fwww.bluebird.com%2F&tiba=Login%20-%20Bluebird&async=1&fmt=3&is_vtc=1&random=88610860&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 22:34:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 172 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 166ed11ecd28aa9d58073354c5480194eb2bfaa9ead67d3fc3ca21da9acb4eac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 404
Not Found poppins-v15-latin-regular.5b8f3ba8.woff2
www.secure-bluebird.com/static/media/ 0
0 15ms
8ms Font
text/html 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/static/media/poppins-v15-latin-regular.5b8f3ba8.woff2
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/index_files/main.b5198c8d.chunk.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash

Request headers

Referer: https://www.secure-bluebird.com/index_files/main.b5198c8d.chunk.css
Origin: https://www.secure-bluebird.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 21:47:01 GMT
Server: nginx
ETag: W/"598-5d13f54eed0af"
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 404
Not Found poppins-v15-latin-600.e49343f0.woff2
www.secure-bluebird.com/static/media/ 0
0 18ms
9ms Font
text/html 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/static/media/poppins-v15-latin-600.e49343f0.woff2
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/index_files/main.b5198c8d.chunk.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash

Request headers

Referer: https://www.secure-bluebird.com/index_files/main.b5198c8d.chunk.css
Origin: https://www.secure-bluebird.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 21:47:01 GMT
Server: nginx
ETag: W/"598-5d13f54eed0af"
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 404
Not Found poppins-v15-latin-500.dc16a359.woff2
www.secure-bluebird.com/static/media/ 0
0 20ms
8ms Font
text/html 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/static/media/poppins-v15-latin-500.dc16a359.woff2
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/index_files/main.b5198c8d.chunk.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash

Request headers

Referer: https://www.secure-bluebird.com/index_files/main.b5198c8d.chunk.css
Origin: https://www.secure-bluebird.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 21:47:01 GMT
Server: nginx
ETag: W/"598-5d13f54eed0af"
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK anchor.html Show response
www.secure-bluebird.com/index_files/ Frame C587 42 KB
22 KB 11ms
9ms Document
text/html 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/anchor.html
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 6d7a228b83852bad0e3e1e70faa1d6b7e6710b91d2406478a54a2271a63d4757

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/

Response headers

Server: nginx
Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Type: text/html
Last-Modified: Sat, 20 Nov 2021 22:33:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"619977ce-a74b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

GET
H/1.1 200
OK saved_resource.html Show response
www.secure-bluebird.com/index_files/ Frame E62D 149 B
453 B 10ms
8ms Document
text/html 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/saved_resource.html
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/

Response headers

Server: nginx
Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Type: text/html
Content-Length: 149
Last-Modified: Sat, 20 Nov 2021 22:33:49 GMT
Connection: keep-alive
ETag: "619977cd-95"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

GET
H/1.1 200
OK saved_resource(1).html Show response
www.secure-bluebird.com/index_files/ Frame 6F33 268 B
573 B 8ms
7ms Document
text/html 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/saved_resource(1).html
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: e6515f06ad97dd59f7010f12e12bd07e3a668fadf32b06923a2bd538a0f0661b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/

Response headers

Server: nginx
Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Type: text/html
Content-Length: 268
Last-Modified: Sat, 20 Nov 2021 22:33:35 GMT
Connection: keep-alive
ETag: "619977bf-10c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

GET
H/1.1 404
Not Found poppins-v15-latin-regular.c14093ce.woff
www.secure-bluebird.com/static/media/ 0
0 12ms
11ms Font
text/html 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/static/media/poppins-v15-latin-regular.c14093ce.woff
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/index_files/main.b5198c8d.chunk.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash

Request headers

Referer: https://www.secure-bluebird.com/index_files/main.b5198c8d.chunk.css
Origin: https://www.secure-bluebird.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 21:47:01 GMT
Server: nginx
ETag: W/"598-5d13f54eed0af"
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 404
Not Found poppins-v15-latin-600.8c4516c5.woff
www.secure-bluebird.com/static/media/ 0
0 9ms
9ms Font
text/html 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/static/media/poppins-v15-latin-600.8c4516c5.woff
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/index_files/main.b5198c8d.chunk.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash

Request headers

Referer: https://www.secure-bluebird.com/index_files/main.b5198c8d.chunk.css
Origin: https://www.secure-bluebird.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 21:47:01 GMT
Server: nginx
ETag: W/"598-5d13f54eed0af"
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 404
Not Found poppins-v15-latin-500.ff86872b.woff
www.secure-bluebird.com/static/media/ 0
0 16ms
9ms Font
text/html 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/static/media/poppins-v15-latin-500.ff86872b.woff
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/index_files/main.b5198c8d.chunk.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash

