www.1mg.com Open in urlscan Pro
2606:4700:10::6814:d632 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ltvsnl2.ltncapp01.com/vtrack?clientid=16128&ul=AlFWA1ELUlVPUUhYVFlDDx0HWRJRWkVVcVkCXAEKUgReDktWDlUdDVIKQVobVlcQWwxKAHl...
Effective URL:
https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%2...
Submission: On June 05 via api (June 5th 2024, 4:18:06 am UTC) from IN — Scanned from DE

Summary HTTP 155 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 68 IPs in 13 countries across 54 domains to perform 155 HTTP transactions. The main IP is 2606:4700:10::6814:d632, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.1mg.com. The Cisco Umbrella rank of the primary domain is 391531.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 25th 2024. Valid for: a year.

This is the only time www.1mg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	65.1.226.94 65.1.226.94	16509 (AMAZON-02) (AMAZON-02)
2 2	104.83.4.64 104.83.4.64	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
20	2606:4700:10:... 2606:4700:10::6814:d632	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:275... 2600:9000:275d:3600:16:a497:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
16	2600:9000:223... 2600:9000:223f:8c00:d:a7d1:b5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.225.78.93 13.225.78.93	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
6	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:1::... 2606:4700:1::6813:854c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:710... 2a02:26f0:7100::1720:eec2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 6	2600:9000:264... 2600:9000:2644:cc00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 _) (CDN77 _)
2	2600:9000:235... 2600:9000:2359:2800:14:81fb:1e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	184.50.249.159 184.50.249.159	16625 (AKAMAI-AS) (AKAMAI-AS)
1 6	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	104.83.4.122 104.83.4.122	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:223... 2600:9000:223e:4e00:1e:6c7e:cb00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:cc3... 2a05:d018:cc3:fe05:1e71:f4c5:d8ff:ac61	16509 (AMAZON-02) (AMAZON-02)
1 2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	182.161.74.16 182.161.74.16	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
3	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	2a02:2638:3::19 2a02:2638:3::19	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
2 4	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
1	89.149.192.201 89.149.192.201	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.72.172.22 54.72.172.22	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1	18.202.102.64 18.202.102.64	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.37.12.27 23.37.12.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.159.17.218 18.159.17.218	16509 (AMAZON-02) (AMAZON-02)
1	54.171.168.223 54.171.168.223	16509 (AMAZON-02) (AMAZON-02)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.57.182.118 52.57.182.118	16509 (AMAZON-02) (AMAZON-02)
1	23.37.13.101 23.37.13.101	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:612... 2600:1f18:612b:4264:551d:13a8:79ea:bf3e	14618 (AMAZON-AES) (AMAZON-AES)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	52.209.221.228 52.209.221.228	16509 (AMAZON-02) (AMAZON-02)
1	52.57.190.200 52.57.190.200	16509 (AMAZON-02) (AMAZON-02)
1 2	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
155	68

1 65.1.226.94 (Mumbai, India) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-65-1-226-94.ap-south-1.compute.amazonaws.com

ltvsnl2.ltncapp01.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.83.4.64 (Vienna, Austria) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-83-4-64.deploy.static.akamaitechnologies.com

onemg.sng.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:10::6814:d632 (United States)

ASN13335 (CLOUDFLARENET, US)

www.1mg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.1mg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rudderapi.1mg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:275d:3600:16:a497:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:9000:223f:8c00:d:a7d1:b5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

onemg.gumlet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-93.fra2.r.cloudfront.net

api.rudderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

cdn.ravenjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:1::6813:854c (United States)

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6a5414336da80c268bd0ad7124248bed.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100::1720:eec2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

web-sdk-cdn.singular.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2644:cc00:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

tags.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2359:2800:14:81fb:1e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.notifyvisitors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.50.249.159 (Fortaleza, Brazil)

ASN16625 (AKAMAI-AS, US)
PTR: a184-50-249-159.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 103.132.192.30 (Singapore) 1 redirects

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.83.4.122 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-83-4-122.deploy.static.akamaitechnologies.com

sdk-api-v1.singular.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:4e00:1e:6c7e:cb00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.notifyvisitors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe05:1e71:f4c5:d8ff:ac61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

widget.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::19 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

measurement-api.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.149.192.201 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.172.22 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-172-22.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.102.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-102-64.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.12.27 (Fortaleza, Brazil)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-12-27.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.17.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-17-218.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.168.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-168-223.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.182.118 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-182-118.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.13.101 (Fortaleza, Brazil)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-13-101.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:551d:13a8:79ea:bf3e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.221.228 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-221-228.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.190.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-190-200.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.133 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	1mg.com www.1mg.com — Cisco Umbrella Rank: 391531 assets.1mg.com — Cisco Umbrella Rank: 582080 rudderapi.1mg.com — Cisco Umbrella Rank: 584338	872 KB
16	gumlet.io onemg.gumlet.io — Cisco Umbrella Rank: 512076	339 KB
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 6a5414336da80c268bd0ad7124248bed.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 174	332 KB
9	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2422 rs.fullstory.com — Cisco Umbrella Rank: 2195	108 KB
8	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 236 stats.g.doubleclick.net — Cisco Umbrella Rank: 130 cm.g.doubleclick.net — Cisco Umbrella Rank: 276	175 KB
7	creativecdn.com 1 redirects tags.creativecdn.com — Cisco Umbrella Rank: 6584 asia.creativecdn.com — Cisco Umbrella Rank: 25435	4 KB
7	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 3795 d.adroll.com — Cisco Umbrella Rank: 1794	119 KB
6	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 499 sslwidget.criteo.com — Cisco Umbrella Rank: 2270 widget.as.criteo.com — Cisco Umbrella Rank: 46551 measurement-api.criteo.com — Cisco Umbrella Rank: 2066 dis.criteo.com — Cisco Umbrella Rank: 719	6 KB
5	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3490 tr.outbrain.com — Cisco Umbrella Rank: 3358 wave.outbrain.com — Cisco Umbrella Rank: 3391 sync.outbrain.com — Cisco Umbrella Rank: 836	10 KB
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 277	4 KB
4	google.de www.google.de — Cisco Umbrella Rank: 8139 ampcid.google.de — Cisco Umbrella Rank: 122944	554 B
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3163 ampcid.google.com — Cisco Umbrella Rank: 3313 www.google.com — Cisco Umbrella Rank: 5	813 B
4	singular.net web-sdk-cdn.singular.net — Cisco Umbrella Rank: 19055 sdk-api-v1.singular.net — Cisco Umbrella Rank: 5064	48 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 65 region1.google-analytics.com — Cisco Umbrella Rank: 2406	21 KB
3	adform.net 1 redirects cm.adform.net — Cisco Umbrella Rank: 1329 c1.adform.net — Cisco Umbrella Rank: 648	1 KB
3	notifyvisitors.com www.notifyvisitors.com — Cisco Umbrella Rank: 153005 cdn.notifyvisitors.com — Cisco Umbrella Rank: 160835	21 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 361	14 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 250	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 2067	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 523	721 B
2	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 534 ajax.googleapis.com — Cisco Umbrella Rank: 461	169 KB
2	mgid.com a.mgid.com — Cisco Umbrella Rank: 12418	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	227 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 119	3 KB
2	rudderstack.com api.rudderstack.com — Cisco Umbrella Rank: 11112	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	70 KB
2	rudderlabs.com cdn.rudderlabs.com — Cisco Umbrella Rank: 11731	39 KB
2	sng.link 2 redirects onemg.sng.link	724 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2231	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3144	38 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 48776	153 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 448	140 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2905	399 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 3109	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 550	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 421	239 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 902	225 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1232	423 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1715	883 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 753	813 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 13447	274 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 769	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 573	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 792	342 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1298	378 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1800	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 723	163 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 389	235 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 324	30 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 748	16 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1009	7 KB
1	ravenjs.com cdn.ravenjs.com — Cisco Umbrella Rank: 11465	8 KB
1	ltncapp01.com 1 redirects ltvsnl2.ltncapp01.com	366 B
0	tatadigital.com Failed accounts.tatadigital.com Failed
155	54

	Domain	Requested by
16	onemg.gumlet.io	www.1mg.com
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.1mg.com pagead2.googlesyndication.com
8	assets.1mg.com	www.1mg.com
7	www.1mg.com	www.1mg.com assets.1mg.com static.cloudflareinsights.com
6	asia.creativecdn.com	1 redirects www.1mg.com tags.creativecdn.com
6	s.adroll.com	1 redirects www.googletagmanager.com www.1mg.com s.adroll.com
6	edge.fullstory.com	cdn.rudderlabs.com edge.fullstory.com rs.fullstory.com
5	rudderapi.1mg.com	cdn.rudderlabs.com
4	ib.adnxs.com	2 redirects www.1mg.com
4	securepubads.g.doubleclick.net	assets.1mg.com securepubads.g.doubleclick.net imasdk.googleapis.com
3	rs.fullstory.com	edge.fullstory.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	www.google.de	www.1mg.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	bat.bing.com	www.1mg.com bat.bing.com
2	c1.adform.net	1 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	sync.1rx.io	2 redirects
2	tr.outbrain.com	amplify.outbrain.com
2	www.google.com	www.1mg.com
2	sdk-api-v1.singular.net	web-sdk-cdn.singular.net
2	gum.criteo.com	1 redirects static.criteo.net
2	www.notifyvisitors.com	www.1mg.com cdn.notifyvisitors.com
2	web-sdk-cdn.singular.net	www.googletagmanager.com web-sdk-cdn.singular.net
2	a.mgid.com	www.1mg.com
2	www.googletagmanager.com	www.1mg.com www.googletagmanager.com
2	www.facebook.com	www.1mg.com
2	api.rudderstack.com	cdn.rudderlabs.com
2	connect.facebook.net	www.1mg.com connect.facebook.net
2	cdn.rudderlabs.com	www.1mg.com cdn.rudderlabs.com
2	onemg.sng.link	2 redirects
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	a.twiago.com
1	eb2.3lift.com
1	criteo-partners.tremorhub.com
1	criteo-sync.teads.tv
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	contextual.media.net
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	sync.targeting.unrulymedia.com
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	dis.criteo.com
1	x.bidswitch.net
1	cm.g.doubleclick.net
1	ajax.googleapis.com	cdn.notifyvisitors.com
1	measurement-api.criteo.com	cdn.rudderlabs.com
1	wave.outbrain.com	amplify.outbrain.com
1	widget.as.criteo.com	www.1mg.com
1	sslwidget.criteo.com	1 redirects
1	d.adroll.com	s.adroll.com
1	cdn.notifyvisitors.com	www.notifyvisitors.com
1	ampcid.google.de	www.google-analytics.com
1	www.googletagservices.com	www.googletagmanager.com
1	ampcid.google.com	www.google-analytics.com
1	region1.analytics.google.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	amplify.outbrain.com	www.1mg.com
1	static.criteo.net	www.googletagmanager.com
1	imasdk.googleapis.com	www.googletagmanager.com
1	tags.creativecdn.com	www.googletagmanager.com
1	6a5414336da80c268bd0ad7124248bed.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	static.cloudflareinsights.com	www.1mg.com
1	cdn.ravenjs.com	www.1mg.com
1	ltvsnl2.ltncapp01.com	1 redirects
0	accounts.tatadigital.com Failed	www.1mg.com
155	78

This site contains links to these domains. Also see Links.

Domain
pagead2.googlesyndication.com
sellonline.tataaia.com

Subject Issuer	Validity	Valid
*.1mg.com Go Daddy Secure Certificate Authority - G2	`2024-04-25` - `2025-04-25`	a year	crt.sh
*.rudderlabs.com Amazon RSA 2048 M03	`2024-05-14` - `2025-06-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-14` - `2024-06-12`	3 months	crt.sh
*.gumlet.io Amazon RSA 2048 M03	`2023-09-27` - `2024-10-26`	a year	crt.sh
*.rudderstack.com Amazon RSA 2048 M03	`2023-10-24` - `2024-11-19`	a year	crt.sh
cdn.ravenjs.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-06` - `2025-04-07`	a year	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2024-05-03` - `2024-08-01`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
mgid.com E1	`2024-05-09` - `2024-08-07`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
*.singular.net DigiCert TLS RSA SHA256 2020 CA1	`2024-03-06` - `2025-03-06`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2024-05-03` - `2025-06-01`	a year	crt.sh
1589314308.rsc.cdn77.org R3	`2024-05-29` - `2024-08-27`	3 months	crt.sh
notifyvisitors.com Amazon RSA 2048 M03	`2024-05-14` - `2025-06-12`	a year	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-25` - `2024-07-19`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2024-04-05` - `2025-04-30`	a year	crt.sh
*.google.de WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-15` - `2024-07-10`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh
rs.fullstory.com GTS CA 1D4	`2024-05-02` - `2024-07-31`	3 months	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-15` - `2024-08-07`	3 months	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.taboola.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2024-05-01` - `2024-07-30`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M02	`2024-04-28` - `2025-05-27`	a year	crt.sh
itm.ivitrack.com R3	`2024-04-12` - `2024-07-11`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2024-05-06` - `2025-06-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-12-19` - `2025-01-16`	a year	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-19` - `2025-04-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M03	`2024-05-14` - `2025-06-12`	a year	crt.sh
teads.tv R3	`2024-04-12` - `2024-07-11`	3 months	crt.sh
*.tremorhub.com Amazon RSA 2048 M03	`2024-01-24` - `2025-02-21`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-11`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-07` - `2025-01-06`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M03	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M03	`2024-04-02` - `2025-05-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
Frame ID: 61178532285D8CD79B545DBA64F68FE0
Requests: 104 HTTP requests in this frame

Frame: https://6a5414336da80c268bd0ad7124248bed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B368EBA3997A703F7A997E6B9EE2CCEB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuCyygn6HjDIWyPcJGS8QNB1jRU6yqmCTSPjkLewYWVJW_5tIAp3Ahb32xJGG_F3xWUc1I5tBVBt4SKfuZfeikuW1tH1Ef0m17K6w2Mh1RzNRnGf86Cjr8Yo9Ga8nS33Pz_J79C9un03k0v_gdVVAlbQ8iz4BhUh2Fbfm5ErKKvVw0RZtjnsa8EOqbY9ESJv9gi8JZ5ndtAmGaRMSZl1zu34Xq-EuP-1K9_eUa-zqYwBJAhQGiFjB_h5zqtRxdqZgJNLXmmR1Cy_gnxk3wR2tGZj4gzZ2Fauv5iHdG8gL_JmVmkh8hIO9r61PZUHfMzp57sNQhs_yWPRbBhELp8xCmIAphcW1r4Cp61HxAtuhcN9B6VY2R9xagW&sig=Cg0ArKJSzKxTaXNuuI4HEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: E5E58B30E5D6A8E8AAC4A9FC0AE2C3B0
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.1mg.com&origin=onetag
Frame ID: 4E7C32BDF29C00FE8BBFD2A96823C7D2
Requests: 1 HTTP requests in this frame

Frame: https://asia.creativecdn.com/ig-membership?ntk=wIrhrfLtP1P6tooDxw_ZvCN3wNF278cBg_q8UqJMqCXpLoZx0KNk8L8WXWcDUOYv7-6vdHLCU8QCn4rksPzcoWcoebYdbqd2T_q76E5VH_c
Frame ID: 378B5ED77297F450431611121D42C86F
Requests: 1 HTTP requests in this frame

Frame: https://asia.creativecdn.com/topics-membership?ntk=XO60xwt55n_WcjicvjUSHmfN7JzwYJn8HtIvIEnJ9NPafZVfTZutPSih_iH0n4V5IBelMRH6bwSuuFxQxE97_A57a5cGgjowvSwRJjb9yRY
Frame ID: 378C1F7566EE914FDBEFA2AEF013728D
Requests: 1 HTTP requests in this frame

Frame: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Frame ID: 4E99C66E7FE07E0743C23E7DE50072B8
Requests: 2 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-ZKOINCjMt43DTq9-K6gvGUoezknEK3HEaWnuWA&google_cm&google_hm=ay1aS09JTkNqTXQ0M0RUcTktSzZndkdVb2V6a25FSzNIRWFXbnVXQQ
Frame ID: B576A83E62782CFDEE15689AA616ECDC
Requests: 28 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CFE82F08F92D3E866142993B9DF1960C
Requests: 1 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: DC8CAE81356AF09EF10E3C895DD5301D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Pharmacy India | Buy Medicines from India's Trusted Medicine Store: 1mg.com

Page URL History Show full URLs

https://ltvsnl2.ltncapp01.com/vtrack?clientid=16128&ul=AlFWA1ELUlVPUUhYVFlDDx0HWRJRWkVVcVkCXAEKUgReDktWDlU... HTTP 302
https://onemg.sng.link/Axji9/d2oo?_ios_dl=onemg%3A%2F%2Fwww.1mg.com%2Fhome%3Futm_source%3Demailer_N... HTTP 302
https://onemg.sng.link/ch/Axji9/d2oo?_ios_dl=onemg%3A%2F%2Fwww.1mg.com%2Fhome%3Futm_source%3Demaile... HTTP 302
https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campa... Page URL

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

155
Requests

93 %
HTTPS

48 %
IPv6

54
Domains

78
Subdomains

68
IPs

13
Countries

2654 kB
Transfer

8879 kB
Size

87
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://pagead2.googlesyndication.com/pcs/click?xai=AKAOjsutD3UJTZ0NjysyXE4Mpyc4CJNQDtfZAV8Ijj6fB4IyWtgQFXeMOgXFDdOp2FC40RS2xUAh4Mj2F5BoKviUgsR5sgZ8H0RYhIGgSzfc4faWqMnkpAin28Dwffvuexk3DhGaRznPWhb6Y0j9a9rFx6mMvnWHjEv4jYbTNFT5cR_jmsn6YHmwtEyXOUoE7441jQO4hUIJgEpdwPuMOwZzc5kFm8JOjDBcNypzb1YBnKjQS2qsa4UZWKTkUXA8nGFdF53YKKZDU6q0QteMIUNUmSTvXVM-O_C-4-ZPNY4p_rFc0OV9-YchUouu4_XVHTRRg8gzNY5HZNxJnhgVC1XLRfGmym86B3kFB2z6nUqdwbSfjx0jxcmPFuMMgXo&sig=Cg0ArKJSzKipdKZDVwog&fbs_aeid=%5Bgw_fbsaeid%5D&adurl=https://www.1mg.com/categories/personal-care/skin-care/cetaphil-skin-care-524
Title: Order Now