Request headers

Referer: https://www.secure-bluebird.com/index_files/main.b5198c8d.chunk.css
Origin: https://www.secure-bluebird.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 21:47:01 GMT
Server: nginx
ETag: W/"598-5d13f54eed0af"
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 404
Not Found poppins-v15-latin-600.154211b0.ttf
www.secure-bluebird.com/static/media/ 0
0 10ms
9ms Font
text/html 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/static/media/poppins-v15-latin-600.154211b0.ttf
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/index_files/main.b5198c8d.chunk.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash

Request headers

Referer: https://www.secure-bluebird.com/index_files/main.b5198c8d.chunk.css
Origin: https://www.secure-bluebird.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 21:47:01 GMT
Server: nginx
ETag: W/"598-5d13f54eed0af"
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 404
Not Found poppins-v15-latin-regular.b739ab04.ttf
www.secure-bluebird.com/static/media/ 0
0 9ms
9ms Font
text/html 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/static/media/poppins-v15-latin-regular.b739ab04.ttf
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/index_files/main.b5198c8d.chunk.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash

Request headers

Referer: https://www.secure-bluebird.com/index_files/main.b5198c8d.chunk.css
Origin: https://www.secure-bluebird.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 21:47:01 GMT
Server: nginx
ETag: W/"598-5d13f54eed0af"
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 404
Not Found poppins-v15-latin-500.9b645762.ttf
www.secure-bluebird.com/static/media/ 0
0 9ms
8ms Font
text/html 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/static/media/poppins-v15-latin-500.9b645762.ttf
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/index_files/main.b5198c8d.chunk.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash

Request headers

Referer: https://www.secure-bluebird.com/index_files/main.b5198c8d.chunk.css
Origin: https://www.secure-bluebird.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 21:47:01 GMT
Server: nginx
ETag: W/"598-5d13f54eed0af"
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 recaptcha__ru.js Show response
www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/ 380 KB
139 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/recaptcha__ru.js

Requested by

Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/index_files/api.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d59d8f4b25b32c07d4a42a0b568cd7ea715878dcd3251de27cb9502aee2bc787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.secure-bluebird.com/
Origin: https://www.secure-bluebird.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141119
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 21:26:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 17 Nov 2022 16:13:39 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 373 B
1 KB 133ms
38ms XHR
application/json 52.208.127.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=B50D40075A980C9B0A495DE1%40AdobeOrg&d_nsid=0&ts=1637447691272

Requested by

Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/index_files/launch-44ba98fb83ed.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.127.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-127-56.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d46474961b959043363b8fc55a35f11fda04b95b78a18b714360903c0d517d5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.secure-bluebird.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v019-0ff20dc55.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: /Bl77fxtTAU=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.secure-bluebird.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 312
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/ 33 KB
12 KB 14ms
14ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement.min.js
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/index_files/launch-44ba98fb83ed.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 92c5b25edbc4647c55be848b92ea22fd4618cc3252a2364025262e18a7430f84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 22:34:51 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 21:04:01 GMT
server: AkamaiNetStorage
etag: "4635bffccc756e9a52eae8011adb9137:1629320641.842128"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.secure-bluebird.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12188
expires: Sat, 20 Nov 2021 23:34:51 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/ 3 KB
2 KB 14ms
14ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/index_files/launch-44ba98fb83ed.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0821bd2158b7c2d4165a43a999f30fdc1dc977c6f216ae950298b0237189c0e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 22:34:51 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 21:04:02 GMT
server: AkamaiNetStorage
etag: "8b210658d66894c896047ae490138f1c:1629320642.068491"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.secure-bluebird.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1593
expires: Sat, 20 Nov 2021 23:34:51 GMT

GET
H/1.1 200
OK styles__ltr.css
www.secure-bluebird.com/index_files/ Frame C587 52 KB
26 KB 14ms
14ms Stylesheet
text/css 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/styles__ltr.css
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/index_files/anchor.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/index_files/anchor.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 22:33:31 GMT
Server: nginx
ETag: W/"619977bb-ce83"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK recaptcha__ru.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Show response
www.secure-bluebird.com/index_files/ Frame C587 380 KB
138 KB 22ms
22ms Script
application/javascript 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/recaptcha__ru.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/index_files/anchor.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: d59d8f4b25b32c07d4a42a0b568cd7ea715878dcd3251de27cb9502aee2bc787

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/index_files/anchor.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Nov 2021 22:33:39 GMT
Server: nginx
ETag: "5ee48-5d13ffbb4cf50-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame AB3E 7 KB
1 KB 21ms
20ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeD5cUZAAAAAHHoJkOMsfV0aW3sfJBygFvSYqE4&co=aHR0cHM6Ly93d3cuc2VjdXJlLWJsdWViaXJkLmNvbTo0NDM.&hl=ru&v=yZguKF1TiDm6F3yJWVhmOKQ9&size=invisible&cb=5askfv6q2kdy