Search URL Search Domain Scan URL

URL: https://sellonline.tataaia.com/wps/PA_TATAAIA_SO/CampaignRedirection?campaign=BO&product=331&camcode=1899&utm_source=1mg&utm_medium=referral&utm_campaign=1mg_banner_campaign&utm_adgroup=srs&utm_content=home_page&utmcode=&cid=1mg:referral:1mg_banner_campaign:srs:home_page::1899

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ltvsnl2.ltncapp01.com/vtrack?clientid=16128&ul=AlFWA1ELUlVPUUhYVFlDDx0HWRJRWkVVcVkCXAEKUgReDktWDlUdDVIKQVobVlcQWwxKAHlcVF1SWQNUDAgeBl8IGQ==&ml=AVNTDFkIUVJPUUgHBAUFWwEf&sl=chkmSTRrHTB+NUhaQURFDV9RFg1NW1RVQUBRBEwAXwhMVQ==&pp=0&fl=WBERRRICTkxcD1FbUhxFDVRNVAhXXhh1SVoIDE0HAgpf&ext=X2lvc19kbD1vbmVtZyUzQSUyRiUyRnd3dy4xbWcuY29tJTJGaG9tZSUzRnV0bV9zb3VyY2UlM0RlbWFpbGVyX05DJTI2dXRtX21lZGl1bSUzRGVtYWlsZXJfTkMlMjZ1dG1fY2FtcGFpZ24lM0Rob21lX3BhZ2VfbXdlYiZfYW5kcm9pZF9kbD1vbmVtZyUzQSUyRiUyRnd3dy4xbWcuY29tJTJGaG9tZSUzRnV0bV9zb3VyY2UlM0RlbWFpbGVyX05DJTI2dXRtX21lZGl1bSUzRGVtYWlsZXJfTkMlMjZ1dG1fY2FtcGFpZ24lM0Rob21lX3BhZ2VfYW5kcm9pZCZfc210eXBlPTM= HTTP 302
https://onemg.sng.link/Axji9/d2oo?_ios_dl=onemg%3A%2F%2Fwww.1mg.com%2Fhome%3Futm_source%3Demailer_NC%26utm_medium%3Demailer_NC%26utm_campaign%3Dhome_page_mweb&_android_dl=onemg%3A%2F%2Fwww.1mg.com%2Fhome%3Futm_source%3Demailer_NC%26utm_medium%3Demailer_NC%26utm_campaign%3Dhome_page_android&_smtype=3&__sta=vhg.fjswogogoxsbhkqsz.unfsj%7CIFFQBYYI&__stm_medium=email&__stm_source=smartech HTTP 302
https://onemg.sng.link/ch/Axji9/d2oo?_ios_dl=onemg%3A%2F%2Fwww.1mg.com%2Fhome%3Futm_source%3Demailer_NC%26utm_medium%3Demailer_NC%26utm_campaign%3Dhome_page_mweb&_android_dl=onemg%3A%2F%2Fwww.1mg.com%2Fhome%3Futm_source%3Demailer_NC%26utm_medium%3Demailer_NC%26utm_campaign%3Dhome_page_android&_smtype=3&__sta=vhg.fjswogogoxsbhkqsz.unfsj%7CIFFQBYYI&__stm_medium=email&__stm_source=smartech HTTP 302
https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://asia.creativecdn.com/tags/v2?type=json HTTP 307
https://asia.creativecdn.com/tags/v2?type=json&tc=1

Request Chain 74

https://s.adroll.com/j/pre/U4ZFS2QH4VB65A54O43AEQ/6PFMKMAZXFGFLMSXPCJHFF/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 92

https://sslwidget.criteo.com/event?a=51601&v=5.24.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=N6k4kV81Y3g0Z3VMb3ZRcjVZUkg2QzNmN1Z4MEpLaEVaZDBZRHA2MyUyRm14M091WUVkWHFBRmVnaENGMWRmRXBQb254Yll6RGRjQ0FlYkU2dU1LMUVEU2ZidFJNU0hjN2liOGU5TUVzNEgyc3VPaXBBYTRQamp1ZWJNelQ4NlA0OSUyQjA4Z2FZUkFITCUyQlVqRkV5MWM1RXVpS1pFdVElM0QlM0Q&tld=1mg.com&fu=https%253A%252F%252Fwww.1mg.com%252F%253Freferrer%253Dsingular_click_id%25253D8431f89a-8556-47d2-b2c6-8fd9c231caa7%2526utm_campaign%253Dhome_page_dweb%252520%2526utm_medium%253Demailer_NC%2526utm_source%253Demailer_NC&ceid=85dfec3a-83fe-42e0-b32e-2389da6c0840&dtycbr=59306 HTTP 302
https://widget.as.criteo.com/event?a=51601&v=5.24.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=N6k4kV81Y3g0Z3VMb3ZRcjVZUkg2QzNmN1Z4MEpLaEVaZDBZRHA2MyUyRm14M091WUVkWHFBRmVnaENGMWRmRXBQb254Yll6RGRjQ0FlYkU2dU1LMUVEU2ZidFJNU0hjN2liOGU5TUVzNEgyc3VPaXBBYTRQamp1ZWJNelQ4NlA0OSUyQjA4Z2FZUkFITCUyQlVqRkV5MWM1RXVpS1pFdVElM0QlM0Q&tld=1mg.com&fu=https%253A%252F%252Fwww.1mg.com%252F%253Freferrer%253Dsingular_click_id%25253D8431f89a-8556-47d2-b2c6-8fd9c231caa7%2526utm_campaign%253Dhome_page_dweb%252520%2526utm_medium%253Demailer_NC%2526utm_source%253Demailer_NC&ceid=85dfec3a-83fe-42e0-b32e-2389da6c0840&dtycbr=59306

Request Chain 113

https://ib.adnxs.com/setuid?entity=315&code=o6Nods45d3Di3CFX6rrHYlgIeZhzM553fIEutWuiHfg HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3Do6Nods45d3Di3CFX6rrHYlgIeZhzM553fIEutWuiHfg

Request Chain 118

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3941302050542172321

Request Chain 121

https://sync.1rx.io/usersync/criteodsp/k-HlgfNCjMt43DTq9-K6gvGUoezkknqIR3Zh4J4w HTTP 302
https://sync.1rx.io/usersync/criteodsp/k-HlgfNCjMt43DTq9-K6gvGUoezkknqIR3Zh4J4w?zcc=1&cb=1717561082963 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-59d30fa0-8074-4caf-98a5-5a7b5c2e85d0-003

Request Chain 124

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-tloQnijMt43DTq9-K6gvGUoezkllhlyVL75OGw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-tloQnijMt43DTq9-K6gvGUoezkllhlyVL75OGw&C=1

Request Chain 125

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=m9XJpVCBHsomUoNef0hXqsMLqxC7R1LF HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=m9XJpVCBHsomUoNef0hXqsMLqxC7R1LF

Request Chain 142

https://c1.adform.net/serving/cookie/match?party=10015&cid=k-FX7ncyjMt43DTq9-K6gvGUoezkm8i4grrmvNdQ HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=10015&cid=k-FX7ncyjMt43DTq9-K6gvGUoezkm8i4grrmvNdQ

155 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.1mg.com/
Redirect Chain

https://ltvsnl2.ltncapp01.com/vtrack?clientid=16128&ul=AlFWA1ELUlVPUUhYVFlDDx0HWRJRWkVVcVkCXAEKUgReDktWDlUdDVIKQVobVlcQWwxKAHlcVF1SWQNUDAgeBl8IGQ==&ml=AVNTDFkIUVJPUUgHBAUFWwEf&sl=chkmSTRrHTB+NUhaQU...
https://onemg.sng.link/Axji9/d2oo?_ios_dl=onemg%3A%2F%2Fwww.1mg.com%2Fhome%3Futm_source%3Demailer_NC%26utm_medium%3Demailer_NC%26utm_campaign%3Dhome_page_mweb&_android_dl=onemg%3A%2F%2Fwww.1mg.com%...
https://onemg.sng.link/ch/Axji9/d2oo?_ios_dl=onemg%3A%2F%2Fwww.1mg.com%2Fhome%3Futm_source%3Demailer_NC%26utm_medium%3Demailer_NC%26utm_campaign%3Dhome_page_mweb&_android_dl=onemg%3A%2F%2Fwww.1mg.c...
https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

610 KB
103 KB

665ms
623ms

Document
text/html

2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

642f7f1afc83ff364ec3ea2e2a97be46af8507ed361b0f719ef168c89c1f21c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-expose-headers: TMP_HKP_USER_ID
cache-control: public
cf-cache-status: DYNAMIC
cf-ray: 88ed5b209a2d4d32-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 05 Jun 2024 04:17:58 GMT
pragma: public
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
visitor-id: 5cdca219-f09b-4c4e-8ebe-a037c07f13ec_SiAu1KLe3e_1167_1717561078248
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-visitor-id: 5cdca219-f09b-4c4e-8ebe-a037c07f13ec_SiAu1KLe3e_1167_1717561078248
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 179
content-type: text/html; charset=utf-8
date: Wed, 05 Jun 2024 04:17:57 GMT
expires: Wed, 05 Jun 2024 04:17:57 GMT
location: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb &utm_medium=emailer_NC&utm_source=emailer_NC
pragma: no-cache
vary: Accept-Encoding

GET
H2 200 ClearSans-Regular.woff2
assets.1mg.com/hkp/1.0.0/static/css/fonts/clearsans-1.00/WOFF2/ 44 KB
44 KB 64ms
33ms Font
application/octet-stream 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.1mg.com/hkp/1.0.0/static/css/fonts/clearsans-1.00/WOFF2/ClearSans-Regular.woff2
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 602358d68544ed2d54986ebd6ae716461cd6d68433e99f2e1ca63d2a284034c3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Origin: https://www.1mg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:58 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: NHB3QMQB3Q24ED0A
age: 82322
x-amz-server-side-encryption: AES256
x-amz-id-2: OCble/uZ1PomV99jLggq2Rhq3cDqNXee2tPILQlsnv/8I5+csRyL/Q3Cob3g7X5E6h225RSjO0k=
last-modified: Thu, 30 May 2024 14:45:14 GMT
server: cloudflare
etag: W/"4dd5d02bf54ad96ae7d03bf6cef6a966"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
content-type: text/plain
cache-control: max-age=31536000
cf-ray: 88ed5b24c9b52bdf-FRA

GET tdl-sso-auth.js
accounts.tatadigital.com/v2/ 0
0

GET
H2 200 rudder-analytics.min.js Show response
cdn.rudderlabs.com/v1.1/ 122 KB
35 KB 55ms
7ms Script
application/javascript 2600:9000:275d:3600:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:3600:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68b1bfa295429f6c9be793b0daf7ed0dcad6959e42a1ae57e983d206cb366792

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:06:18 GMT
content-encoding: br
via: 1.1 11c65b00bf7f76c861a15dcad5558b9c.cloudfront.net (CloudFront)
last-modified: Tue, 04 Jun 2024 06:04:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 745
x-amz-server-side-encryption: AES256
etag: W/"bf3e1082bd9283c913d0995066770b4e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: M8jsnKmXqdttxAvz6B_2yRwa5USLZIo0JDoPEm5qj3X3sgHUGX26Lw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 36ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Jun 2024 04:17:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57975
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2778, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 0p+74AAqvccBFSNhz1dLVmV7Uwltba4wZwu2VoArEZCwVtD/Na7KmbutQUh6fUcd3hP5FSQSEGNue9WNx5bpPQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tata_1mg_logo.svg
www.1mg.com/images/ 7 KB
3 KB 429ms
428ms Image
image/svg+xml 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.1mg.com/images/tata_1mg_logo.svg

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddb459f341fe3717372b613db375fc1e2886da52acd6fc8eb06a4228ae60de54

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 30 May 2024 14:39:12 GMT
server: cloudflare
etag: W/"1c92-18fc9f0ca80"
cache-status: HIT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.1mglabs.com
cache-control: public, max-age=0
cf-ray: 88ed5b258db64d32-FRA

GET
H2 200 cart-icon-rebrand_vp4k0f.svg
onemg.gumlet.io/ 947 B
2 KB 42ms
11ms Image
image/svg+xml 2600:9000:223f:8c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/cart-icon-rebrand_vp4k0f.svg

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:8c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

00ea35066ac2d3866e2b171191643fd38c03ec5f358237d0e89c13364641732d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Oct 2023 06:42:57 GMT
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 651d0971a7414a26ec2900b1
x-amz-cf-pop: FRA56-P5
age: 21159301
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.133
alt-svc: h3=":443"; ma=86400
content-length: 947
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: onemg.gumlet.io 2023-07-22
etag: "h2eckjfity3q"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: LjsF2nmF5wVFjBcCxbj_9zeEUY6yOcnrL-gGcTaRL2h0mtMscxFJ3A==

GET
H2 200 ul9tzxcgrm3cfzclhi36.png
onemg.gumlet.io/ 2 KB
3 KB 40ms
10ms Image
image/webp 2600:9000:223f:8c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/ul9tzxcgrm3cfzclhi36.png

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:8c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

df89109a4619b412c75d063662f307c519859e8f109030107a157ae1b6827714

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 07 Oct 2023 00:15:50 GMT
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 6520a33691219c09e624ee48
x-amz-cf-pop: FRA56-P5
age: 20923327
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.013
alt-svc: h3=":443"; ma=86400
content-length: 1642
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: onemg.gumlet.io 2023-07-25
etag: "1kdnji7jvel25"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: dt78qKXzLlmNxwMvqh_Iwevp9qvTo1An-1XygfI2Jx04UoJvdU9e_Q==

GET
H2 200 fontawesome-webfont.woff2
assets.1mg.com/hkp/1.0.0/static/fonts/ 55 KB
56 KB 27ms
26ms Font
application/octet-stream 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.1mg.com/hkp/1.0.0/static/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Origin: https://www.1mg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:58 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 0VDQBD5TBMNC9MFP
age: 80862
x-amz-server-side-encryption: AES256
x-amz-id-2: ghQyMVKMKB0zCvkLlAWtD7Wp+Mckg4laDwBQ4B6TCiTzo7/sPKVQC+eV90L2C37VCoeaSSSaSj0=
last-modified: Thu, 30 May 2024 14:45:15 GMT
server: cloudflare
etag: W/"97493d3f11c0a3bd5cbd959f5d19b699"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
content-type: text/plain
cache-control: max-age=31536000
cf-ray: 88ed5b25ba542bdf-FRA

GET
H2 200 / Show response
api.rudderstack.com/sourceConfig/ 2 KB
2 KB 10ms
8ms XHR
application/json 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rudderstack.com/sourceConfig/?p=cdn&v=2.48.8&writeKey=1Xw0r3h5UkJhTd7i4MyWYyjDQFZ

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

Resource Hash

120a4eb7cbf17a401cce3ddaf50b1aa20e4ebf96e8cdb48839a91a4738a49507

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Basic MVh3MHIzaDVVa0poVGQ3aTRNeVdZeWpEUUZaOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 34
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 824ae0b0-22f2-11ef-80a9-5917a0e86199
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
x-amz-cf-id: qP_8TDf3tzuS-oGRmpmvdHRib9gLLBHXu9Y8KMPXKfhMfOZXEHcKsA==

OPTIONS
H2 204 /
api.rudderstack.com/sourceConfig/ Frame 0
0 40ms
8ms Preflight 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rudderstack.com/sourceConfig/?p=cdn&v=2.48.8&writeKey=1Xw0r3h5UkJhTd7i4MyWYyjDQFZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: *
access-control-max-age: 900
age: 7
alt-svc: h3=":443"; ma=86400
date: Wed, 05 Jun 2024 04:17:50 GMT
vary: Origin
via: 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
x-amz-cf-id: hlwEXEsoDMWvZtZ3Z0a8KkRwIrEpXVuEBUrvhwpM8-9sKnC9jMI8Dg==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-request-id: 928ae1a0-22f2-11ef-92fa-95382c6a1ebd

GET
H2 200 397c1135-c26a-46bd-bede-22d767f35064_1712216663.jpg
onemg.gumlet.io/ 38 KB
39 KB 21ms
19ms Image
application/x-www-form-urlencoded 2600:9000:223f:8c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/397c1135-c26a-46bd-bede-22d767f35064_1712216663.jpg?blur=80&format=auto

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:8c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2dee4daa0b2fd942361f7a4787834b8e40c476f56c4c2c6ebbf064d43cba1795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 04 Apr 2024 10:41:24 GMT
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 660e83d4a243a7dddc5f6c1e
x-amz-cf-pop: FRA56-P5
age: 5333794
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.007
alt-svc: h3=":443"; ma=86400
content-length: 38556
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: onemg.gumlet.io 2024-04-04
etag: "19v71bjvvyevo"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: application/x-www-form-urlencoded
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: Origin
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: kGPNJwE5CjVtDmPfwvJsxYQ13RSfU3JDz1kBOC44YL3L9IfpDIEILA==

GET
H2 200 diagnostics%2F2024-01%2F1706088937_1948x800+%2827%29.png
onemg.gumlet.io/ 78 KB
79 KB 9ms
8ms Image
image/webp 2600:9000:223f:8c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/diagnostics%2F2024-01%2F1706088937_1948x800+%2827%29.png

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:8c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

244a5d764dd071a482ce2ca3d3f6e864b0bc509ffb36f0326c7b9985b6569bdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 24 Jan 2024 19:22:19 GMT
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 65b1636b6bd0fd53d696e407
x-amz-cf-pop: FRA56-P5
age: 11436939
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.15
alt-svc: h3=":443"; ma=86400
content-length: 80226
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: onemg.gumlet.io 2024-01-24
etag: "1xcehzhl2ip3u"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: zB5xp6ViML8L5fpnOt60SWr9jEj_71O73h4EdWpAjHOEDQWeaW8rbQ==

GET
H2 200 d037f049-0426-43b5-b365-c89ccd788d2d.png
onemg.gumlet.io/marketing/ 30 KB
31 KB 9ms
8ms Image
image/webp 2600:9000:223f:8c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/marketing/d037f049-0426-43b5-b365-c89ccd788d2d.png

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:8c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

70b5da9ec7021d319b0feca1dd271703b35e4769a79693818f485887ee3cf014

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 15 Aug 2023 14:30:53 GMT
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 64db8c1c579636c167cfecae
x-amz-cf-pop: FRA56-P5
age: 25451225
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.316
alt-svc: h3=":443"; ma=86400
content-length: 30864
surrogate-key: onemg.gumlet.io 2023-05-24
etag: "2y34uujdpnhlu"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: E-Ct5mNBE8TTMDP5Mpmx6r9BWWfkLD364EjF-VBThDfWXosnPEIKqA==

GET
H2 200 safe_bjisiz.svg
onemg.gumlet.io/ 1 KB
2 KB 21ms
21ms Image
image/svg+xml 2600:9000:223f:8c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/safe_bjisiz.svg

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:8c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f9d5b667c6b7e4e03152a7ecb28b091672b7112489fb3b7e1d95e1c76c5206ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 08 Oct 2023 16:32:08 GMT
content-encoding: gzip
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 6522d9885c2efa5a6a66d509
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 20778350
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.02
alt-svc: h3=":443"; ma=86400
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: onemg.gumlet.io 2023-07-29
etag: W/"2ivmmznvhir9q"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: Accept-Encoding,accept
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: M96wrncc1YSz2X_loQuvwsQmXHyBFtcZPqXabMr-5H5J3_Q2fJugew==

GET
H2 200 commons-products.bundle.47c264e31c1f36759f110e0b3efc538a.js Show response
assets.1mg.com/hkp/1.0.0/static/js/ 743 KB
203 KB 35ms
35ms Script
application/javascript 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.1mg.com/hkp/1.0.0/static/js/commons-products.bundle.47c264e31c1f36759f110e0b3efc538a.js
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 387c2c6402caf8fa90bd2c0d15dc315fd6707db795dd35d2aa6056be73af0361

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 14:45:41 GMT
server: cloudflare
x-amz-request-id: JRX9XAHS5HRMVY8K
age: 83000
etag: W/"47c264e31c1f36759f110e0b3efc538a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 88ed5b261e0f4d32-FRA
x-amz-id-2: i+McM8l5FA/xQCmpuhkCWrHWaqSQhjC2X/8ieR8tmWCnttWfaOKS759Xzw0am9FrSdI0op0gkHMA2pVuAiRCAg==

GET
H2 200 homePage.bundle.dc16f30da46131135b8b2cdb366fb596.js Show response
assets.1mg.com/hkp/1.0.0/static/js/ 2 MB
314 KB 61ms
56ms Script
application/javascript 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.1mg.com/hkp/1.0.0/static/js/homePage.bundle.dc16f30da46131135b8b2cdb366fb596.js
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6cf4e7f02d4b0427aeb1e8ecdb04df15e29bf295793410d53baf0083b9441a7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 14:45:41 GMT
server: cloudflare
x-amz-request-id: 59V4STAWXE5DPV10
age: 68587
etag: W/"dc16f30da46131135b8b2cdb366fb596"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 88ed5b262e1b4d32-FRA
x-amz-id-2: 2InhJfLjDZS5YTgrg7suAGkd+7qwuTpPZy878yBa4p06YIIzKblkUBHMHORDxzKzWgyXZYv/h/A=

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.8.1/ 21 KB
8 KB 30ms
6ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.8.1/raven.min.js
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: fd2c4520a3d59da0d21fbe3d009df84ff3e448c28f7c88807fc277038f7ae9ed

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:58 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2016 16:35:03 GMT
server: Fastly
age: 4089
etag: "f05c5502275fc20f0d12d8c0bda3fff4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 8422

GET
H2 200 header-essentials.min.6141ace8ec9024a16ba4eb1f0b2c95cf.js Show response
assets.1mg.com/hkp/1.0.0/static/js/ 338 KB
98 KB 44ms
40ms Script
application/javascript 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.1mg.com/hkp/1.0.0/static/js/header-essentials.min.6141ace8ec9024a16ba4eb1f0b2c95cf.js
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f993153efcc7420f89746666b7ad09cfa914fcd866ca4ed932ecd544b5d4016

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 14:45:42 GMT
server: cloudflare
x-amz-request-id: 6DDMPRCDTTQQAKVT
age: 82999
etag: W/"6141ace8ec9024a16ba4eb1f0b2c95cf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 88ed5b262e1c4d32-FRA
x-amz-id-2: J0TMMKymQHc1ZjP9VPO6seVSn/qTOtHYUtI/uUrGeZ78GmI7484ghHn09tRTo1e068KdyIemCbpfKAq/9FIyLA==

GET
H2 200 vef91dfe02fce4ee0ad053f6de4f175db1715022073587 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 73ms
50ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Origin: https://www.1mg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:58 GMT
content-encoding: gzip
last-modified: Mon, 03 Jun 2024 22:09:07 GMT
server: cloudflare
etag: W/"2024.5.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 88ed5b264d806967-FRA

GET
H2 200 quick_buy_rebrand_lqpnce.svg
onemg.gumlet.io/ 179 B
1 KB 15ms
12ms Image
image/svg+xml 2600:9000:223f:8c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/quick_buy_rebrand_lqpnce.svg

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:8c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8c2dae0d93380e1cca1ed3cb66cadab9659b6c215b2f9e1381ec5c31d5c3ab2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 09 Sep 2023 19:23:33 GMT
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 64fcc6347091ec08557eb18a
x-amz-cf-pop: FRA56-P5
age: 23273665
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.456
alt-svc: h3=":443"; ma=86400
content-length: 179
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: onemg.gumlet.io 2023-07-28
etag: "8pr37pd78p2k"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: MKFkAzsIXTcIVBbVxBTZbiBB7DbM3Y0P-c37NhfucgrxVclWCWSdrg==

GET
H2 200 next-round.svg
assets.1mg.com/hkp/1.0.0/static/images/ 995 B
709 B 31ms
29ms Image
image/svg+xml 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.1mg.com/hkp/1.0.0/static/images/next-round.svg
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02eee1baa62e5dfb787d85763f1b9893f082683a294b44fda6e572aeabca8392

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 14:45:23 GMT
server: cloudflare
x-amz-request-id: N6WVKAGBFWV8VSBV
age: 80881
etag: W/"75aa10679318dcc8b1dc8b6c99da1f69"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 88ed5b262e1e4d32-FRA
x-amz-id-2: +tcNsGbBPRGfG02cXRdQvIT3OfvSy0zlTcJxb865Dox9OgozS5s7dKthz+QlaZWU8cYVDyndDKI=

OPTIONS
H2 204 page
rudderapi.1mg.com/v1/ Frame 0
0 566ms
545ms Preflight 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderapi.1mg.com/v1/page
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.1mg.com
access-control-max-age: 900
cf-cache-status: DYNAMIC
cf-ray: 88ed5b269acc2bdf-FRA
date: Wed, 05 Jun 2024 04:17:59 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H2 200 page Show response
rudderapi.1mg.com/v1/ 2 B
83 B 204ms
204ms XHR
text/plain 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderapi.1mg.com/v1/page
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Basic MVh3MHIzaDVVa0poVGQ3aTRNeVdZeWpEUUZaOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
AnonymousId: MmI4OTIyOTgtYzc4OS00ZDUyLWI4MWYtNGJiOTYzZDVjZTUx
Content-Type: application/json
Referer: https://www.1mg.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.1mg.com
access-control-allow-credentials: true
cf-ray: 88ed5b2a0d882bdf-FRA
content-length: 2

GET
H2 200 Fullstory.min.js Show response
cdn.rudderlabs.com/v1.1/js-integrations/ 8 KB
3 KB 53ms
51ms Script
application/javascript 2600:9000:275d:3600:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v1.1/js-integrations/Fullstory.min.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:3600:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ec9e8acc9f901be8c73a102c7cf326dbd4c3354f12ba46953fbb2a472d49dd2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:06:19 GMT
content-encoding: br
via: 1.1 11c65b00bf7f76c861a15dcad5558b9c.cloudfront.net (CloudFront)
last-modified: Tue, 04 Jun 2024 06:04:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 744
x-amz-server-side-encryption: AES256
etag: W/"dafb0b13cb3bb452d9b096cf0aee1e8c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ZciOCjb3Yvhhuan9s78k5EsRnnsklD_Q-fugXXIsAailWNzMPES0RQ==

GET
H2 200 1533315340292439 Show response
connect.facebook.net/signals/config/ 45 KB
11 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1533315340292439?v=2.9.157&r=stable&domain=www.1mg.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

16531d6c1e30aca566a4ac3fb156e48989861a070e3bb85f740335c333bb4ab3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Jun 2024 04:17:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10694
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=62, mss=1328, tbw=63488, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: YCl6RQdlq3yFKQ3n41yaBbo7XsfRNTYYUklBwR56+zMfMvKYzOiL35GwVzS+Cl7dyoXQrRc5btgo3GlFKhQlzQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 30ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1533315340292439&ev=PageView&dl=https%3A%2F%2Fwww.1mg.com%2F%3Freferrer%3Dsingular_click_id%253D8431f89a-8556-47d2-b2c6-8fd9c231caa7%26utm_campaign%3Dhome_page_dweb%2520%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC&rl=&if=false&ts=1717561078845&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4124&fbp=fb.1.1717561078840.503336058341010459&ler=empty&cdl=API_unavailable&it=1717561078820&coo=false&rqm=GET

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Jun 2024 04:17:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 326ms
303ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1533315340292439&ev=PageView&dl=https%3A%2F%2Fwww.1mg.com%2F%3Freferrer%3Dsingular_click_id%253D8431f89a-8556-47d2-b2c6-8fd9c231caa7%26utm_campaign%3Dhome_page_dweb%2520%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC&rl=&if=false&ts=1717561078845&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4124&fbp=fb.1.1717561078840.503336058341010459&ler=empty&cdl=API_unavailable&it=1717561078820&coo=false&rqm=FGET

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x1abbed417b8e0774","source_keys":["1","2"]},{"key_piece":"0xf4c142dd388412fa","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 05 Jun 2024 04:17:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=3100, tp=-1, tpl=-1, uplat=296, ullat=0
pragma: no-cache
x-fb-debug: qKQbbcUlPyehbqykwngkTQrBzuKJS+vrmcEB3DRMlLu8bbpP8PI7LX79ZpAQ+mzfnzcF16JgeueOerdYZVZEYw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ads.js Show response
www.1mg.com/js/ 0
611 B 415ms
413ms Script
application/javascript 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1mg.com/js/ads.js

Requested by

Host: assets.1mg.com
URL: https://assets.1mg.com/hkp/1.0.0/static/js/homePage.bundle.dc16f30da46131135b8b2cdb366fb596.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: BYPASS
last-modified: Thu, 30 May 2024 14:39:12 GMT
server: cloudflare
etag: W/"0-18fc9f0ca80"
cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://www.1mglabs.com
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 88ed5b27df764d32-FRA
content-length: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 95 KB
30 KB 38ms
21ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: assets.1mg.com
URL: https://assets.1mg.com/hkp/1.0.0/static/js/homePage.bundle.dc16f30da46131135b8b2cdb366fb596.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7cc4fb8769e3877813e4a5e3fa911d1c3d44317462752c540ad764a3e643352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30715
x-xss-protection: 0
server: cafe
etag: 557 / 19879 / m202405300101 / config-hash: 12088212102230092860
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 05 Jun 2024 04:17:59 GMT

GET
H2 200 details Show response
www.1mg.com/api/v2/cart/ 640 B
2 KB 186ms
183ms XHR
application/json 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1mg.com/api/v2/cart/details

Requested by

Host: assets.1mg.com
URL: https://assets.1mg.com/hkp/1.0.0/static/js/commons-products.bundle.47c264e31c1f36759f110e0b3efc538a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f33dd00f84462acb293331e7cc6913bd7fa68a04828782c516c3d231fefdf0c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://cont-sites.bajajfinserv.in/ https://www.bajajfinserv.in/ https://www.1mg.com/ https://chatbot.tatadigital.com/ https://www.tatadigital.com/
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-HTML-CanRender: True
Pragma: no-cache
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
HKP-Platform: Healthkartplus-0.0.1-Desktop
X-CSRF-Token: 2QL45e4Y-YzRrZ1A5TAt9YayM4bqcAfO_Z94
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
X-Platform: Desktop-0.0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Referer: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
content-security-policy: frame-ancestors https://cont-sites.bajajfinserv.in/ https://www.bajajfinserv.in/ https://www.1mg.com/ https://chatbot.tatadigital.com/ https://www.tatadigital.com/
cf-cache-status: DYNAMIC
content-encoding: br
x-dns-prefetch-control: off
x-visitor-id: 5cdca219-f09b-4c4e-8ebe-a037c07f13ec_SiAu1KLe3e_1167_1717561078248
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
visitor-id: 5cdca219-f09b-4c4e-8ebe-a037c07f13ec_SiAu1KLe3e_1167_1717561078248
cf-ray: 88ed5b282fa74d32-FRA

GET
H2 200 search_loader.svg
www.1mg.com/images/ 687 B
878 B 424ms
422ms Image
image/svg+xml 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.1mg.com/images/search_loader.svg

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

913d7e209b69e0165ba3c05335f9f69dc9c9ccdd3ffb69fcd659c7ac86cef79b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 30 May 2024 14:39:12 GMT
server: cloudflare
etag: W/"2af-18fc9f0ca80"
cache-status: HIT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.1mglabs.com
cache-control: public, max-age=0
cf-ray: 88ed5b282fa84d32-FRA

GET
H3 200 a56b26a0-30f1-4977-96f8-7acf1b3e0e02.png
onemg.gumlet.io/ 5 KB
6 KB 546ms
544ms Image
image/webp 2600:9000:223f:8c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a56b26a0-30f1-4977-96f8-7acf1b3e0e02.png?format=auto

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:223f:8c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3153f1854f115ae7533a2e7d13c29ec025978a7c642b8c60b5b60721a898ec13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 29 Dec 2023 12:33:27 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 658ebc97789d0d401ff6e825
age: 13707872
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.183
alt-svc: h3=":443"; ma=86400
content-length: 5108
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: onemg.gumlet.io 2023-10-22
etag: "39gvt9t20261s"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: we1U49L-WjcWLfZ5Pu9yD95hjZUa0P2M24oGPzqDdaZ0gu-ENdEc0Q==

GET
H3 200 629aaf65-515f-4069-b730-28618f78597b.png
onemg.gumlet.io/ 6 KB
7 KB 542ms
541ms Image
image/webp 2600:9000:223f:8c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/629aaf65-515f-4069-b730-28618f78597b.png?format=auto

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:223f:8c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7e0b1b7ea0f2f228044e927db965182d8dac1d16ee5791105b7274b571e71411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 29 Dec 2023 12:33:27 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 658ebc9738a47bf462d8f5f6
age: 13707872
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.3
alt-svc: h3=":443"; ma=86400
content-length: 5952
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: onemg.gumlet.io 2023-10-23
etag: "4eruaq4ihphq"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 86toIQC85zm0SJEWKcxf8twl_WcbnHusLa7bQnrusASTaE_VyhneUA==

GET
H3 200 b251c9cf-8d88-4fb8-8c3c-7b328caa9f70.png
onemg.gumlet.io/ 9 KB
9 KB 523ms
522ms Image
image/webp 2600:9000:223f:8c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/b251c9cf-8d88-4fb8-8c3c-7b328caa9f70.png?format=auto

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:223f:8c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

18c9ba87f79fa2e3d7147d11b0a1c525969bb4b18c6d97cbfe9cdb9e0176f284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 29 Dec 2023 12:33:27 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 658ebc9777389eebf50db58f
age: 13707872
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.233
alt-svc: h3=":443"; ma=86400
content-length: 8854
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: onemg.gumlet.io 2023-10-24
etag: "36qcz3hse7l3e"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: G9vLNueGKYNdvT1-xH3SYk3iYvjnLnwuutacl2cuGd3urN47ees4kA==

GET
H3 200 573d8a1a-edd0-46a5-a0fe-01a1c2bcc8f2.png
onemg.gumlet.io/ 6 KB
7 KB 529ms
528ms Image
image/webp 2600:9000:223f:8c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/573d8a1a-edd0-46a5-a0fe-01a1c2bcc8f2.png?format=auto

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:223f:8c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

00ad6250e247f48ce39134d51bc29b0bb689b59564d6412d2649ad3a2801aa32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 29 Dec 2023 13:46:17 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 658ecda89c38f0b63b9363cd
age: 13703502
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.115
alt-svc: h3=":443"; ma=86400
content-length: 6506
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: onemg.gumlet.io 2023-10-24
etag: "3vrn6tlv860sg"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: SqYQZe8lZ3r_tEB9Ms9zRVp0HgUiuF7nzdAC4X0epGvYCZ6TO5mpuA==

GET
H3 200 a1af8b43-2836-483d-8709-99eff1cc6f70.png
onemg.gumlet.io/ 6 KB
6 KB 202ms
201ms Image
image/webp 2600:9000:223f:8c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a1af8b43-2836-483d-8709-99eff1cc6f70.png?format=auto

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:223f:8c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

07c1735f7c5a9d4d682a8d8a61baa39f3f05e7963452c22ac5294464a05c4f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 29 Dec 2023 13:46:17 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 658ecda877389eebf5149ca7
age: 13703502
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.225
alt-svc: h3=":443"; ma=86400
content-length: 5836
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: onemg.gumlet.io 2023-10-23
etag: "1cbi2hh2ybqjy"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: vNJZAymf6hUbMFeDDVi6QkN_VqQuwGxVSHs82MIUTaORuvpD4hvx8A==

GET
H3 200 96f9ed8a-ba62-426c-bd66-6762f40f3370.png
onemg.gumlet.io/ 5 KB
6 KB 547ms
546ms Image
image/webp 2600:9000:223f:8c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/96f9ed8a-ba62-426c-bd66-6762f40f3370.png?format=auto

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:223f:8c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8968952133b3bb3967e6dbb69f8b4b294d5acfa420816ecf3e0da0dd86a131ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 29 Dec 2023 14:24:09 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 658ed68938a47bf462e404c4
age: 13701230
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.045
alt-svc: h3=":443"; ma=86400
content-length: 5572
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: onemg.gumlet.io 2023-10-24
etag: "2dr7l1n0y2u1"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 9CXmsNLx89lNaedzQ7P-7oIdGv9Bavv6hXQ95hoJVQckWJXzr5hS1w==

GET
H3 200 730dbe50-4bdc-4fa8-9a09-93bc5d6c6f38.png
onemg.gumlet.io/ 6 KB
6 KB 133ms
132ms Image
image/webp 2600:9000:223f:8c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/730dbe50-4bdc-4fa8-9a09-93bc5d6c6f38.png?format=auto