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/recaptcha__ru.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6c734364d8757534cc2f90cd9c3312f9bfd23279456b674ea7cdebecc6b749fe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GuCL/m+jYpoPKGRyzDN8ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-security-policy: script-src 'report-sample' 'nonce-GuCL/m+jYpoPKGRyzDN8ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
content-encoding: gzip
date: Sat, 20 Nov 2021 22:34:51 GMT
expires: Sat, 20 Nov 2021 22:34:51 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1043
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK saved_resource(2).html Show response
www.secure-bluebird.com/index_files/ Frame 1189 149 B
453 B 7ms
7ms Document
text/html 194.32.77.243
MVPS www.mvps.net

General

Check archive.org

Show headers Download Go to

Full URL: https://www.secure-bluebird.com/index_files/saved_resource(2).html
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/index_files/anchor.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.32.77.243 Frankfurt am Main, Germany, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS: no-reverse-yet.local
Software: nginx /
Resource Hash: 97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/index_files/anchor.html

Response headers

Server: nginx
Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Type: text/html
Content-Length: 149
Last-Modified: Sat, 20 Nov 2021 22:33:29 GMT
Connection: keep-alive
ETag: "619977b9-95"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

GET
H/1.1 200
OK dest5.html Show response
incommholdings.demdex.net/ Frame 8AB1 7 KB
3 KB 128ms
30ms Document
text/html 52.208.127.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://incommholdings.demdex.net/dest5.html?d_nsid=0

Requested by

Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/index_files/launch-44ba98fb83ed.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.127.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-127-56.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sat, 20 Nov 2021 22:34:51 GMT
DCS: dcs-prod-irl1-1-v019-050944740.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 14 Oct 2021 10:46:55 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: CGF5B6jRRTQ=
Content-Length: 2791
Connection: keep-alive

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YZl4CwAAAL2JugQE
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=39912129146877572931063879265252898452
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZl4CwAAAL2JugQE

42 B
945 B

33ms
33ms

Image
image/gif

52.208.127.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZl4CwAAAL2JugQE

Requested by

Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/

Protocol

HTTP/1.1

Server

52.208.127.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-127-56.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-03035d387.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ox3oTR7jRL8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZl4CwAAAL2JugQE
Date: Sat, 20 Nov 2021 22:34:51 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/ Frame AB3E 52 KB
52 KB 23ms
8ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeD5cUZAAAAAHHoJkOMsfV0aW3sfJBygFvSYqE4&co=aHR0cHM6Ly93d3cuc2VjdXJlLWJsdWViaXJkLmNvbTo0NDM.&hl=ru&v=yZguKF1TiDm6F3yJWVhmOKQ9&size=invisible&cb=5askfv6q2kdy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 16:04:07 GMT
x-content-type-options: nosniff
age: 196244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52867
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 21:26:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 18 Nov 2022 16:04:07 GMT

GET
H3 200 recaptcha__ru.js Show response
www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/ Frame AB3E 380 KB
138 KB 30ms
16ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/recaptcha__ru.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d59d8f4b25b32c07d4a42a0b568cd7ea715878dcd3251de27cb9502aee2bc787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141119
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 21:26:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 17 Nov 2022 16:13:39 GMT

GET
H2 200 RC11f4ee945990461fb910c94f9466491b-source.min.js Show response
assets.adobedtm.com/749c35e733e5/8fa4f1f1a52e/f6af90713f1b/ 3 KB
2 KB 14ms
13ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/749c35e733e5/8fa4f1f1a52e/f6af90713f1b/RC11f4ee945990461fb910c94f9466491b-source.min.js
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/index_files/launch-44ba98fb83ed.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a1ee642a0aa5c7955dc4a3cb4acdd87b1cf59d7ea5e7e67598cde060b2935216

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 22:34:51 GMT
content-encoding: gzip
last-modified: Wed, 10 Nov 2021 17:58:05 GMT
server: AkamaiNetStorage
etag: "f84d9702b0bfbc8dd5f3bb64e3eb1439:1636567085.38165"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.secure-bluebird.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1304
expires: Sat, 20 Nov 2021 23:34:51 GMT

GET
H2 200 evidon-sitenotice-tag.js Show response
c.evidon.com/sitenotice/ 63 KB
17 KB 81ms
18ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 938c77a89e7d38efbff80ca2324b5191f90c6d790c247e0aabaae93bd62a7763

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 22:34:51 GMT
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 20:19:58 GMT
server: AkamaiNetStorage
etag: "bb570c03cfa8a9909bf9644a3e5f5d80:1635279598.00544"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 16600
expires: Mon, 22 Nov 2021 22:34:51 GMT

GET
H2 200 country.js Show response
c.evidon.com/geo/ 252 B
459 B 86ms
24ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 22:34:51 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 23:46:45 GMT
server: AkamaiNetStorage
etag: "61397050076da6e6062ac7b53a8ef498:1584143205.714402"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 174

GET
H2 200 snthemes.js Show response
c.evidon.com/sitenotice/5229/ 79 KB
4 KB 91ms
29ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/5229/snthemes.js
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cfc3ce3e5d9b88e1df297b78fe5588249dd37d4ba72a57c1577b75fe2e12c746