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:223f:8c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

94f9e180adb7145ad009a8b42ad69f636e67d6827589ad36c3ae0a92f49f7249

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 29 Dec 2023 14:24:09 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 658ed689789d0d401f020202
age: 13701230
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.262
alt-svc: h3=":443"; ma=86400
content-length: 5646
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: onemg.gumlet.io 2023-10-24
etag: "2a506gq4ecmtk"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: w8V15Z8BcXn4txJnK6-MsxCwDTbIN1kV4Us5_nRQXkC7lgxG42_aUw==

GET
H2 200 watch_icon.svg
assets.1mg.com/hkp/1.0.0/static/images/ 765 B
645 B 25ms
24ms Image
image/svg+xml 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.1mg.com/hkp/1.0.0/static/images/watch_icon.svg
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf4084fed3de0377f36385aca1ed62af8daa37cc4756b6a1640e874011824284

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 14:45:31 GMT
server: cloudflare
x-amz-request-id: RDQA3JPBBKSTWFNH
age: 199
etag: W/"2f2f22924c12c765da8b46fe19b64c6c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 88ed5b282fa94d32-FRA
x-amz-id-2: 3Yn9yypFzi3m6fgQRP2gv9fr2eU/TRxRS8P6QM5+f5wL+1tvXI6eEDryA8UCPkgYuBbejs4BFgaR4TgJ42KX+w==

GET
H3 200 397c1135-c26a-46bd-bede-22d767f35064_1712216663.jpg
onemg.gumlet.io/ 38 KB
38 KB 343ms
342ms Image
application/x-www-form-urlencoded 2600:9000:223f:8c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/397c1135-c26a-46bd-bede-22d767f35064_1712216663.jpg?w=1067&h=250&format=auto

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:223f:8c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2dee4daa0b2fd942361f7a4787834b8e40c476f56c4c2c6ebbf064d43cba1795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 24 May 2024 07:02:57 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 66503ba115255f23c43321c5
age: 1026902
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.053
alt-svc: h3=":443"; ma=86400
content-length: 38556
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: onemg.gumlet.io 2024-04-04
etag: "19v71bjvvyevo"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: application/x-www-form-urlencoded
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: Origin
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: n6tHitSECX5He4LSD8eWnZZE8bxi-tQM6iSHIsEtOZ9OafhuhVOf_g==

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 273 KB
74 KB 37ms
8ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/js-integrations/Fullstory.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0f7c8ca4341ce357e0424f80dd36181ae812a3449b09b5d7e804133df7c30ebf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Origin: https://www.1mg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:16:40 GMT
content-encoding: br
age: 79
x-guploader-uploadid: ABPtcPqsLDCWGubauD4s3FWAz8vCjcMB9Z88-VlMyhMzr8UJgUQrYMn7VHsciwRLuqZbJnHyb7Y
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75399
last-modified: Mon, 03 Jun 2024 19:13:28 GMT
server: UploadServer
etag: "9518bfdd8ce5a4d07426912e49eab44e"
vary: Accept-Encoding
x-goog-generation: 1717442008056727
x-goog-hash: crc32c=iqU1ow==, md5=lRi/3YzlpNB0JpEuSeq0Tg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 75399
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 05 Jun 2024 05:16:40 GMT

POST
H2 200 track Show response
rudderapi.1mg.com/v1/ 2 B
56 B 198ms
197ms XHR
text/plain 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderapi.1mg.com/v1/track
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Basic MVh3MHIzaDVVa0poVGQ3aTRNeVdZeWpEUUZaOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
AnonymousId: MmI4OTIyOTgtYzc4OS00ZDUyLWI4MWYtNGJiOTYzZDVjZTUx
Content-Type: application/json
Referer: https://www.1mg.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.1mg.com
access-control-allow-credentials: true
cf-ray: 88ed5b2c0f342bdf-FRA
content-length: 2

OPTIONS
H2 204 track
rudderapi.1mg.com/v1/ Frame 0
0 542ms
541ms Preflight 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderapi.1mg.com/v1/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.1mg.com
access-control-max-age: 900
cf-cache-status: DYNAMIC
cf-ray: 88ed5b28ac2a2bdf-FRA
date: Wed, 05 Jun 2024 04:17:59 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 501 KB
121 KB 89ms
53ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

87fef9686ea69553a8cc543478bb2eb8f81f2a97ca12c5873211da5bd6369de5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123259
x-xss-protection: 0
last-modified: Wed, 05 Jun 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Jun 2024 04:17:59 GMT

GET
H3 200 mgsensor.js Show response
a.mgid.com/ 17 KB
6 KB 143ms
115ms Script
application/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.mgid.com/mgsensor.js?d=1717561079146

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45d2c055791d072ed388bb395f90aaebf2425189bbd03942b8f60855ba4f6988

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-mg-request-uuid: 39632cad-a0b8-4205-ab2f-288f56fd5cb1
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 88ed5b28d8e703e4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 86ms
46ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 05 Jun 2024 04:17:58 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DF4E96CCF62F417797202C5A12774DA4 Ref B: FRAEDGE1219 Ref C: 2024-06-05T04:17:59Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 ClearSans-Bold.woff2
assets.1mg.com/hkp/1.0.0/static/css/fonts/clearsans-1.00/WOFF2/ 43 KB
43 KB 29ms
29ms Font
application/octet-stream 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.1mg.com/hkp/1.0.0/static/css/fonts/clearsans-1.00/WOFF2/ClearSans-Bold.woff2
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5e810c538d9ac115faaaa527625164da813013d225ad8b3f7bf19a3ccc409f2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Origin: https://www.1mg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: B3MV7PXPT7387ZRB
age: 80858
x-amz-server-side-encryption: AES256
x-amz-id-2: f1AaIdu/C0Ho31dYqUsq5M1tZUHBpZzMb+tlQEEpoTQjprGusO7VVDGi+1qjrigLLBlq5vtoskM=
last-modified: Thu, 30 May 2024 14:45:13 GMT
server: cloudflare
etag: W/"76687bf10bd465fe4da2b0a2b52a7b7a"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
content-type: text/plain
cache-control: max-age=31536000
cf-ray: 88ed5b290c872bdf-FRA

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/ 460 KB
144 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb00a860660974b25947b756849035378feb8893f3699e16d391cabbf8374f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50113
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147019
x-xss-protection: 0
server: cafe
etag: 3255905288585425474
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:22:46 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 65 B
74 B 32ms
15ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.1mg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53f43f7a0d0a67ed43aa343d0d3c18acf4df593b608fe5e04b16c1f67af3a65b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50
x-xss-protection: 0
expires: Wed, 05 Jun 2024 04:17:59 GMT

GET
H2 200 web Show response
edge.fullstory.com/s/settings/11EGJ5/v1/ 39 KB
8 KB 12ms
11ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/11EGJ5/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1cfd5dd277a394bbee2f64b2e293db2b0336aa9911223e3a0434d17308a08894

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:03:23 GMT
content-encoding: gzip
age: 876
x-guploader-uploadid: ABPtcPpqytclc3594pGC-0G_u0Tx1Kd7PGtsFYgrfBSfwRWHJM00bjFgDaCkRj452zpETMhvsgL9Kxdh8g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8028
last-modified: Wed, 05 Jun 2024 04:02:44 GMT
server: UploadServer
etag: "4616099b86e2fa99c528f3464446e5f0"
x-goog-generation: 1717560164811163
x-goog-hash: crc32c=hQz4lA==, md5=RhYJm4bi+pnFKPNGREbl8A==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 8028
accept-ranges: bytes
content-type: application/json
expires: Wed, 05 Jun 2024 04:18:23 GMT

GET
H2 204 5268488.js Show response
bat.bing.com/p/action/ 0
117 B 30ms
29ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5268488.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 05 Jun 2024 04:17:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BD759F2729294FCB9CF0C876ACFA96D0 Ref B: FRAEDGE1219 Ref C: 2024-06-05T04:17:59Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 76ms
76ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5268488&Ver=2&mid=f401abe5-2ce0-43ef-b706-3a97802b3b42&sid=97a5f70022f211ef99f0b58a2f99b880&vid=97a63e8022f211ef84e93bfbc2ac0ac7&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Online%20Pharmacy%20India%20%7C%20Buy%20Medicines%20from%20India%27s%20Trusted%20Medicine%20Store%3A%201mg.com&kw=online%20pharmacy,%20online%20medicine,%20medicine%20online,%20online%20medical%20store,%20buy%20medicine%20online,%20online%20pharmacy%20India,%20buy%20medicine%20online%20India,%20online%20chemist,%20online%20medicine%20purchase&p=https%3A%2F%2Fwww.1mg.com%2F%3Freferrer%3Dsingular_click_id%253D8431f89a-8556-47d2-b2c6-8fd9c231caa7%26utm_campaign%3Dhome_page_dweb%2520%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC&r=&lt=2455&evt=pageLoad&sv=1&rn=285215

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jun 2024 04:17:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9F0AF8B74A6D4FB586B483BCD7ACFCBD Ref B: FRAEDGE1219 Ref C: 2024-06-05T04:17:59Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 65 KB
24 KB 168ms
43ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=3499300706681407&correlator=1206280107514685&eid=44809527%2C31083342%2C31084266%2C44777897%2C31078668&output=ldjh&gdfp_req=1&vrg=202405300101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=67416580%2CDWEB_ROADBLOCK_900x493_PROD&enc_prev_ius=0%2F1&prev_iu_szs=900x493&ifi=1&sfv=1-0-40&eri=32&sc=1&abxe=1&dt=1717561079378&lmt=1717561079&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fwww.1mg.com%2F%3Freferrer%3Dsingular_click_id%253D8431f89a-8556-47d2-b2c6-8fd9c231caa7%26utm_campaign%3Dhome_page_dweb%2520%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=0&ga_vid=1216773524.1717561079&ga_sid=1717561079&ga_hid=1551685799&ga_fc=false&nt=1&psd=WzIsbnVsbCxudWxsLDNd&dlt=1717561078480&idt=872&adks=762095720&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b22a050d932d3e45a382251c3c3357a2e33f9aa3569ec35f8248d22112f855c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24842
x-xss-protection: 0
google-lineitem-id: 6359868639
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138442667216
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.1mg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
6a5414336da80c268bd0ad7124248bed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B368 0
0 98ms
14ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6a5414336da80c268bd0ad7124248bed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.1mg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jun 2024 04:17:59 GMT
expires: Wed, 05 Jun 2024 04:17:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 328 KB
106 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NPGHGVF7FB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a365e6c3e212e2f61ed61bdbbfb1d617538e2a23aeee47dac97e980083faddc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108591
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Jun 2024 04:17:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 98ms
7ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Jun 2024 02:29:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6531
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 05 Jun 2024 04:29:08 GMT

GET
H2 200 singular-gtm-interface.js Show response
web-sdk-cdn.singular.net/singular-gtm-interface/latest/ 5 KB
2 KB 106ms
17ms Script
application/javascript 2a02:26f0:7100::1720:eec2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://web-sdk-cdn.singular.net/singular-gtm-interface/latest/singular-gtm-interface.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 229b005e2be041608b705607939624dfc0758f970a29d2c766bc53018c1d9fb4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
content-encoding: gzip
last-modified: Tue, 22 Jun 2021 12:44:26 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"02290290bd663376e4d6931dc9561ed0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=8, origin; dur=2, ak_p; desc="1717561079447_388034238_320785978_972_1234_5_65_146";dur=1
content-length: 1182
x-amz-cf-id: g9MncDDPHtEgHB0jAOv3IdWrv8HYkVmyKUfmxYmK81bqXplCWNtfzw==

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 88 KB
27 KB 95ms
8ms Script
text/javascript 2600:9000:2644:cc00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:cc00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd374bea8f2cce1e9514e9f9a7af6cd7efbb566a5eea5cda53affc1391ada818

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Amz-Version-Id: OjlzvVkHTu0v_YiPj9HXDUkxURL1vuKW
Content-Encoding: gzip
Via: 1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
Date: Wed, 05 Jun 2024 03:54:57 GMT
Age: 1383
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 29 May 2024 17:38:12 GMT
Server: AmazonS3
Etag: W/"39817cce3f515077c86e9cc99a65f623"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 8d2eVQ9qm2ywf3p-oiG2H0KVANMFNiMRhRyY1PVK3qxJPzinwNydnw==

GET
H2 200 UXVDxjkzyjivJA3pPnzU.js Show response
tags.creativecdn.com/ 4 KB
2 KB 93ms
7ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.creativecdn.com/UXVDxjkzyjivJA3pPnzU.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 05 Jun 2024 04:17:59 GMT
content-encoding: gzip
x-accel-date-max: 1698138139
x-guploader-uploadid: ABPtcPqFYOMSgSI8_wGjHfbmjrbqYJ3mkGefflTWykglheIBUee0HgPiS0s3fcwUQzPzGU7POH7TSVDq72vvJZIQrAVqWHMvXAHp
x-cache: HIT
x-77-cache: HIT
x-goog-storage-class: STANDARD
x-guploader-response-body-transformations: gunzipped
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
x-age: 1038
x-accel-date: 1717560041
alt-svc: h3=":443"; ma=86400
x-77-nzt: EQwBw7WqEQH3DgQAAA
x-accel-expires: @1717563633
x-77-age: 1038
last-modified: Mon, 30 Jan 2023 17:33:16 GMT
server: CDN77-Turbo
etag: W/"7dd71e4b922b44d4a1b639cea2047fcd"
x-77-nzt-ray: 4c156224cf150e23f7e65f6636c5bd1e
vary: Accept-Encoding
x-goog-generation: 1675099996782490
content-type: application/javascript
x-goog-hash: crc32c=U/iOdA==, md5=fdceS5IrRNShtjnOogR/zQ==
cache-control: public, max-age=3600
warning: 214 UploadServer gunzipped
x-goog-stored-content-length: 1741
expires: Tue, 24 Oct 2023 10:02:19 GMT

GET
H2 200 settings Show response
www.notifyvisitors.com/ext/v1/ 25 KB
8 KB 259ms
197ms Script
text/html 2600:9000:2359:2800:14:81fb:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.notifyvisitors.com/ext/v1/settings?bid_e=1948D672A79F22D332F654FB766E7DC2&bid=2023&t=420&iFrame=false&trafficSource=&link_referrer=&pageUrl=https%3A%2F%2Fwww.1mg.com%2F%3Freferrer%3Dsingular_click_id%253D8431f89a-8556-47d2-b2c6-8fd9c231caa7%26utm_campaign%3Dhome_page_dweb%2520%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC&path=%2F&domain=https%3A%2F%2Fwww.1mg.com&gmOffset=7200&screenWidth=1600&screenHeight=1200&isPwa=0&cookieData=VISITOR-ID%3D5cdca219-f09b-4c4e-8ebe-a037c07f13ec_SiAu1KLe3e_1167_1717561078248%3B%20city%3DNew%2520Delhi%3B%20amoSessionId%3Db28e0bed-d68a-4523-8b92-1a98af307855%3B%20isLocaleRedirect%3Dfalse%3B%20isLocaleUIChange%3Dfalse%3B%20rl_user_id%3DRudderEncrypt%253AU2FsdGVkX19ZLP1F7pOxZTbekgeMI%252F%252FFwG6uUrmwvkY%253D%3B%20rl_trait%3DRudderEncrypt%253AU2FsdGVkX1%252Brht43gKmjyixrkCPd2S1P9DfLYTNzHFw%253D%3B%20rl_group_id%3DRudderEncrypt%253AU2FsdGVkX18qigbwF4akUceOnnbswA5aKPQk%252FvL5VBk%253D%3B%20rl_group_trait%3DRudderEncrypt%253AU2FsdGVkX18%252B8Bv5D3yWmxyKZQYBGVbUJE0cxyk53l4%253D%3B%20rl_anonymous_id%3DRudderEncrypt%253AU2FsdGVkX1%252FZgeHE7UtGxhKW%252FtCr%252BorPdv%252FmTi0HBFphMdjdS3glFjfeQ8WolnrIhsGJ3VnTBFOo5EzFd1TlAw%253D%253D%3B%20rl_page_init_referrer%3DRudderEncrypt%253AU2FsdGVkX18jjQMbVvTE5s3U4aBdyCDnTu2TAUhL%252F2E%253D%3B%20rl_page_init_referring_domain%3DRudderEncrypt%253AU2FsdGVkX1%252FDbaK0Z3d7btBqcmQfYq5y6HfxlRuDDNs%253D%3B%20_fbp%3Dfb.1.1717561078840.503336058341010459%3B%20rl_session%3DRudderEncrypt%253AU2FsdGVkX1%252BuSCOEKEc8TdOW%252FRy8syASJY0mB2TK2qh0L7jN%252FmbSfPKQB19yhFtDg8KAFu4eY0QK6vHDyOP0d39MIkKLky8zh2qChJ0fn94XcoRtk2foYjZeLuHk%252BbPH9xBnoazyXbqbTYTup3jV2Q%253D%253D%3B%20geolocation%3Dfalse%3B%20synapse%3Ainit%3Dfalse%3B%20synapse%3Aplatform%3Dweb%3B%20_uetsid%3D97a5f70022f211ef99f0b58a2f99b880%3B%20_uetvid%3D97a63e8022f211ef84e93bfbc2ac0ac7%3B%20_gcl_au%3D1.1.887995713.1717561079%3B%20AWSALBTG%3DNupdSP4%2FU49WRrlWXQ2fZh1yLI%2BekJzNKGOvVPQMsbxhVy2e9HXWwct1js1xGBwlKHONf9ljNakIA0rQwppD166PmjUKTlk4UGr34pWuY4JdsHVU8uym86OhANtD4uQm%2FkrCE%2Ft1GKrXoibvZG7PrAr8R7ifjb%2FgvvOsUabyH8Zy%3B%20AWSALBTGCORS%3DNupdSP4%2FU49WRrlWXQ2fZh1yLI%2BekJzNKGOvVPQMsbxhVy2e9HXWwct1js1xGBwlKHONf9ljNakIA0rQwppD166PmjUKTlk4UGr34pWuY4JdsHVU8uym86OhANtD4uQm%2FkrCE%2Ft1GKrXoibvZG7PrAr8R7ifjb%2FgvvOsUabyH8Zy%3B%20hkp_campaign%3Dhome_page_dweb%252520%3B%20hkp_medium%3Demailer_NC%3B%20hkp_source%3Demailer_NC&ruleData=%7B%22city%22%3A%22New%20Delhi%22%7D&storage=%7B%22session%22%3A%7B%7D%2C%22local%22%3A%7B%7D%7D&