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 22:34:51 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 14:56:01 GMT
server: AkamaiNetStorage
etag: "0e121e88666f40ac47ac103c92650beb:1630508161.617541"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 3276
expires: Mon, 22 Nov 2021 22:34:51 GMT

GET
H2 404 settings.js
c.evidon.com/sitenotice/5229/secure-bluebird/ 0
0 474ms
412ms Script
text/plain 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/5229/secure-bluebird/settings.js
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 22:34:52 GMT
server: AkamaiNetStorage
vary: Origin
access-control-allow-methods: GET,OPTIONS,POST
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 10
expires: Mon, 22 Nov 2021 22:34:52 GMT

GET
H2 200 RCefe086ec6091434f8534c7296df11b9f-source.min.js Show response
assets.adobedtm.com/749c35e733e5/8fa4f1f1a52e/f6af90713f1b/ 891 B
731 B 14ms
14ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/749c35e733e5/8fa4f1f1a52e/f6af90713f1b/RCefe086ec6091434f8534c7296df11b9f-source.min.js
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/index_files/launch-44ba98fb83ed.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e4f83834a898ed1d9986a9b617045b57bfdf3e6e8733836c528569fd9b8fa49b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 22:34:51 GMT
content-encoding: gzip
last-modified: Wed, 10 Nov 2021 17:58:05 GMT
server: AkamaiNetStorage
etag: "f84d9702b0bfbc8dd5f3bb64e3eb1439:1636567085.38165"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.secure-bluebird.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 459
expires: Sat, 20 Nov 2021 23:34:51 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 57ms
8ms Script
application/x-javascript 2600:9000:2156:a000:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a000:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 22:02:06 GMT
content-encoding: gzip
last-modified: Sat, 20 Nov 2021 22:01:56 GMT
server: Jetty(9.3.29.v20201019)
age: 1965
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
content-length: 6162
x-amz-cf-id: d3xfl4nLPyf59-Fe_4zf8MLz4WIQUoa5ljVZ1KABdgUsdSHI2mt8mg==
expires: Sat, 20 Nov 2021 23:02:06 GMT

GET
H/1.1 200
OK ca.html Show response
20833175p.rfihub.com/ Frame B164 3 KB
4 KB 133ms
21ms Document
text/html 193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20833175p.rfihub.com/ca.html?ver=9&rb=44097&ca=20833175&_o=44097&_t=20833175&pe=https%3A%2F%2Fwww.secure-bluebird.com%2F&pf=&ra=18264176434746338
Requested by: Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/index_files/tc.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 822a5b162e00b6ef60ffe08a14b38ad7ccfaaf49421fef66a5703c75f115ee6f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 2796
Server: Jetty(9.3.29.v20201019)

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
50 KB 59ms
31ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-350469249

Requested by

Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a9f74a1067b50860b7a8a8beede9d15db889f5e14e17f14fca2f220d427f452f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 22:34:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50869
x-xss-protection: 0
last-modified: Sat, 20 Nov 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 20 Nov 2021 22:34:51 GMT

GET
H2 200 s57564233386511
incommholdingsbluebirdprod.112.2o7.net/b/ss/incommholdingsbluebirdprod/1/JS-2.22.1-LBWB/ 43 B
394 B 85ms
18ms Image
image/gif 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://incommholdingsbluebirdprod.112.2o7.net/b/ss/incommholdingsbluebirdprod/1/JS-2.22.1-LBWB/s57564233386511?AQB=1&ndh=1&pf=1&t=20%2F10%2F2021%2022%3A34%3A51%206%200&mid=40013750810094927141019985181828485011&aamlh=6&ce=UTF-8&g=https%3A%2F%2Fwww.secure-bluebird.com%2F&c.&apl=4.0&inList=3.0&getPreviousValue=3.0&.c&cc=USD&server=www.secure-bluebird.com&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v38=https%3A%2F%2Fwww.secure-bluebird.com%2F&c53=prospect&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=B50D40075A980C9B0A495DE1%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 22:34:51 GMT
x-content-type-options: nosniff
x-c: main-1542.If2e2aa.M0-523
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sun, 21 Nov 2021 22:34:51 GMT
server: jag
xserver: anedge-6988cccb6f-b7fcc
etag: 3516392141957988352-4619747967399009137
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Fri, 19 Nov 2021 22:34:51 GMT

GET
H2 200 en.js Show response
c.evidon.com/sitenotice/5229/translations/ 203 KB
9 KB 19ms
19ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/5229/translations/en.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: eabaff2a02661c0162d52bbc76afa2e9c515804e45f0caa547d2944308434978

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 22:34:51 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 14:56:01 GMT
server: AkamaiNetStorage
etag: "6eb05a3cde88f201df66380dea417f94:1630508161.40908"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 8915
expires: Mon, 22 Nov 2021 22:34:51 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 55ms
27ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.secure-bluebird.com
URL: https://www.secure-bluebird.com/index_files/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 22:34:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14378
x-xss-protection: 0
server: cafe
etag: 684346926396516684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 22:34:51 GMT