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:2800:14:81fb:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b7d268782abc0bf36222d894b73825051c6a6ba9009e2c49417828f2ccfc3559

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
content-encoding: gzip
via: 1.1 f1b6636265d2ca44d8a0ca5488a5ec0c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P10
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
cache-control: no-store
x-amz-cf-id: pKnSnQLO5yBsJ9c6LXElss1s2iM2M34YxgHVcMXSl8WBbFeoyEwXTQ==
x-xss-protection: 1; mode=block

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 400 KB
138 KB 82ms
21ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b9bac858acbb3b447b2d63bc6834014aecea6191a95d46d47e3f166fc182bab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140315
x-xss-protection: 0
expires: Wed, 05 Jun 2024 04:17:59 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 47 KB
16 KB 87ms
26ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

748754eccccb46d25fed1dfe75a1b239668c4d6af51fdcdbabcb3fc8de59a95b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 22 May 2024 14:33:50 GMT
server: nginx
etag: W/"664e024e-bb30"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 06 Jun 2024 04:17:59 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 28 KB
9 KB 1052ms
346ms Script
application/x-javascript 184.50.249.159
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.50.249.159 Fortaleza, Brazil, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-50-249-159.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cd794281e9928f14810a8a6cb332da93a053661f5e30ed51bc2186237d423650

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 04:18:00 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Jun 2024 11:04:04 GMT
Server: AkamaiNetStorage
ETag: "e24f56fa9aeadd9299f8b3f88aa9fd32:1717413770.483478"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8569
Expires: Wed, 05 Jun 2024 04:38:00 GMT

POST
H2

200

v2 Show response
asia.creativecdn.com/tags/
Redirect Chain

https://asia.creativecdn.com/tags/v2?type=json
https://asia.creativecdn.com/tags/v2?type=json&tc=1

478 B
957 B

276ms
275ms

Fetch
application/json

103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/tags/v2?type=json&tc=1
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: ad6c2c0fc874ba4ce8e30e31a87d0aa06490ce1a8e0e16b16551c1781815ccc4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:18:01 GMT, Wed, 05 Jun 2024 04:18:01 GMT
content-encoding: gzip
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.1mg.com
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 359
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:18:01 GMT, Wed, 05 Jun 2024 04:18:01 GMT
access-control-max-age: 3600
vary: Origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin: https://www.1mg.com
access-control-allow-methods: GET, POST
location: https://asia.creativecdn.com/tags/v2?type=json&tc=1
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 200 v2
asia.creativecdn.com/tags/ Frame 0
0 949ms
313ms Preflight 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/tags/v2?type=json
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.1mg.com
access-control-max-age: 3600
content-length: 0
date: Wed, 05 Jun 2024 04:18:00 GMT
vary: Origin

POST
H2 204 collect
region1.google-analytics.com/g/ 0
242 B 160ms
25ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1HF6RR2VT7&gtm=45je4630v879238698z86472178za200zb6472178&_p=1717561079145&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1216773524.1717561079&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717561079&sct=1&seg=0&dl=https%3A%2F%2Fwww.1mg.com%2F%3Freferrer%3Dsingular_click_id%253D8431f89a-8556-47d2-b2c6-8fd9c231caa7%26utm_campaign%3Dhome_page_dweb%2520%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC&dt=Online%20Pharmacy%20India%20%7C%20Buy%20Medicines%20from%20India%27s%20Trusted%20Medicine%20Store%3A%201mg.com&en=page_view&_fv=1&_ss=1&tfd=2836
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPGHGVF7FB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:17:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.1mg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 144ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NPGHGVF7FB&gtm=45je4630v879238698z86472178za200zb6472178&_p=1717561079145&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1216773524.1717561079&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717561079&sct=1&seg=0&dl=https%3A%2F%2Fwww.1mg.com%2F%3Freferrer%3Dsingular_click_id%253D8431f89a-8556-47d2-b2c6-8fd9c231caa7%26utm_campaign%3Dhome_page_dweb%2520%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC&dt=Online%20Pharmacy%20India%20%7C%20Buy%20Medicines%20from%20India%27s%20Trusted%20Medicine%20Store%3A%201mg.com&en=page_view&_fv=1&_ss=1&tfd=2855
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPGHGVF7FB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:17:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.1mg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
242 B 150ms
22ms Ping
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NPGHGVF7FB&cid=1216773524.1717561079&gtm=45je4630v879238698z86472178za200zb6472178&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPGHGVF7FB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:17:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.1mg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 145ms
19ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NPGHGVF7FB&cid=1216773524.1717561079&gtm=45je4630v879238698z86472178za200zb6472178&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1976207893

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:17:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame E5E5 0
0 55ms
40ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuCyygn6HjDIWyPcJGS8QNB1jRU6yqmCTSPjkLewYWVJW_5tIAp3Ahb32xJGG_F3xWUc1I5tBVBt4SKfuZfeikuW1tH1Ef0m17K6w2Mh1RzNRnGf86Cjr8Yo9Ga8nS33Pz_J79C9un03k0v_gdVVAlbQ8iz4BhUh2Fbfm5ErKKvVw0RZtjnsa8EOqbY9ESJv9gi8JZ5ndtAmGaRMSZl1zu34Xq-EuP-1K9_eUa-zqYwBJAhQGiFjB_h5zqtRxdqZgJNLXmmR1Cy_gnxk3wR2tGZj4gzZ2Fauv5iHdG8gL_JmVmkh8hIO9r61PZUHfMzp57sNQhs_yWPRbBhELp8xCmIAphcW1r4Cp61HxAtuhcN9B6VY2R9xagW&sig=Cg0ArKJSzKxTaXNuuI4HEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240604/r20110914/ Frame E5E5 23 KB
9 KB 31ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240604/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55f017283179055aaeb5642ae7bae973299c19504016022e279e9f9d653c2a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:19:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 8342817275361945841
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jun 2024 14:19:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240604/r20110914/client/ Frame E5E5 3 KB
1 KB 32ms
17ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240604/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jun 2024 14:20:23 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E5E5 215 KB
65 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3c2f5bfe4c9152aa9466dd2ad3e17eae58c06b47edc68270f1935d1a994068b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 474
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66507
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 05 Jun 2024 05:10:05 GMT

GET
H2 200 19286646334988808
tpc.googlesyndication.com/simgad/ Frame E5E5 213 KB
214 KB 89ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/19286646334988808

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ed48ac96631b01913a1fd9a137615d166861ba8e8a4ba23f8bb609e178ef7a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 04 Jun 2025 16:02:21 GMT
date: Tue, 04 Jun 2024 16:02:21 GMT
x-content-type-options: nosniff
age: 44138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 218457
x-xss-protection: 0
last-modified: Tue, 04 Jun 2024 05:14:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/U4ZFS2QH4VB65A54O43AEQ/6PFMKMAZXFGFLMSXPCJHFF/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

7ms
7ms

Script
application/javascript

2600:9000:2644:cc00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: HTTP/1.1
Server: 2600:9000:2644:cc00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Tue, 04 Jun 2024 15:54:52 GMT
Via: 1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
Age: 44588
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: gzDMBUijoZUxZ5Rx-zD9RFisjJ3OTkn3UJijNbwSmT5FYvpNzdzjFA==

Redirect headers

Date: Tue, 04 Jun 2024 16:04:58 GMT
Via: 1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
Age: 43980
X-Amz-Cf-Pop: FRA60-P6
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: JNi6dtUoac0AwzPWuLcWpf-vlUk3maQ-LvIbkJIQpklGuFtaTFQBow==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/U4ZFS2QH4VB65A54O43AEQ/6PFMKMAZXFGFLMSXPCJHFF/ 9 KB
4 KB 15ms
7ms Script
text/javascript 2600:9000:2644:cc00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/U4ZFS2QH4VB65A54O43AEQ/6PFMKMAZXFGFLMSXPCJHFF/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:cc00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a7616157191cea33870e61c8f37b9842c4a63088c5821eeee34e570679e904f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Amz-Version-Id: XIiJ4nWxb0VlZjKgP9nv6isyQm7XVRIO
Content-Encoding: gzip
Via: 1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
Date: Wed, 05 Jun 2024 03:59:44 GMT
Age: 1114
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 03 Jun 2024 12:25:53 GMT
Server: AmazonS3
Etag: W/"706be4fd28aeb971d2ff83a528c2073a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: klVuj2q7bB3j2w0etT3MpDU2DYe2G-WpEZPFqkMUYa_xExnBuwfJxw==

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
436 B 74ms
15ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.1mg.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E5E5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae9c236263cb8e8f25952636acbe3086558d6d6097aec1f57eddf5bdb77f2ad0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 singular-sdk.js Show response
web-sdk-cdn.singular.net/singular-sdk/latest/ 155 KB
46 KB 8ms
7ms Script
application/javascript 2a02:26f0:7100::1720:eec2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://web-sdk-cdn.singular.net/singular-sdk/latest/singular-sdk.js
Requested by: Host: web-sdk-cdn.singular.net
URL: https://web-sdk-cdn.singular.net/singular-gtm-interface/latest/singular-gtm-interface.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:eec2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a5f20e9b821bed653ca955a4f1a07f3ccb774616234e9b74f1d604c81b7a84a0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
content-encoding: gzip
last-modified: Wed, 15 May 2024 12:25:16 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"5f5378fd1d529ff6e434a421d4039b74"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7423
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1717561079667_388034238_320786113_78_793_5_0_146";dur=1
x-amz-cf-id: l0jxcm2LtA8eNz8QZzEugKS4l-CY_F2X-ExIL_qtkmLsNVCR7jEK_g==
content-length: 46887

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 15 B
40 B 19ms
19ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fwww.1mg.com%2F%3Freferrer%3Dsingular_click_id%253D8431f89a-8556-47d2-b2c6-8fd9c231caa7%26utm_campaign%3Dhome_page_dweb%2520%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

039027fdfb64d533991b24885cf5d2cb4ca2ce917d9b4c73f464fe0cc015024f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
x-xss-protection: 0
expires: Wed, 05 Jun 2024 04:17:59 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 95 KB
30 KB 65ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06737bc48c0d965480e5eb9c32d7b2062b4f580e31d93fe5d3ad7a8e2d7ac107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30716
x-xss-protection: 0
server: cafe
etag: 123 / 19879 / 31084238 / config-hash: 12088212102230092860
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 05 Jun 2024 04:17:59 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame 4E7C 0
0 61ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.1mg.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.1mg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jun 2024 04:17:59 GMT
server: Kestrel
server-processing-duration-in-ticks: 436221
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

POST
H2 200 event Show response
sdk-api-v1.singular.net/api/v1/ 18 B
254 B 217ms
217ms XHR
application/x-javascript 104.83.4.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-api-v1.singular.net/api/v1/event?current_device_time=1717561080&event_id=508dae4c-bd8d-4326-a1dd-422388c27cde&conversion_event=true&k=SDID&a=ikshit&p=Web&i=www.1mg.com&screen_height=1200&screen_width=1600&sdk=WebSDK-v1.4.3&singular_instance_id=d9f3d03a-d922-4dbd-931a-3bebceb7bab2&sdid=2ec7cefd-8858-4bf2-8eaf-f8383bf3cfea&storage_type=local&timezone=GMT%2B0200&touchpoint_timestamp=1717561080&u=2ec7cefd-8858-4bf2-8eaf-f8383bf3cfea&n=__PAGE_VISIT__&is_revenue_event=false&first=true&s=e2eaf591-06b9-4047-a385-2f5df2d869e7&is_first_visit=true&is_page_refreshed=false&sdid_persist_mode=off&is_first_page_visit_in_session=true&ecid=2ec7cefd-8858-4bf2-8eaf-f8383bf3cfea&os=Windows&lag=0&h=3e475b8e4ab2364babc4c32430126beaac3ebb81
Requested by: Host: web-sdk-cdn.singular.net
URL: https://web-sdk-cdn.singular.net/singular-sdk/latest/singular-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.83.4.122 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-83-4-122.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8a49ea5083c8030f058182dcd6ae7da0960e68a0d762f71e8e8375f5732fb2fb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:18:00 GMT
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: Content-Type, Content-Length
content-length: 18
expires: Wed, 05 Jun 2024 04:18:00 GMT

OPTIONS
H2 200 event
sdk-api-v1.singular.net/api/v1/ Frame 0
0 323ms
213ms Preflight 104.83.4.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-api-v1.singular.net/api/v1/event?current_device_time=1717561080&event_id=508dae4c-bd8d-4326-a1dd-422388c27cde&conversion_event=true&k=SDID&a=ikshit&p=Web&i=www.1mg.com&screen_height=1200&screen_width=1600&sdk=WebSDK-v1.4.3&singular_instance_id=d9f3d03a-d922-4dbd-931a-3bebceb7bab2&sdid=2ec7cefd-8858-4bf2-8eaf-f8383bf3cfea&storage_type=local&timezone=GMT%2B0200&touchpoint_timestamp=1717561080&u=2ec7cefd-8858-4bf2-8eaf-f8383bf3cfea&n=__PAGE_VISIT__&is_revenue_event=false&first=true&s=e2eaf591-06b9-4047-a385-2f5df2d869e7&is_first_visit=true&is_page_refreshed=false&sdid_persist_mode=off&is_first_page_visit_in_session=true&ecid=2ec7cefd-8858-4bf2-8eaf-f8383bf3cfea&os=Windows&lag=0&h=3e475b8e4ab2364babc4c32430126beaac3ebb81
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.83.4.122 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-83-4-122.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Content-Length
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Wed, 05 Jun 2024 04:18:00 GMT
expires: Wed, 05 Jun 2024 04:18:00 GMT
pragma: no-cache
vary: Accept-Encoding

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
365 B 55ms
14ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.1mg.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 nv-banner-upl.js Show response
cdn.notifyvisitors.com/ext/js/ 55 KB
13 KB 64ms
6ms Script
application/javascript 2600:9000:223e:4e00:1e:6c7e:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.notifyvisitors.com/ext/js/nv-banner-upl.js
Requested by: Host: www.notifyvisitors.com
URL: https://www.notifyvisitors.com/ext/v1/settings?bid_e=1948D672A79F22D332F654FB766E7DC2&bid=2023&t=420&iFrame=false&trafficSource=&link_referrer=&pageUrl=https%3A%2F%2Fwww.1mg.com%2F%3Freferrer%3Dsingular_click_id%253D8431f89a-8556-47d2-b2c6-8fd9c231caa7%26utm_campaign%3Dhome_page_dweb%2520%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC&path=%2F&domain=https%3A%2F%2Fwww.1mg.com&gmOffset=7200&screenWidth=1600&screenHeight=1200&isPwa=0&cookieData=VISITOR-ID%3D5cdca219-f09b-4c4e-8ebe-a037c07f13ec_SiAu1KLe3e_1167_1717561078248%3B%20city%3DNew%2520Delhi%3B%20amoSessionId%3Db28e0bed-d68a-4523-8b92-1a98af307855%3B%20isLocaleRedirect%3Dfalse%3B%20isLocaleUIChange%3Dfalse%3B%20rl_user_id%3DRudderEncrypt%253AU2FsdGVkX19ZLP1F7pOxZTbekgeMI%252F%252FFwG6uUrmwvkY%253D%3B%20rl_trait%3DRudderEncrypt%253AU2FsdGVkX1%252Brht43gKmjyixrkCPd2S1P9DfLYTNzHFw%253D%3B%20rl_group_id%3DRudderEncrypt%253AU2FsdGVkX18qigbwF4akUceOnnbswA5aKPQk%252FvL5VBk%253D%3B%20rl_group_trait%3DRudderEncrypt%253AU2FsdGVkX18%252B8Bv5D3yWmxyKZQYBGVbUJE0cxyk53l4%253D%3B%20rl_anonymous_id%3DRudderEncrypt%253AU2FsdGVkX1%252FZgeHE7UtGxhKW%252FtCr%252BorPdv%252FmTi0HBFphMdjdS3glFjfeQ8WolnrIhsGJ3VnTBFOo5EzFd1TlAw%253D%253D%3B%20rl_page_init_referrer%3DRudderEncrypt%253AU2FsdGVkX18jjQMbVvTE5s3U4aBdyCDnTu2TAUhL%252F2E%253D%3B%20rl_page_init_referring_domain%3DRudderEncrypt%253AU2FsdGVkX1%252FDbaK0Z3d7btBqcmQfYq5y6HfxlRuDDNs%253D%3B%20_fbp%3Dfb.1.1717561078840.503336058341010459%3B%20rl_session%3DRudderEncrypt%253AU2FsdGVkX1%252BuSCOEKEc8TdOW%252FRy8syASJY0mB2TK2qh0L7jN%252FmbSfPKQB19yhFtDg8KAFu4eY0QK6vHDyOP0d39MIkKLky8zh2qChJ0fn94XcoRtk2foYjZeLuHk%252BbPH9xBnoazyXbqbTYTup3jV2Q%253D%253D%3B%20geolocation%3Dfalse%3B%20synapse%3Ainit%3Dfalse%3B%20synapse%3Aplatform%3Dweb%3B%20_uetsid%3D97a5f70022f211ef99f0b58a2f99b880%3B%20_uetvid%3D97a63e8022f211ef84e93bfbc2ac0ac7%3B%20_gcl_au%3D1.1.887995713.1717561079%3B%20AWSALBTG%3DNupdSP4%2FU49WRrlWXQ2fZh1yLI%2BekJzNKGOvVPQMsbxhVy2e9HXWwct1js1xGBwlKHONf9ljNakIA0rQwppD166PmjUKTlk4UGr34pWuY4JdsHVU8uym86OhANtD4uQm%2FkrCE%2Ft1GKrXoibvZG7PrAr8R7ifjb%2FgvvOsUabyH8Zy%3B%20AWSALBTGCORS%3DNupdSP4%2FU49WRrlWXQ2fZh1yLI%2BekJzNKGOvVPQMsbxhVy2e9HXWwct1js1xGBwlKHONf9ljNakIA0rQwppD166PmjUKTlk4UGr34pWuY4JdsHVU8uym86OhANtD4uQm%2FkrCE%2Ft1GKrXoibvZG7PrAr8R7ifjb%2FgvvOsUabyH8Zy%3B%20hkp_campaign%3Dhome_page_dweb%252520%3B%20hkp_medium%3Demailer_NC%3B%20hkp_source%3Demailer_NC&ruleData=%7B%22city%22%3A%22New%20Delhi%22%7D&storage=%7B%22session%22%3A%7B%7D%2C%22local%22%3A%7B%7D%7D&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:4e00:1e:6c7e:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f3af7fc46ed6c6bf15919507a7cfb7561518075efd81e3541911977c754fba48