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame B164
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEyNDMyMjMyMDM0NjM1NDY0MA==&forward=
https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEyNDMyMjMyMDM0NjM1NDY0MA==&forward=&google_tc=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEAFGSTIJoS_xI-c4AZ4z9dw&google_cver=1

42 B
1 KB

65ms
18ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEAFGSTIJoS_xI-c4AZ4z9dw&google_cver=1
Protocol: HTTP/1.1
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20833175p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 20 Nov 2021 22:34:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEAFGSTIJoS_xI-c4AZ4z9dw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame B164
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=5124322320346354640
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5124322320346354640

43 B
1 KB

13ms
13ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5124322320346354640

Protocol

HTTP/1.1

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20833175p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Nov 2021 22:34:51 GMT
X-Proxy-Origin: 185.232.23.179; 185.232.23.179; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 95cf17bc-07fe-4adb-976e-78969638093c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 20 Nov 2021 22:34:51 GMT
X-Proxy-Origin: 185.232.23.179; 185.232.23.179; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3a8f7748-770d-4855-8ec3-821a4920c3b4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5124322320346354640
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame B164
Redirect Chain

https://stags.bluekai.com/site/4722?id=5124322320346354640&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D
https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=

42 B
1 KB

16ms
16ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
Protocol: HTTP/1.1
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20833175p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:52 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
Date: Sat, 20 Nov 2021 22:34:51 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame B164 0
239 B 30ms
8ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5124322320346354640&
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20833175p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

GET
H/1.1 200
OK ibs:dpid=1121&dpuuid=5124322320346354640&redir=
dpm.demdex.net/ Frame B164 42 B
945 B 35ms
34ms Image
image/gif 52.208.127.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5124322320346354640&redir=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.127.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-127-56.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20833175p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-0550d3c00.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: xu1jvVhWTm8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame B164
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5124322320346354640&bid=omt9pi0

0
344 B

41ms
7ms

Image
text/plain

18.184.216.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5124322320346354640&bid=omt9pi0
Protocol: HTTP/1.1
Server: 18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20833175p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5124322320346354640&bid=omt9pi0
Date: Sat, 20 Nov 2021 22:34:51 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame B164 45 B
614 B 119ms
77ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5124322320346354640

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20833175p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Sat, 20 Nov 2021 22:34:51 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Sat, 20 Nov 2021 22:34:51 GMT

GET
H2 200 serving
bs.serving-sys.com/ Frame B164 0
105 B 45ms
7ms Image
text/plain 52.59.21.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.21.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-21-149.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20833175p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 22:34:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame B164
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322320346354640&referrer=https%3A%2F%2Fwww.secure-bluebird.com%2F
https://p.rfihub.com/cm?pub=39342&in=0&userid=12f763da-1ebf-4f0e-8eba-31d574bc7475%3A1637447691.89&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D12f763da-1ebf-4f0e-8eba-31d574bc7475...
https://idsync.rlcdn.com/501709.gif?partner_uid=12f763da-1ebf-4f0e-8eba-31d574bc7475%3A1637447691.89
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJ5AeOlr0WuxJIE1FAYnSII&google_cver=1

42 B
300 B

21ms
21ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJ5AeOlr0WuxJIE1FAYnSII&google_cver=1
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20833175p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Nov 2021 22:34:52 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 20 Nov 2021 22:34:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJ5AeOlr0WuxJIE1FAYnSII&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame B164 43 B
109 B 369ms
147ms Image
image/gif 3.229.229.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5124322320346354640
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.229.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-229-140.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20833175p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 22:34:52 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B164
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322320346354640&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322320346354640&forward=&C=1

43 B
1006 B

96ms
96ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322320346354640&forward=&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20833175p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Nov 2021 22:34:51 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 20 Nov 2021 22:34:51 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 20 Nov 2021 22:34:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322320346354640&forward=&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 295
Expires: Sat, 20 Nov 2021 22:34:51 GMT

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame B164 42 B
417 B 50ms
21ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5124322320346354640
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20833175p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Nov 2021 22:34:51 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame B164 43 B
191 B 253ms
200ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5124322320346354640

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20833175p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 22:34:52 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 20 Nov 2021 22:34:52 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame B164
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322320346354640&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322320346354640&img=1&__user_check__=1&sync_id=13a40adc-4a52-11ec-b340-1708f5200406

43 B
548 B

18ms
18ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322320346354640&img=1&__user_check__=1&sync_id=13a40adc-4a52-11ec-b340-1708f5200406
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20833175p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 74
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Server: nginx
Location: /partner?adv_id=7180&uid=5124322320346354640&img=1&__user_check__=1&sync_id=13a40adc-4a52-11ec-b340-1708f5200406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 84
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame B164 43 B
183 B 306ms
99ms Image
image/gif 2600:1f18:612b:4264:d436:a7a1:a7a:c65e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5124322320346354640&r=rmcGa-UR6H7C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:d436:a7a1:a7a:c65e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20833175p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 22:34:52 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame B164 43 B
238 B 36ms
7ms Image
image/gif 35.156.119.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5124322320346354640
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.119.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-119-137.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20833175p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 22:34:51 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame B164 0
338 B 103ms
29ms Image
text/plain 52.17.218.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5124322320346354640
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.218.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-218-77.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20833175p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 22:34:51 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1637447691
x-served-by: beacon-n022-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame B164
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322320346354640&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322320346354640&expires=30

43 B
495 B

9ms
9ms

Image
image/gif

18.195.106.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322320346354640&expires=30
Protocol: HTTP/1.1
Server: 18.195.106.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-106-43.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20833175p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322320346354640&expires=30
Date: Sat, 20 Nov 2021 22:34:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame B164
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://p.rfihub.com/cm?in=1&pub=21653&userid=YZl4CwAAAL2JugQE

42 B
1 KB

18ms
17ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=YZl4CwAAAL2JugQE
Protocol: HTTP/1.1
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20833175p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 22:34:51 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 20 Nov 2021 22:34:51 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637447692.940813,VS0,VE0
x-served-by: cache-hhn4051-HHN
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=YZl4CwAAAL2JugQE
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/350469249/ 2 KB
2 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/350469249/?random=1637447691766&cv=9&fst=1637447691766&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.secure-bluebird.com%2F&tiba=Login%20-%20Bluebird&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