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Origin: https://www.1mg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 03:34:12 GMT
content-encoding: gzip
via: 1.1 3c07e6ef6fe5c74a2c43590885d64f70.cloudfront.net (CloudFront), 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified: Tue, 07 May 2024 10:55:30 GMT
server: nginx
x-amz-cf-pop: FRA60-P10, FRA56-P4
age: 2636
etag: W/"663a08a2-dc60"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200
x-amz-cf-id: _rS22zfV32qx04M8NzXU_5pLvv82-vfoA5qu0oK99Qbh-44GADH1KA==
expires: Wed, 05 Jun 2024 15:34:03 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame E5E5 0
0 40ms
40ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvK7yWvW6wAhOHlBGw2lRWGFbq_DodUkiStVzFOcIBMR-dO3FMpDDfgiiW_3QVnCXmGKrUdQkLRKHdEBPeMcnFOX-6zfNFjPf9A0kCwp6X47Mh0BcY3NOUNRxl8sSdPF5qqwj_W-PtfyeVn-CbqXLDF1jycz_0b15KbMqpvEE0ynV4q2SPR8nNjn5iuo42MuChJAyn0k0YJalElhu-Yg5Z3CpDopEXN8Rn3pYyCF83I1POJiOul4qR4Gmpy6Kp4tUHeJ-8JkRpoDtVaO2RoH-c2UkOry7KEfyTpZK-0U5ZqV2Du_o94KDtoQFv6yglNvLyK3_K7N4ReclIuRS5VbbRqNnC6gS_wLjJyCFBjBa3ngWXhAXoB7cNe2lw&sig=Cg0ArKJSzDMOiuPFF7smEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5E5 0
0 38ms
38ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:17:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
205 B 16ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1551685799&t=pageview&_s=1&dl=https%3A%2F%2Fwww.1mg.com%2F%3Freferrer%3Dsingular_click_id%253D8431f89a-8556-47d2-b2c6-8fd9c231caa7%26utm_campaign%3Dhome_page_dweb%2520%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC&ul=de-de&de=UTF-8&dt=Online%20Pharmacy%20India%20%7C%20Buy%20Medicines%20from%20India%27s%20Trusted%20Medicine%20Store%3A%201mg.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAQCACAAI~&jid=556768646&gjid=1370554804&cid=1216773524.1717561079&tid=UA-21820217-6&_gid=629734528.1717561080&_slc=1&gtm=45He4630n71KR9MB8v6472178za200&cd1=5cdca219-f09b-4c4e-8ebe-a037c07f13ec_SiAu1KLe3e_1167_1717561078248&cd4=0&cd7=default&cd20=New%20Delhi&cd33=Applicable%20%7C%20Shown&cd35=Applicable%20%7C%20Shown&cd47=Full&cd60=%22%22&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1366258422

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:17:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.1mg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 24ms
21ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-21820217-6&cid=1216773524.1717561079&jid=556768646&gjid=1370554804&_gid=629734528.1717561080&npa=1&_u=YCDAiEABBAQCAGAAI~&z=768652474

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jun 2024 04:17:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.1mg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1551685799&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.1mg.com%2F%3Freferrer%3Dsingular_click_id%253D8431f89a-8556-47d2-b2c6-8fd9c231caa7%26utm_campaign%3Dhome_page_dweb%2520%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC&ul=de-de&de=UTF-8&dt=Online%20Pharmacy%20India%20%7C%20Buy%20Medicines%20from%20India%27s%20Trusted%20Medicine%20Store%3A%201mg.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Home&ea=Page%20Load&_u=YCDACEABBAQCAGAAI~&jid=458094288&gjid=820553194&cid=1216773524.1717561079&tid=UA-21820217-6&_gid=629734528.1717561080&_r=1&gtm=45He4630n71KR9MB8v6472178za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=114852623

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:17:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.1mg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 U4ZFS2QH4VB65A54O43AEQ Show response
d.adroll.com/consent/check/ 496 B
589 B 105ms
32ms Script
application/javascript 2a05:d018:cc3:fe05:1e71:f4c5:d8ff:ac61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/U4ZFS2QH4VB65A54O43AEQ?pv=53648938867.15467&arrfrr=https%3A%2F%2Fwww.1mg.com%2F%3Freferrer%3Dsingular_click_id%253D8431f89a-8556-47d2-b2c6-8fd9c231caa7%26utm_campaign%3Dhome_page_dweb%2520%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC&_s=f7fcb0bf248e96e1132f5530aaf33317&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:1e71:f4c5:d8ff:ac61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: d382094a8c37174c10313addaecabbc1ce5d4948fbf56a5edfd8b8ae4f83327b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:17:59 GMT
server: nginx/1.22.1
content-length: 496
content-type: application/javascript

GET
H2

200

event Show response
widget.as.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=51601&v=5.24.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=N6k4kV81Y3g0Z3VMb3ZRcjVZUkg2QzNmN1Z4MEpLaEVaZDBZRH...
https://widget.as.criteo.com/event?a=51601&v=5.24.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=N6k4kV81Y3g0Z3VMb3ZRcjVZUkg2QzNmN1Z4MEpLaEVaZDBZRH...

10 KB
5 KB

855ms
270ms

Script
application/x-javascript

182.161.74.16
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.as.criteo.com/event?a=51601&v=5.24.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=N6k4kV81Y3g0Z3VMb3ZRcjVZUkg2QzNmN1Z4MEpLaEVaZDBZRHA2MyUyRm14M091WUVkWHFBRmVnaENGMWRmRXBQb254Yll6RGRjQ0FlYkU2dU1LMUVEU2ZidFJNU0hjN2liOGU5TUVzNEgyc3VPaXBBYTRQamp1ZWJNelQ4NlA0OSUyQjA4Z2FZUkFITCUyQlVqRkV5MWM1RXVpS1pFdVElM0QlM0Q&tld=1mg.com&fu=https%253A%252F%252Fwww.1mg.com%252F%253Freferrer%253Dsingular_click_id%25253D8431f89a-8556-47d2-b2c6-8fd9c231caa7%2526utm_campaign%253Dhome_page_dweb%252520%2526utm_medium%253Demailer_NC%2526utm_source%253Demailer_NC&ceid=85dfec3a-83fe-42e0-b32e-2389da6c0840&dtycbr=59306

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Server

182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

5e06009401fc87aacf3d8c2adfa2c1b168fabad313ad68d04a988a99eb83bb28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:18:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 7956656
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:17:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-origin: *
location: https://widget.as.criteo.com/event?a=51601&v=5.24.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=N6k4kV81Y3g0Z3VMb3ZRcjVZUkg2QzNmN1Z4MEpLaEVaZDBZRHA2MyUyRm14M091WUVkWHFBRmVnaENGMWRmRXBQb254Yll6RGRjQ0FlYkU2dU1LMUVEU2ZidFJNU0hjN2liOGU5TUVzNEgyc3VPaXBBYTRQamp1ZWJNelQ4NlA0OSUyQjA4Z2FZUkFITCUyQlVqRkV5MWM1RXVpS1pFdVElM0QlM0Q&tld=1mg.com&fu=https%253A%252F%252Fwww.1mg.com%252F%253Freferrer%253Dsingular_click_id%25253D8431f89a-8556-47d2-b2c6-8fd9c231caa7%2526utm_campaign%253Dhome_page_dweb%252520%2526utm_medium%253Demailer_NC%2526utm_source%253Demailer_NC&ceid=85dfec3a-83fe-42e0-b32e-2389da6c0840&dtycbr=59306
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 8065636
timing-allow-origin: *
content-length: 0
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 22ms
21ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-21820217-6&cid=1216773524.1717561079&jid=458094288&gjid=820553194&_gid=629734528.1717561080&npa=1&_u=YCDACEABBAQCAGAAI~&z=503218540

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jun 2024 04:17:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.1mg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 37ms
18ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-21820217-6&cid=1216773524.1717561079&jid=556768646&npa=1&_u=YCDAiEABBAQCAGAAI~&z=1587979845

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:17:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 19ms
18ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-21820217-6&cid=1216773524.1717561079&jid=556768646&npa=1&_u=YCDAiEABBAQCAGAAI~&z=1587979845

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:17:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 17ms
16ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-21820217-6&cid=1216773524.1717561079&jid=458094288&npa=1&_u=YCDACEABBAQCAGAAI~&z=1711526037

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:17:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 19ms
17ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-21820217-6&cid=1216773524.1717561079&jid=458094288&npa=1&_u=YCDACEABBAQCAGAAI~&z=1711526037

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:17:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 413 KB
83 KB 8ms
8ms Script
text/javascript 2600:9000:2644:cc00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:cc00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 07b09b318c1d52ee134b788ec7834744cb9e6fd4bc19663988534fc29c3e7b1c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Amz-Version-Id: OGpIu_84T3drKaDERUwfgDZMK.anucOX
Content-Encoding: gzip
Via: 1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
Date: Wed, 05 Jun 2024 04:15:54 GMT
Age: 126
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 29 May 2024 19:02:37 GMT
Server: AmazonS3
Etag: W/"5c3eafaf4760f345e170d1d226c98d22"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 9TCbS9qQVSrexM8sc_Fluv6Y0jQ6Em40cr1qOJjfX_bJBtbVLQxwnA==

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 7ms
7ms Image
image/png 2600:9000:2644:cc00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:cc00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date: Tue, 04 Jun 2024 15:28:29 GMT
Via: 1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
Age: 46171
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: uzbiwTPqJNUQzr0fbMw2NJVn1MFtqVA_kMH-cDTdLoxBtH51HRUYXQ==

GET
H3 200 1x1.gif
a.mgid.com/ 43 B
188 B 104ms
104ms Image
image/gif 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.mgid.com/1x1.gif?id=625948&type=c&tg=&r=https%3A%2F%2Fwww.1mg.com%2F%3Freferrer%3Dsingular_click_id%253D8431f89a-8556-47d2-b2c6-8fd9c231caa7%26utm_campaign%3Dhome_page_dweb%2520%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC&nv=1&clid=&d=1717561079981

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:18:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 88ed5b2dee0803e4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
293 B 520ms
86ms Script
application/javascript 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=00e24da221b37503a574c2af5a35cfc270

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 04:18:00 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 967342c29ffb251a5b2ba7827c5ff45e
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 00e24da221b37503a574c2af5a35cfc270 Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
515 B 1628ms
935ms Script
text/html 184.50.249.159
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/00e24da221b37503a574c2af5a35cfc270

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.50.249.159 Fortaleza, Brazil, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-50-249-159.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Wed, 05 Jun 2024 04:18:02 GMT
ob-sent-time: 1717561081970
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
X-TraceId: c34b21c8483e59bd1d82af3878a9595
Content-Length: 22
Expires: Wed, 05 Jun 2024 04:19:02 GMT

GET
H2 200 register-trigger
measurement-api.criteo.com/ 0
0 147ms
14ms Fetch 2a02:2638:3::19
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://measurement-api.criteo.com/register-trigger?partner_id=51601&uid=d3809c55-a7df-4ad2-a5fc-fa07d2855b15&event_name=Page&islcc=0&amount_local=0&amount_euro=0&client_side_event_id=85dfec3a-83fe-42e0-b32e-2389da6c0840

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/js-integrations/Fullstory.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::19 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:18:00 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0","priority":"0"}],"debug_key":"12807054782474415108","debug_reporting":true,"aggregatable_values":{},"aggregatable_source_registration_time":"include"}
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://www.1mg.com
access-control-allow-credentials: true
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E5E5 42 B
65 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstr63hiCReCJpHTfn-aUn81xZxIAdZYIa00a47PsfnD_gyO_8FX_au1lsbeen-u8YvQFqA2l_Y0FyRfqfxqm7MJKW-o303ljubfNLmZ6fBQL8wa1aEHT_Jz9injvQvGdvSs4p9nC5sD7fu6iBvP7Plk7c_2SBKD4pbfzGABexQ4jtc&sig=Cg0ArKJSzMWvNz6IS-DIEAE&id=lidar2&mcvt=1001&p=380,416,800.6875,1184&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240603&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=762095720&rs=4&la=1&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ%3D%3D&vs=4&r=v&co=1349387900&rst=1717561079630&rpt=165&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:18:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
511 B 105ms
86ms Ping
image/gif 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?optOut=false&bust=004921477812833408&referrer=&marketerId=00e24da221b37503a574c2af5a35cfc270&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.1mg.com%2F%3Freferrer%3Dsingular_click_id%253D8431f89a-8556-47d2-b2c6-8fd9c231caa7%26utm_campaign%3Dhome_page_dweb%2520%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC&g=1&obApiVersion=1.1&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 04:18:01 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: GET, POST
Content-Type: image/gif;
Access-Control-Allow-Origin: https://www.1mg.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-TraceId: 8368e2ec90b24e4666fc97924386b5b2
Access-Control-Allow-Headers: Content-Type, Authorization
Content-Length: 54

POST
H2 200 page Show response
rs.fullstory.com/rec/ 1 KB
788 B 234ms
211ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: ac885652cc1229cfefa2e72039f82a4e46b31c99bce56ced32a72b6e403a718a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Jun 2024 04:18:01 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.1mg.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 602

OPTIONS
H2 200 v2
asia.creativecdn.com/tags/ Frame 0
0 314ms
314ms Preflight 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/tags/v2?type=json&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.1mg.com
access-control-max-age: 3600
content-length: 0
date: Wed, 05 Jun 2024 04:18:01 GMT
vary: Origin

GET
H2 200 integrations Show response
rs.fullstory.com/rec/ 13 KB
13 KB 118ms
118ms Script
text/javascript 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/integrations?OrgId=11EGJ5
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: fc277dc3f55597c0a3c5001363166d58aea4103cd2adafde32773472bc7a4728

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:18:01 GMT
via: 1.1 google
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/javascript; charset=utf-8

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ Frame E5E5 273 KB
0 0ms
0ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0f7c8ca4341ce357e0424f80dd36181ae812a3449b09b5d7e804133df7c30ebf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Origin: https://www.1mg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:16:40 GMT
content-encoding: br
age: 79
x-guploader-uploadid: ABPtcPqsLDCWGubauD4s3FWAz8vCjcMB9Z88-VlMyhMzr8UJgUQrYMn7VHsciwRLuqZbJnHyb7Y
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75399
last-modified: Mon, 03 Jun 2024 19:13:28 GMT
server: UploadServer
etag: "9518bfdd8ce5a4d07426912e49eab44e"
vary: Accept-Encoding
x-goog-generation: 1717442008056727
x-goog-hash: crc32c=iqU1ow==, md5=lRi/3YzlpNB0JpEuSeq0Tg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 75399
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 05 Jun 2024 05:16:40 GMT

GET
H3 200 latest.js Show response
edge.fullstory.com/datalayer/v4/ 43 KB
12 KB 17ms
7ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/datalayer/v4/latest.js
Requested by: Host: rs.fullstory.com
URL: https://rs.fullstory.com/rec/integrations?OrgId=11EGJ5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b604f1e389d668b8535edb53e650780275dfa02e874ecc98c8f72c38662799f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:01:47 GMT
content-encoding: gzip
age: 974
x-guploader-uploadid: ABPtcPoDKYLhGE2CHnKqFIYbFJv9vETtx5-xPid95AiAe-PWfZP7bexu8VHeaX5ZoU1LpKwdQIqIsnIWgw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11986
last-modified: Fri, 10 May 2024 14:58:37 GMT
server: UploadServer
etag: "182b49f0262c0a0e6504cd3dfd20a137"
x-goog-generation: 1715353117275502
x-goog-hash: crc32c=cN3mUA==, md5=GCtJ8CYsCg5lBM09/SChNw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 11986
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 05 Jun 2024 05:01:47 GMT

GET
H2 200 ig-membership
asia.creativecdn.com/ Frame 378B 0
0 943ms
318ms Document
text/html 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/ig-membership?ntk=wIrhrfLtP1P6tooDxw_ZvCN3wNF278cBg_q8UqJMqCXpLoZx0KNk8L8WXWcDUOYv7-6vdHLCU8QCn4rksPzcoWcoebYdbqd2T_q76E5VH_c
Requested by: Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/UXVDxjkzyjivJA3pPnzU.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.1mg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
content-length: 573
content-type: text/html;charset=utf-8
date: Wed, 05 Jun 2024 04:18:02 GMT Wed, 05 Jun 2024 04:18:02 GMT
expires: Thu, 06 Jun 2024 04:18:02 GMT
vary: Accept-Encoding

GET
H2 200 topics-membership
asia.creativecdn.com/ Frame 378C 0
0 939ms
317ms Document
text/html 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/topics-membership?ntk=XO60xwt55n_WcjicvjUSHmfN7JzwYJn8HtIvIEnJ9NPafZVfTZutPSih_iH0n4V5IBelMRH6bwSuuFxQxE97_A57a5cGgjowvSwRJjb9yRY
Requested by: Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/UXVDxjkzyjivJA3pPnzU.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.1mg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
content-length: 488
content-type: text/html;charset=utf-8
date: Wed, 05 Jun 2024 04:18:02 GMT Wed, 05 Jun 2024 04:18:02 GMT
expires: Thu, 06 Jun 2024 04:18:02 GMT
vary: Accept-Encoding

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/setuid?entity=315&code=o6Nods45d3Di3CFX6rrHYlgIeZhzM553fIEutWuiHfg
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3Do6Nods45d3Di3CFX6rrHYlgIeZhzM553fIEutWuiHfg

43 B
1 KB

7ms
7ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3Do6Nods45d3Di3CFX6rrHYlgIeZhzM553fIEutWuiHfg