787bf2d24ffe327490dc5b57ad5f0a0b45cd3a2a8cab32c1ad43b1e19ef47b23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 22:34:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/350469249/ 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/350469249/?random=1637447691766&cv=9&fst=1637445600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.secure-bluebird.com%2F&tiba=Login%20-%20Bluebird&async=1&fmt=3&is_vtc=1&random=3418893081&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 22:34:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/350469249/ 42 B
548 B 39ms
17ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/350469249/?random=1637447691766&cv=9&fst=1637445600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.secure-bluebird.com%2F&tiba=Login%20-%20Bluebird&async=1&fmt=3&is_vtc=1&random=3418893081&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.secure-bluebird.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 22:34:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.secure-bluebird.com/	1970-01-19 22:52:14	Name: servequeryparameters Value:
.demdex.net/	1970-01-20 03:09:59	Name: demdex Value: 39912129146877572931063879265252898452
.secure-bluebird.com/	1969-12-31 23:59:59	Name: AMCVS_B50D40075A980C9B0A495DE1%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 07:36:23	Name: everest_g_v2 Value: g_surferid~YZl4CwAAAL2JugQE
.dpm.demdex.net/	1970-01-20 03:09:59	Name: dpm Value: 39912129146877572931063879265252898452
.secure-bluebird.com/	1970-01-20 16:21:59	Name: AMCV_B50D40075A980C9B0A495DE1%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18952%7CMCMID%7C40013750810094927141019985181828485011%7CMCAAMLH-1638052491%7C6%7CMCAAMB-1638052491%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1637454891s%7CNONE%7CMCSYNCSOP%7C411-18959%7CvVersion%7C5.2.0
.secure-bluebird.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.secure-bluebird.com/	1970-01-20 01:00:23	Name: _gcl_au Value: 1.1.1565585806.1637447692
.rfihub.com/	1970-01-20 08:12:23	Name: rud Value: H4sIAAAAAAAAAOMSNjU0MjE2MjI2MjA2MTM2NTEzMRDiM9QtTbEIzfE290w0KTGX4jU0MzY3MTE3szQ0NzYHALiM-WY0AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MjE2MjI2MjA2MTM2NTEzMRDiM9QtTbEIzfE290w0KTEHAILwbgAlAAAA
.adnxs.com/	1970-01-20 01:00:23	Name: uuid2 Value: 5629374975621637975
.adnxs.com/	1970-01-20 01:00:23	Name: anj Value: dTM7k!M4/YErk#WF']wIg2C''d@MDQ!]tbPl1MNu::wpAk`W=me:[2Tk_>pae9Cqee9C1gXdq]Y-bAA_!2>h9/+0J2!'.[YCR>).
.doubleclick.net/	1970-01-20 08:12:23	Name: IDE Value: AHWqTUlJLufD8BaUbLPzYxvClYYjoO-u5uvc0fYIIQpfToYd0Kl_gUOScRaVvylmgE0
.eyeota.net/	1970-01-19 22:50:48	Name: SERVERID Value: 20961~DM
.media.net/	1970-01-20 07:36:23	Name: visitor-id Value: 2804492919537963000V10
.media.net/	1970-01-20 07:34:57	Name: data-rk Value: 5124322320346354640~~3
.casalemedia.com/	1970-01-20 07:36:23	Name: CMID Value: YZl4C5iu.dneI06DERHTtwAA
.casalemedia.com/	1970-01-20 01:00:23	Name: CMPS Value: 5206
.spotxchange.com/	1970-01-20 07:36:27	Name: audience Value: 13a40aa4-4a52-11ec-b340-1708f5200406
.bidswitch.net/	1970-01-20 07:36:23	Name: tuuid Value: 47313a1e-1348-4bdf-a0fe-d8e4fed78b74
.bidswitch.net/	1970-01-20 07:36:23	Name: c Value: 1637447691
.bidswitch.net/	1970-01-20 07:36:23	Name: tuuid_lu Value: 1637447691
.rfihub.com/	1970-01-20 08:12:23	Name: smd Value: H4sIAAAAAAAAADPiNTQzNjcxMTezNLQ0NQEA9G5wnw8AAAA
.rezync.com/	1970-01-20 03:09:30	Name: zync-uuid Value: 12f763da-1ebf-4f0e-8eba-31d574bc7475:1637447691.89
live.rezync.com/	1970-01-20 03:09:59	Name: sd-session-id Value: .eJwVikEPgiAYQP9K-84eENADW5emtbWAC6vpxRWyhYo10QuO_x7d3nt7O3Rfs7jnbOYV2LpsJgM92WQe2A7eBmdGYFDkmBKMCUaElqSgJUUQM_DGe_uZO9v_78MrnVxdnQhNaC_1yh9321qE2uE03dR7alxq4TwKpVHjOBGVzuVQYx40SoylqjdZjUeI8Qe0MDDE.FHsJiw.3GdDyXvevDfCW7LPqdQaYIVvulU
.casalemedia.com/	1970-01-20 01:00:23	Name: CMPRO Value: 1114
.casalemedia.com/	1970-01-19 22:52:14	Name: CMST Value: YZl4C2GZeAsA
.casalemedia.com/	1970-01-20 07:36:23	Name: CMRUM3 Value: 396199780b27605124322320346354640
.krxd.net/	1970-01-20 03:09:59	Name: _kuid_ Value: Ofm8UwTI
.rlcdn.com/	1970-01-20 07:36:23	Name: rlas3 Value: i/v4/PVDoG4oggbaIM+O/T3SDtZzZsK9KDsrSIzm2eM=
.rlcdn.com/	1970-01-20 00:17:11	Name: pxrc Value: CIzw5YwGEgYIuuoBEAA=
.rfihub.com/	1970-01-20 08:12:23	Name: eud Value: H4sIAAAAAAAAAOOSMXR2dA12dXRzDw7x9MoPjq_w1E02cYwyqbJMKVfiVIl38o4PDfV0CeI1NDM2NzExN7M0tLA0y0JwjQyMjGcxIkmbmxiuQuOfQuO_QuP_QuNPYkLlz0LjL0Ljr0Ljb0Lj70JXz4LKv4XMtzA0W8QqEBmVY-Jc7ujo6GPkVZoe6LqKFUmJpanxJlY0K7jRvITGnyRsZGiUZm5mnJKoa5ialKZrkmaQqmuRmpSoa2yYYmpukpRsbmJuaoXQpGdhOUsY2VJzk0XCqIY-QuMDAG_q7afPAQAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAOOSMXR2dA12dXRzDw7x9MoPjq_w1E02cYwyqbJMKVfiVIl38o4PDfV0WcUoEBmVY-Jc7ujo6GPkVZoe6NrEYmRolGZuZpySqGuYmpSma5JmkKprkZqUqGtsmGJqbpKUbG5ibmplaGZsbmJibmZpqGdhCQCkUwLJcQAAAA

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.secure-bluebird.com/static/media/poppins-v15-latin-regular.5b8f3ba8.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.secure-bluebird.com/static/media/poppins-v15-latin-600.e49343f0.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.secure-bluebird.com/static/media/poppins-v15-latin-500.dc16a359.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.secure-bluebird.com/static/media/poppins-v15-latin-600.8c4516c5.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.secure-bluebird.com/static/media/poppins-v15-latin-regular.c14093ce.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.secure-bluebird.com/static/media/poppins-v15-latin-500.ff86872b.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.secure-bluebird.com/static/media/poppins-v15-latin-600.154211b0.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.secure-bluebird.com/static/media/poppins-v15-latin-regular.b739ab04.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.secure-bluebird.com/static/media/poppins-v15-latin-500.9b645762.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://c.evidon.com/sitenotice/5229/secure-bluebird/settings.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20833175p.rfihub.com
a.rfihub.com
aa.agkn.com
assets.adobedtm.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c.evidon.com
c1.rfihub.net
cm.everesttech.net
cm.g.doubleclick.net
contextual.media.net
dpm.demdex.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
incommholdings.demdex.net
incommholdingsbluebirdprod.112.2o7.net
live.rezync.com
p.rfihub.com
partners.tremorhub.com
pixel.rubiconproject.com
ps.eyeota.net
stags.bluekai.com
sync-tm.everesttech.net
sync.search.spotxchange.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.secure-bluebird.com
x.bidswitch.net
x.dlx.addthis.com
104.111.215.191
104.111.244.187
13.36.218.177
142.250.186.98
143.204.98.33
151.101.66.49
18.184.216.10
18.195.106.43
185.33.220.145
185.94.180.125
193.0.160.129
194.32.77.243
2.18.234.21
2.18.235.93
216.58.212.162
2600:1f18:612b:4264:d436:a7a1:a7a:c65e
2600:9000:2156:a000:1:76cf:fe80:93a1
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2003
2a02:26f0:6c00:299::1e80
3.229.229.140
35.156.119.137
35.244.174.68
52.17.218.77
52.208.127.56
52.59.21.149
54.194.191.134
69.173.144.139
02eebb68d23e29b3c8b0557b6e4087f3c6b875301255fe960efb7f1ec3049111
0821bd2158b7c2d4165a43a999f30fdc1dc977c6f216ae950298b0237189c0e2
08dd3fea0cacd7dc3f816ede89b9234d6746ead0d3be4cf06ee3493f40f604d4
09a6dc4063514e71d9f7a441fe529a5acde00e622c36146aecc21cbaa20207be
139d3073d96ba2e8741c8a7247d4bc4705ad01c1fdef207043080e8288ff3298
153c4a34711595fd4d5626d337570664e0c8b5946df17574a28563ed7612eda7
166ed11ecd28aa9d58073354c5480194eb2bfaa9ead67d3fc3ca21da9acb4eac
2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9
363c5f667467a45d02192430f1cad5782a529d74a92acd6b3711d4007bfa52c7
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f84baa916f797921af359b333dc340ab665b913c483e1f252617eaf3b85de51
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5df96911f0f8c3aae5d4281ea958f34f51f1f32e926f1f12ba213d14917b912f
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
6c734364d8757534cc2f90cd9c3312f9bfd23279456b674ea7cdebecc6b749fe
6d7a228b83852bad0e3e1e70faa1d6b7e6710b91d2406478a54a2271a63d4757
71df5d1b9ec8f5ad2f7d3ff70373775c509e88ebbab8710c16a2de354353b3a4
77e03cda4a666914edca889a658cd3ce889dc91dff0f4e7fbef66d8d42dd3c65
787bf2d24ffe327490dc5b57ad5f0a0b45cd3a2a8cab32c1ad43b1e19ef47b23
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
822a5b162e00b6ef60ffe08a14b38ad7ccfaaf49421fef66a5703c75f115ee6f
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
92c5b25edbc4647c55be848b92ea22fd4618cc3252a2364025262e18a7430f84
938c77a89e7d38efbff80ca2324b5191f90c6d790c247e0aabaae93bd62a7763
971e89223e30f7db5ce5fff50c26ac94177701cbf5df62b2a580f72d6dfa8ad8
97a17cc1a4f61bf019046b53ed7dbba0289ed3daec451dc4417f758ae0afdc38
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9c6d7cfc7c456b2530513c5b7e40e6ee657cc3fea60a45ded262ebbc6e60973f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a1ee642a0aa5c7955dc4a3cb4acdd87b1cf59d7ea5e7e67598cde060b2935216
a9f74a1067b50860b7a8a8beede9d15db889f5e14e17f14fca2f220d427f452f
aeb54a5d166b2cad99916c0913421995cfb2b24a76a39a920263b17e1e15c7e7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc09aea0d52534a53b4aa787e07761565df63ba6d6010409f0da4f1622c5d719
cfc3ce3e5d9b88e1df297b78fe5588249dd37d4ba72a57c1577b75fe2e12c746
d46474961b959043363b8fc55a35f11fda04b95b78a18b714360903c0d517d5b
d59d8f4b25b32c07d4a42a0b568cd7ea715878dcd3251de27cb9502aee2bc787
d89c3dfb07867e92b19b354ae45f6597df000acd7293bf8c41a3fb4814b7c1d9
e19493be7608180b96b83602b373bb56b970ed535553321d63aa1846e235c6bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f83834a898ed1d9986a9b617045b57bfdf3e6e8733836c528569fd9b8fa49b
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6515f06ad97dd59f7010f12e12bd07e3a668fadf32b06923a2bd538a0f0661b
eabaff2a02661c0162d52bbc76afa2e9c515804e45f0caa547d2944308434978
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75

www.secure-bluebird.com Open in urlscan Pro 194.32.77.243 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

80 Requests

88 %HTTPS

26 %IPv6

30 Domains

35 Subdomains

28 IPs

5 Countries

1398 kBTransfer

3973 kBSize

33 Cookies

17 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.secure-bluebird.com Open in urlscan Pro
194.32.77.243 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

88 %
HTTPS

26 %
IPv6

30
Domains

35
Subdomains

28
IPs

5
Countries

1398 kB
Transfer

3973 kB
Size

33
Cookies

80 HTTP transactions
1 data transactions