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:18:01 GMT
an-x-request-uuid: 44d831eb-2759-4e6d-9338-4b42b4e38430
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.74; 45.141.152.74; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:18:01 GMT
an-x-request-uuid: 33f5259b-fbb5-4f70-96e4-1a3b8cac64d1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D315%26code%3Do6Nods45d3Di3CFX6rrHYlgIeZhzM553fIEutWuiHfg
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.74; 45.141.152.74; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 22ms
22ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202405300101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35f63d40c13fd9bc071345d62d052b2c613b12ca776b8e24ceb866ddbff1a6fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:18:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12722
x-xss-protection: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame 4E99 87 KB
31 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: cdn.notifyvisitors.com
URL: https://cdn.notifyvisitors.com/ext/js/nv-banner-upl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:58:52 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame B576 170 B
409 B 59ms
17ms Image
image/png 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-ZKOINCjMt43DTq9-K6gvGUoezknEK3HEaWnuWA&google_cm&google_hm=ay1aS09JTkNqTXQ0M0RUcTktSzZndkdVb2V6a25FSzNIRWFXbnVXQQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:18:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame B576 43 B
235 B 59ms
15ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-nvCsESjMt43DTq9-K6gvGUoezkm5PgYbIGg-_A&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 04:18:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame B576
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3941302050542172321

43 B
370 B

15ms
14ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3941302050542172321

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:18:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1231945
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:18:02 GMT
an-x-request-uuid: 3dcdae2e-d978-48a5-86ea-88910ffa3544
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3941302050542172321
x-proxy-origin: 45.141.152.74; 45.141.152.74; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame B576 43 B
163 B 70ms
15ms Image
image/gif 89.149.192.201
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-s8IYpyjMt43DTq9-K6gvGUoezklINNMaWwSO6Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.201 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:18:02 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame B576 0
99 B 73ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-31EmrijMt43DTq9-K6gvGUoezkk42gDNeBW2qQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:18:02 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12875

GET
H2

200

RX-59d30fa0-8074-4caf-98a5-5a7b5c2e85d0-003
sync.targeting.unrulymedia.com/csync/ Frame B576
Redirect Chain

https://sync.1rx.io/usersync/criteodsp/k-HlgfNCjMt43DTq9-K6gvGUoezkknqIR3Zh4J4w
https://sync.1rx.io/usersync/criteodsp/k-HlgfNCjMt43DTq9-K6gvGUoezkknqIR3Zh4J4w?zcc=1&cb=1717561082963
https://sync.targeting.unrulymedia.com/csync/RX-59d30fa0-8074-4caf-98a5-5a7b5c2e85d0-003

43 B
378 B

57ms
15ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-59d30fa0-8074-4caf-98a5-5a7b5c2e85d0-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Wed, 05 Jun 2024 04:18:03 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-59d30fa0-8074-4caf-98a5-5a7b5c2e85d0-003
pragma: no-cache
date: Wed, 05 Jun 2024 04:18:02 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2 200 pixel
cm.adform.net/ Frame B576 43 B
163 B 107ms
28ms Image
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-FX7ncyjMt43DTq9-K6gvGUoezkm8i4grrmvNdQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:18:03 GMT
last-modified: Fri, 18 Nov 2022 14:41:46 GMT
server: nginx
accept-ranges: bytes
etag: "637799aa-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame B576 49 B
342 B 75ms
21ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Ota_ayjMt43DTq9-K6gvGUoezkminIo_ValRaA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:18:02 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame B576
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-tloQnijMt43DTq9-K6gvGUoezkllhlyVL75OGw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-tloQnijMt43DTq9-K6gvGUoezkllhlyVL75OGw&C=1

43 B
325 B

22ms
21ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-tloQnijMt43DTq9-K6gvGUoezkllhlyVL75OGw&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:18:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ddcO3bxU%2FiCpR2lAWsZf4%2FiYyEJbwdbaVraNziI8vEhGCp3HCLBS3xNmJnN37YR8XOCVfAmeupM%2BIjbTPvrihQJ407vA66cn8WAPMlsiq6T0uJdZc04OOZ4RA9wdD%2Fbr7I5Y"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 88ed5b40af519019-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:18:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xn%2FdpT68%2B9UEJT%2FJFKgA3L%2B8v5pfg52%2FngZBVhRjf2qSny0%2FKKNk27AEUzsCElY9v6DGarTFTCeBzeog%2FTRfU24rpAGCxcKp62Fjf358%2Bn1Wy26OlNrcvPS0aOQl6RjLTR7Z"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-tloQnijMt43DTq9-K6gvGUoezkllhlyVL75OGw&C=1
cache-control: no-cache
cf-ray: 88ed5b407f389019-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame B576
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=m9XJpVCBHsomUoNef0hXqsMLqxC7R1LF
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=m9XJpVCBHsomUoNef0hXqsMLqxC7R1LF

42 B
716 B

34ms
34ms

Image
image/gif

54.72.172.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=m9XJpVCBHsomUoNef0hXqsMLqxC7R1LF

Protocol

Server

54.72.172.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-172-22.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v061-0e44f6642.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Wed, 05 Jun 2024 04:18:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: VnWM5heaSZ4=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v061-0039776d2.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Wed, 05 Jun 2024 04:18:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: xA29QWOWSxM=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=m9XJpVCBHsomUoNef0hXqsMLqxC7R1LF
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame B576 43 B
1 KB 34ms
8ms Image
image/gif 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-QQ1ifCjMt43DTq9-K6gvGUoezkn7EsxmzVDgLQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 05 Jun 2024 04:18:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame B576 43 B
199 B 122ms
31ms Image
image/gif 18.202.102.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-5onqmCjMt43DTq9-K6gvGUoezkmhaeyDodoF-Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.202.102.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-102-64.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 05 Jun 2024 04:18:03 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame B576 42 B
274 B 39ms
16ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-VIEBiCjMt43DTq9-K6gvGUoezkmX369TF92HxQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:18:02 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 cksync.php
contextual.media.net/ Frame B576 57 B
813 B 1120ms
387ms Image
image/gif 23.37.12.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-HoLHsijMt43DTq9-K6gvGUoezkliWy9MkxEeeA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.12.27 Fortaleza, Brazil, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-12-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f77309a3390de4674d1b9179d69de9c1e284256e9c14bbf5a86e0c80586640bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 05 Jun 2024 04:18:04 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 57
x-mnet-hl2: E
expires: Wed, 05 Jun 2024 04:18:04 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame B576 0
883 B 35ms
9ms Image
text/html 18.159.17.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-BCWxqSjMt43DTq9-K6gvGUoezkk4IYAI2qqGZw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.17.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-17-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:18:03 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame B576 43 B
423 B 123ms
32ms Image
image/gif 54.171.168.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-0T9WxSjMt43DTq9-K6gvGUoezklm0oKu8L4EZQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.168.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-168-223.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:18:03 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame B576 0
218 B 340ms
85ms Image
text/plain 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-oEXKuCjMt43DTq9-K6gvGUoezkm_EIWAC4rgBQ&initiator=partner

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 04:18:03 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 17303e2af3bcf3690159355e956049b4
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame B576 0
225 B 79ms
22ms Image
text/html 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-8MNs6SjMt43DTq9-K6gvGUoezkngzK9cAMfCuA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/html; charset=utf-8
date: Wed, 05 Jun 2024 04:18:03 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame B576 0
239 B 73ms
8ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-CDQpEyjMt43DTq9-K6gvGUoezkmpNoNWj1Xs5g&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: ef823186f233724f4775c0c4b9549d14
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame B576 0
35 B 53ms
22ms Image
text/plain 52.57.182.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-hJi1AijMt43DTq9-K6gvGUoezkkQP-xQ18c93g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.182.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-182-118.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:18:03 GMT

GET
H2 200 um
criteo-sync.teads.tv/ Frame B576 23 B
163 B 1561ms
505ms Image
image/gif 23.37.13.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-17Z8JCjMt43DTq9-K6gvGUoezklsh8BDSyx6bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.13.101 Fortaleza, Brazil, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-13-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.1 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 05 Jun 2024 04:18:04 GMT
pragma: no-cache
date: Wed, 05 Jun 2024 04:18:04 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.1
content-length: 23
content-type: image/gif

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame B576 43 B
399 B 299ms
93ms Image
image/gif 2600:1f18:612b:4264:551d:13a8:79ea:bf3e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-PO78BCjMt43DTq9-K6gvGUoezklLRUY17U0iaw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:551d:13a8:79ea:bf3e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 05 Jun 2024 04:18:03 GMT
server: nginx
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame B576 37 B
140 B 33ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-Gr25LyjMt43DTq9-K6gvGUoezknjGzGGFx2Wew&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:18:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame B576 43 B
153 B 70ms
25ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-G1dbSyjMt43DTq9-K6gvGUoezkmb10s7svYhdg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 05 Jun 2024 04:18:03 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame B576 0
38 B 131ms
31ms Image
text/plain 52.209.221.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-aCp0WCjMt43DTq9-K6gvGUoezklJGdwXKwPxjA&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.221.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-221-228.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:18:03 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame B576 0
44 B 32ms
6ms Image
text/plain 52.57.190.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-dvYfiyjMt43DTq9-K6gvGUoezkluEQbLPfX4Vg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.190.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-190-200.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:18:03 GMT
server: awselb/2.0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame B576
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=10015&cid=k-FX7ncyjMt43DTq9-K6gvGUoezkm8i4grrmvNdQ
https://c1.adform.net/serving/cookie/match?CC=1&party=10015&cid=k-FX7ncyjMt43DTq9-K6gvGUoezkm8i4grrmvNdQ

35 B
600 B

28ms
28ms

Image
image/gif

37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=10015&cid=k-FX7ncyjMt43DTq9-K6gvGUoezkm8i4grrmvNdQ

Protocol

Server

37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:18:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:18:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://c1.adform.net/serving/cookie/match?CC=1&party=10015&cid=k-FX7ncyjMt43DTq9-K6gvGUoezkm8i4grrmvNdQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

POST
H2 204 rum Show response
www.1mg.com/cdn-cgi/ 0
168 B 16ms
15ms XHR
text/plain 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1mg.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Wed, 05 Jun 2024 04:18:02 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.1mg.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 88ed5b406b434d32-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 04:18:02 GMT

GET
H2 200 setuid
ib.adnxs.com/ Frame B576 43 B
1 KB 56ms
55ms Image
image/gif 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-p2RXWijMt43DTq9-K6gvGUoezknjZFtjWOn8Uw

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 04:18:03 GMT
an-x-request-uuid: 17e54936-8bf5-447c-84c2-4ba389640a24
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.74; 45.141.152.74; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 faviconRebrand.ico
www.1mg.com/ 1 KB
2 KB 422ms
422ms Other
image/x-icon 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1mg.com/faviconRebrand.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d694147f8b54ab72180558ee885ebb6be3f08bdf839d9da2a894534892375ef

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://cont-sites.bajajfinserv.in/ https://www.bajajfinserv.in/ https://www.1mg.com/ https://chatbot.tatadigital.com/ https://www.tatadigital.com/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:18:03 GMT
content-security-policy: frame-ancestors https://cont-sites.bajajfinserv.in/ https://www.bajajfinserv.in/ https://www.1mg.com/ https://chatbot.tatadigital.com/ https://www.tatadigital.com/
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload;
last-modified: Thu, 30 May 2024 14:39:12 GMT
server: cloudflare
cf-cache-status: BYPASS
etag: W/"537-18fc9f0ca80"
vary: Accept-Encoding
visitor-id: 5cdca219-f09b-4c4e-8ebe-a037c07f13ec_SiAu1KLe3e_1167_1717561078248
content-type: image/x-icon
cache-control: public, max-age=0
x-visitor-id: 5cdca219-f09b-4c4e-8ebe-a037c07f13ec_SiAu1KLe3e_1167_1717561078248
cf-ray: 88ed5b40bbb84d32-FRA

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CFE8 0
0 25ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.1mg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 35822
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Jun 2024 18:21:01 GMT
expires: Wed, 04 Jun 2025 18:21:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 updateViews Show response
www.notifyvisitors.com/user/notifications_v2/ 154 B
481 B 147ms
147ms Script
text/html 2600:9000:2359:2800:14:81fb:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.notifyvisitors.com/user/notifications_v2/updateViews?brandid=2023&notificationid=13453&pageUrl=https%3A%2F%2Fwww.1mg.com%2F%3Freferrer%3Dsingular_click_id%253D8431f89a-8556-47d2-b2c6-8fd9c231caa7%26utm_campaign%3Dhome_page_dweb%2520%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC&cookieData=%20_nv_sess%3D173339004.1717561079.JDYElUFvhaYoPXu86YaTFJ7iO6cCfW4rY4Qmtll3uDIEeZOOqJ%3B%20_nv_uid%3D173339004.1717561079.42f81233-eb33-4f6c-9860-d6ad3d0237df.1717561079.1717561079.1.0%3B%20_nv_utm%3D173339004.1717561079.1.1.dXRtc3JjPWVtYWlsZXJfTkN8dXRtY2NuPWhvbWVfcGFnZV9kd2ViK3x1dG1jbWQ9ZW1haWxlcl9OQ3x1dG1jdHI9KG5vdCBzZXQpfHV0bWNjdD0obm90IHNldCl8Z2NsaWQ9KG5vdCBzZXQp%3B%20_nv_did%3D173339004.1717561079.2001%3Aac8%3A20%3A3d00%3A1011%3A6799%3A5dbf%3A5e9b0xydx%3B%20_nv_hit%3D173339004.1717561079.cHZpZXc9MQ%3D%3D%3B%20_nv_banner_x%3D13453&js_callback=nvbanner_json1

Requested by

Host: cdn.notifyvisitors.com
URL: https://cdn.notifyvisitors.com/ext/js/nv-banner-upl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:2800:14:81fb:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8227ffc52bfabfd8a38a60e0f82571f68461fbd8f2a87a0f76f0b298cb520730

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:18:03 GMT
content-encoding: gzip
via: 1.1 f1b6636265d2ca44d8a0ca5488a5ec0c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P10
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-amz-cf-id: zDxNBL-pcre_1pWRAOtvXDVvezArsDPjw4NuATw8V8BNUivkF7KiyA==
x-xss-protection: 1; mode=block

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ Frame 4E99 273 KB
0 0ms
0ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0f7c8ca4341ce357e0424f80dd36181ae812a3449b09b5d7e804133df7c30ebf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Origin: https://www.1mg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:16:40 GMT
content-encoding: br
age: 79
x-guploader-uploadid: ABPtcPqsLDCWGubauD4s3FWAz8vCjcMB9Z88-VlMyhMzr8UJgUQrYMn7VHsciwRLuqZbJnHyb7Y
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75399
last-modified: Mon, 03 Jun 2024 19:13:28 GMT
server: UploadServer
etag: "9518bfdd8ce5a4d07426912e49eab44e"
vary: Accept-Encoding
x-goog-generation: 1717442008056727
x-goog-hash: crc32c=iqU1ow==, md5=lRi/3YzlpNB0JpEuSeq0Tg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 75399
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 05 Jun 2024 05:16:40 GMT

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ Frame DC8C 273 KB
0 0ms
0ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0f7c8ca4341ce357e0424f80dd36181ae812a3449b09b5d7e804133df7c30ebf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Origin: https://www.1mg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:16:40 GMT
content-encoding: br
age: 79
x-guploader-uploadid: ABPtcPqsLDCWGubauD4s3FWAz8vCjcMB9Z88-VlMyhMzr8UJgUQrYMn7VHsciwRLuqZbJnHyb7Y
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75399
last-modified: Mon, 03 Jun 2024 19:13:28 GMT
server: UploadServer
etag: "9518bfdd8ce5a4d07426912e49eab44e"
vary: Accept-Encoding
x-goog-generation: 1717442008056727
x-goog-hash: crc32c=iqU1ow==, md5=lRi/3YzlpNB0JpEuSeq0Tg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 75399
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 05 Jun 2024 05:16:40 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 197ms
188ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=11EGJ5&UserId=5460605141331968&SessionId=2250193340405793336&PageId=3717581901141227870&Seq=1&ClientTime=1717561084060&PageStart=1717561081334&PrevBundleTime=0&LastActivity=765&IsNewSession=true&ContentEncoding=gzip
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: d275d6bb9c6a52cb8a308721e547723d6e47ec38fc8a483e91494a52ba92b3ca

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.1mg.com
date: Wed, 05 Jun 2024 04:18:04 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H3 200 6e69b9f0-bc77-465b-8877-95784219853d_1715928287.png
onemg.gumlet.io/ 96 KB
96 KB 10ms
10ms Image
application/x-www-form-urlencoded 2600:9000:223f:8c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/6e69b9f0-bc77-465b-8877-95784219853d_1715928287.png?w=1067&h=250&format=auto

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:223f:8c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef76f5b1477899678208a85ad3654ceeae2c76d4dd935cddf53ac77daddd772e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.1mg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 May 2024 08:26:00 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 66471498e870f9ca71bdff4f
age: 1626723
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.037
alt-svc: h3=":443"; ma=86400
content-length: 97884
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: onemg.gumlet.io 2024-05-17
etag: "sevjh4h9qmf0"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: application/x-www-form-urlencoded
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: Origin
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Kb5vOoVwIFiXwmXBNUK-m-f0sly6wBpEH2xFRxRdLEbefkAZSUT11g==

POST
H2 200 track Show response
rudderapi.1mg.com/v1/ 2 B
79 B 192ms
192ms XHR
text/plain 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderapi.1mg.com/v1/track
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Basic MVh3MHIzaDVVa0poVGQ3aTRNeVdZeWpEUUZaOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
AnonymousId: MmI4OTIyOTgtYzc4OS00ZDUyLWI4MWYtNGJiOTYzZDVjZTUx
Content-Type: application/json
Referer: https://www.1mg.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 04:18:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.1mg.com
access-control-allow-credentials: true
cf-ray: 88ed5b4f2f6f2bdf-FRA
content-length: 2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202405300101&jk=3499300706681407&bg=!7u2l7aLNAAbEf60J5H87ADQBe5WfOBH9qcu3-wGCwSaE0a0BvZIsVFLxNrq9Hw41LVvxfzn3QqIJ2lmROo157hCWEho4AgAAAE1SAAAABGgBB34ANcmKf1IZtUTXRmtT6XSa5cnzxVPuCUBXoiIyBou3DVM_Cn06Vu2OT7L6JQpUAmd_UeiHsi2cmQKh9qW3Yfx3TMwmPE7aVyeeqwIMHqTHOJUYQhcUsFfNnKWUwzKTNobBQbLlFEbFHRK9Lo3akJwAoh-LrEN0XRorsTvuUzSAEVDOdYKNsJ5FE9AU8hUGAQ3HAdeGzsH49ni0TVEgtvGmKgeY-6-rhvJ1lWQf42GfpkZO0HTlfcAPrQ140MZADClcyPIpZE4sa3IAcqOFDpPSIXqoZOm43Lq_ujA-u7lqLA3TE-xQ834FoneboDmvpfHSDX3wbM7lmwhzDGqpfXekViuBRu7cKC2RjLrPrIBdabEkfvbXR6eLg5z6D759WfnHPaVt70wB7W6Sh66TaOUaKIYbAsVCy837HhyhCcKwo_fRQ6xYMB0xhGhS4M3KQoIDjvVul-Quv_TK7pq2zoWhEf9I-TYsaBNyyatxazHNHnFJWAkHxyY7rRZwt5G_1Je-sql80tNMgAqVs2PGrW7kSCfKyLQPD4V8iVerLlzfll-cuRMn9_Cez6GW6RFlWt8MCbOwx9NVjUa8b-KZbQFh-axja4-PkU5g2kM6zV_GsapL154_8sD4e6-fW2rZqCMfduZWbqRpyU7DkSyh20fL3ZoFWT2ISBqRpXqtsw2Mm8uDtalZ_xXNGVkBXUOxE4ClLkvgMJ5rWOhGkg9uBx1FzJaMoLbHgdwTN2uy5c5rBbiusy0fZGG3YrT2VQOiIfMHzTpkH-eG3sNZ8NZDZScaniojoLdIn5PQib5W1KjXsda60_a9d6f3SmmjfwszLUtDO3MsGInjMJx62ZtERuQzOwGLJ7ogK7pbJi4aMZSCOREzywL27YQWcGdMp5XjFxh6uz58_9f8klPOQesjS8a-UIu1WT4PyF8BRjUWKUTyk4Blj6aWUP3dBO9oSCjNtzd2ysa1c47W0TS0QA

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

87 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.1mg.com/	1970-01-21 06:42:01	Name: VISITOR-ID Value: 5cdca219-f09b-4c4e-8ebe-a037c07f13ec_SiAu1KLe3e_1167_1717561078248
www.1mg.com/	1970-01-20 21:49:13	Name: city Value: New%20Delhi
www.1mg.com/	1970-01-21 06:42:01	Name: abVisitorId Value: 321512
www.1mg.com/	1970-01-21 06:42:01	Name: abExperimentShow Value: false
www.1mg.com/	1970-01-20 21:06:02	Name: amoSessionId Value: b28e0bed-d68a-4523-8b92-1a98af307855
www.1mg.com/	1969-12-31 23:59:59	Name: _csrf Value: h3annzIs4KvhIHV9vlkSP9OO
www.1mg.com/	1969-12-31 23:59:59	Name: isLocaleRedirect Value: false
www.1mg.com/	1969-12-31 23:59:59	Name: isLocaleUIChange Value: false
.1mg.com/	1970-01-21 05:51:37	Name: rl_user_id Value: RudderEncrypt%3AU2FsdGVkX19ZLP1F7pOxZTbekgeMI%2F%2FFwG6uUrmwvkY%3D
.1mg.com/	1970-01-21 05:51:37	Name: rl_trait Value: RudderEncrypt%3AU2FsdGVkX1%2Brht43gKmjyixrkCPd2S1P9DfLYTNzHFw%3D
.1mg.com/	1970-01-21 05:51:37	Name: rl_group_id Value: RudderEncrypt%3AU2FsdGVkX18qigbwF4akUceOnnbswA5aKPQk%2FvL5VBk%3D
.1mg.com/	1970-01-21 05:51:37	Name: rl_group_trait Value: RudderEncrypt%3AU2FsdGVkX18%2B8Bv5D3yWmxyKZQYBGVbUJE0cxyk53l4%3D
.1mg.com/	1970-01-21 05:51:37	Name: rl_anonymous_id Value: RudderEncrypt%3AU2FsdGVkX1%2FZgeHE7UtGxhKW%2FtCr%2BorPdv%2FmTi0HBFphMdjdS3glFjfeQ8WolnrIhsGJ3VnTBFOo5EzFd1TlAw%3D%3D
.1mg.com/	1970-01-21 05:51:37	Name: rl_page_init_referrer Value: RudderEncrypt%3AU2FsdGVkX18jjQMbVvTE5s3U4aBdyCDnTu2TAUhL%2F2E%3D
.1mg.com/	1970-01-21 05:51:37	Name: rl_page_init_referring_domain Value: RudderEncrypt%3AU2FsdGVkX1%2FDbaK0Z3d7btBqcmQfYq5y6HfxlRuDDNs%3D
.1mg.com/	1970-01-20 23:15:37	Name: _fbp Value: fb.1.1717561078840.503336058341010459
www.1mg.com/	1970-01-20 21:49:13	Name: geolocation Value: false
www.1mg.com/	1969-12-31 23:59:59	Name: synapse:init Value: false
www.1mg.com/	1969-12-31 23:59:59	Name: synapse:platform Value: web
www.1mg.com/	1970-01-20 21:08:25	Name: session Value: wYvt2v472PvXXx4VdRMrug.-XuRmc964liQaTX5EimFbIk_gjBe8anW7La_2ADq8_h4GeZyyIUQ07TRlvFDimNntcVTBcN42DKwLHt7qfl4pedCYQTeJKWIOLxRAsAAgMtJIHMQ6-h5W6OxYI-qrrnlJCmaARfuye15Tg4a4BkM5g.1717561079165.144000000.nRIDS4DXOF0kl6a8nKOCDWNyL_8b4S8IsEBC_LZLoCM
.mgid.com/	1970-01-20 21:06:02	Name: __cf_bm Value: WHdOqitkCnFVF5gG1waqms7gXHCQfkL_qlVHSvdFSLo-1717561079-1.0.1.1-6_GEsSQ6gkNaehAeXF5KbIBoDwm3m7KID0GbIzh9gABvOOIwa6dDCHCGIRWWdV4gCntlOyCcZXbxsHDrxWivgg
.1mg.com/	1970-01-20 21:07:27	Name: _uetsid Value: 97a5f70022f211ef99f0b58a2f99b880
.1mg.com/	1970-01-21 06:27:37	Name: _uetvid Value: 97a63e8022f211ef84e93bfbc2ac0ac7
.1mg.com/	1970-01-20 23:15:37	Name: _gcl_au Value: 1.1.887995713.1717561079
.bing.com/	1970-01-21 06:27:37	Name: MUID Value: 251AAB9F67866D301CA1BF0A66546CB4
www.1mg.com/	1970-01-20 21:49:13	Name: hkp_campaign Value: home_page_dweb%2520
www.1mg.com/	1970-01-20 21:49:13	Name: hkp_medium Value: emailer_NC
www.1mg.com/	1970-01-20 21:49:13	Name: hkp_source Value: emailer_NC
.1mg.com/	1970-01-20 23:15:37	Name: MgidSensorNVis Value: 1
.1mg.com/	1970-01-20 23:15:37	Name: MgidSensorHref Value: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC
www.1mg.com/	1970-01-21 05:51:44	Name: __rtbh.lid Value: %7B%22eventType%22%3A%22lid%22%2C%22id%22%3A%22jQ7o2TSSVITLkvak7HKN%22%7D
.1mg.com/	1970-01-21 06:42:01	Name: _ga_1HF6RR2VT7 Value: GS1.1.1717561079.1.0.1717561079.0.0.0
.1mg.com/	1970-01-21 06:42:01	Name: _ga_NPGHGVF7FB Value: GS1.1.1717561079.1.0.1717561079.60.0.0
.notifyvisitors.com/	1970-01-21 06:42:01	Name: nv_userdevice Value: 2001%3Aac8%3A20%3A3d00%3A1011%3A6799%3A5dbf%3A5e9b0xydx
.1mg.com/	1970-01-21 05:51:37	Name: singular_device_id Value: 2ec7cefd-8858-4bf2-8eaf-f8383bf3cfea
.1mg.com/	1970-01-20 21:06:02	Name: _nv_sess Value: 173339004.1717561079.JDYElUFvhaYoPXu86YaTFJ7iO6cCfW4rY4Qmtll3uDIEeZOOqJ
.1mg.com/	1970-01-21 06:42:01	Name: _nv_uid Value: 173339004.1717561079.42f81233-eb33-4f6c-9860-d6ad3d0237df.1717561079.1717561079.1.0
.1mg.com/	1970-01-21 01:28:49	Name: _nv_utm Value: 173339004.1717561079.1.1.dXRtc3JjPWVtYWlsZXJfTkN8dXRtY2NuPWhvbWVfcGFnZV9kd2ViK3x1dG1jbWQ9ZW1haWxlcl9OQ3x1dG1jdHI9KG5vdCBzZXQpfHV0bWNjdD0obm90IHNldCl8Z2NsaWQ9KG5vdCBzZXQp
.1mg.com/	1970-01-21 06:42:01	Name: _nv_did Value: 173339004.1717561079.2001:ac8:20:3d00:1011:6799:5dbf:5e9b0xydx
.criteo.com/	1970-01-21 06:27:37	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 06:27:37	Name: uid Value: d3809c55-a7df-4ad2-a5fc-fa07d2855b15
.1mg.com/	1970-01-20 21:06:04	Name: AMP_TOKEN Value: %24NOT_FOUND
.1mg.com/	1970-01-21 06:42:01	Name: _ga Value: GA1.2.1216773524.1717561079
.1mg.com/	1970-01-20 21:07:27	Name: _gid Value: GA1.2.629734528.1717561080
.1mg.com/	1970-01-20 21:06:01	Name: _dc_gtm_UA-21820217-6 Value: 1
.1mg.com/	1970-01-20 21:06:01	Name: _gat_UA-21820217-6 Value: 1
.1mg.com/	1970-01-21 06:35:25	Name: cto_bundle Value: N6k4kV81Y3g0Z3VMb3ZRcjVZUkg2QzNmN1Z4MEpLaEVaZDBZRHA2MyUyRm14M091WUVkWHFBRmVnaENGMWRmRXBQb254Yll6RGRjQ0FlYkU2dU1LMUVEU2ZidFJNU0hjN2liOGU5TUVzNEgyc3VPaXBBYTRQamp1ZWJNelQ4NlA0OSUyQjA4Z2FZUkFITCUyQlVqRkV5MWM1RXVpS1pFdVElM0QlM0Q
measurement-api.criteo.com/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.creativecdn.com/	1970-01-21 05:51:37	Name: g Value: HULOD2fhWMxctgNmbMBX_1717561081142
.creativecdn.com/	1970-01-21 05:51:37	Name: c Value: HULOD2fhWMxctgNmbMBX_UXVDxjkzyjivJA3pPnzU_1717561081142
.creativecdn.com/	1970-01-21 05:51:37	Name: ts Value: 1717561081
.1mg.com/	1970-01-21 05:51:37	Name: fs_uid Value: #11EGJ5#5460605141331968:2250193340405793336:::#/1749097080
www.1mg.com/	1970-01-20 21:06:01	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1717561081541%7D
.creativecdn.com/	1970-01-21 05:51:37	Name: ar_debug Value: 1
.creativecdn.com/	1970-01-21 01:25:13	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 23:15:37	Name: XANDR_PANID Value: O8kvkpRgY8-vEbieMpvWRtqXNpXVSIFLYu2uF8tFnCkSR3B928PidLl0eQAyYHMcW33WhWWs0Sm7jZgkOwKeatjNLhbJnIgU78gcF6bYJf4.
.adnxs.com/	1970-01-21 06:42:01	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 23:15:37	Name: uuid2 Value: 3941302050542172321
www.1mg.com/	1970-01-20 21:07:11	Name: shw_13453 Value: 1
.criteo.com/	1970-01-21 06:27:37	Name: cto_bundle Value: YQeJ1l9JTmRHVSUyQmlOVnI0QTNBRXRaSTZ4dDZRVTlXc1klMkZaajB5aWFtZm1QWUo3S05uOEFZUmVNSTZyRVZ2Z0VDTjN1YQ
.casalemedia.com/	1970-01-21 05:51:37	Name: CMID Value: Zl-m.lVbLW4AAEHjALF6YgAA
.casalemedia.com/	1970-01-20 23:15:37	Name: CMPS Value: 5196
.casalemedia.com/	1970-01-20 23:15:37	Name: CMPRO Value: 5196
.1rx.io/	1970-01-21 05:51:37	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-59d30fa0-8074-4caf-98a5-5a7b5c2e85d0-003%22%7D
.omnitagjs.com/	1970-01-20 21:49:13	Name: ayl_visitor Value: 3af294ec87f1c7b1820ac3383374c9f7
exchange.mediavine.com/	1970-01-20 21:26:10	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2299d72ae0-22f2-11ef-83ba-19b6bbd2caab%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 21:26:10	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2299d72ae0-22f2-11ef-83ba-19b6bbd2caab%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 21:26:10	Name: am_tokens Value: %7B%22mv_uuid%22%3A%2299d72ae0-22f2-11ef-83ba-19b6bbd2caab%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 21:26:10	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2299d72ae0-22f2-11ef-83ba-19b6bbd2caab%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 21:26:10	Name: criteo Value: %7B%22id%22%3A%22k-BCWxqSjMt43DTq9-K6gvGUoezkk4IYAI2qqGZw%22%2C%22version%22%3A%22criteo%22%7D
.adnxs.com/	1970-01-20 23:15:37	Name: anj Value: dTM7k!M40dWIy(ghqdmU(7TQr2Op/#?nHzNW9TfRh0MLZLmoREv)T+eCvL5ea-a!hBJ8.::E<`6Y-0:?(RFNZTdDMX!#s=nQHveG%B`ehn5mC0Kf+%ekZIYe52XzBD<0_(^BITBDQ1(qRHFq^ZvtowXyeB-^^J%2N_'1b/(V%lZ+pt!=.gLHHXs6>J0ubUz
.targeting.unrulymedia.com/	1970-01-21 05:51:37	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-59d30fa0-8074-4caf-98a5-5a7b5c2e85d0-003%22%7D
.1mg.com/	1970-01-21 01:25:13	Name: _nv_banner_x Value: 13453
.postrelease.com/	1970-01-21 05:51:37	Name: opt_out Value: 1
.demdex.net/	1970-01-21 01:25:13	Name: demdex Value: 21317795305760548123826634813939455011
.dpm.demdex.net/	1970-01-21 01:25:13	Name: dpm Value: 21317795305760548123826634813939455011
.1mg.com/	1970-01-21 01:28:49	Name: _nv_hit Value: 173339004.1717561079.cHZpZXc9MXxidmlldz1bIjEzNDUzIl0=
.adform.net/	1970-01-20 21:49:13	Name: C Value: 1
.adform.net/	1970-01-20 22:32:25	Name: uid Value: 1706863332194062995
.tremorhub.com/	1970-01-21 05:51:57	Name: tvid Value: ae45687d7dcd416386d5e2e34abd8536
.tremorhub.com/	1970-01-20 21:49:13	Name: tv_UICR Value: k-PO78BCjMt43DTq9-K6gvGUoezklLRUY17U0iaw
www.1mg.com/	1970-01-20 21:16:05	Name: AWSALBTG Value: VyPNQ7VEWTAYS3yIdUGe347XVN48OqY/XHFI7V7vbn5Fjvmu4VNdPNc4ijqK9SslpAQkbkmW5SvJgCGXBnvhzyF7i2DTIZubBlsJG9Pd44wjnNLT8Eetx08tHH8VZxL/9JbTPmrf0rtzirp/+nAB5ukg317W4P660MHQAXf6ZFvm
www.1mg.com/	1970-01-20 21:16:05	Name: AWSALBTGCORS Value: VyPNQ7VEWTAYS3yIdUGe347XVN48OqY/XHFI7V7vbn5Fjvmu4VNdPNc4ijqK9SslpAQkbkmW5SvJgCGXBnvhzyF7i2DTIZubBlsJG9Pd44wjnNLT8Eetx08tHH8VZxL/9JbTPmrf0rtzirp/+nAB5ukg317W4P660MHQAXf6ZFvm
.media.net/	1970-01-21 05:51:37	Name: visitor-id Value: 3605626835428242000V10
.media.net/	1970-01-20 21:49:13	Name: data-c-ts Value: 1717561083
.media.net/	1970-01-20 21:49:13	Name: data-c Value: k-HoLHsijMt43DTq9-K6gvGUoezkliWy9MkxEeeA~~3
.1mg.com/	1970-01-21 05:51:37	Name: rl_session Value: RudderEncrypt%3AU2FsdGVkX1%2FFQT0eH%2BIUwwT2bzEyP2MVXEzzqSVxG0RnEPJ%2BFRQJq8SJOYvTB7rbeCraNbG4VRcu7jg%2BDcMOrXY0%2Bh3npsEwPtfGyqAssZlEn7XxLZFb3tc4jdEAzfys0nQXWZXsgCkNxiCJIq%2Bzdw%3D%3D

71 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: https://sslwidget.criteo.com/event?a=51601&v=5.24.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=N6k4kV81Y3g0Z3VMb3ZRcjVZUkg2QzNmN1Z4MEpLaEVaZDBZRHA2MyUyRm14M091WUVkWHFBRmVnaENGMWRmRXBQb254Yll6RGRjQ0FlYkU2dU1LMUVEU2ZidFJNU0hjN2liOGU5TUVzNEgyc3VPaXBBYTRQamp1ZWJNelQ4NlA0OSUyQjA4Z2FZUkFITCUyQlVqRkV5MWM1RXVpS1pFdVElM0QlM0Q&tld=1mg.com&fu=https%253A%252F%252Fwww.1mg.com%252F%253Freferrer%253Dsingular_click_id%25253D8431f89a-8556-47d2-b2c6-8fd9c231caa7%2526utm_campaign%253Dhome_page_dweb%252520%2526utm_medium%253Demailer_NC%2526utm_source%253Demailer_NC&ceid=85dfec3a-83fe-42e0-b32e-2389da6c0840&dtycbr=59306 Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1mg.com/?referrer=singular_click_id%3D8431f89a-8556-47d2-b2c6-8fd9c231caa7&utm_campaign=home_page_dweb%20&utm_medium=emailer_NC&utm_source=emailer_NC Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6a5414336da80c268bd0ad7124248bed.safeframe.googlesyndication.com
a.mgid.com
a.twiago.com
accounts.tatadigital.com
ad.360yield.com
ajax.googleapis.com
ampcid.google.com
ampcid.google.de
amplify.outbrain.com
api.rudderstack.com
asia.creativecdn.com
assets.1mg.com
bat.bing.com
c1.adform.net
cdn.notifyvisitors.com
cdn.ravenjs.com
cdn.rudderlabs.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d.adroll.com
dis.criteo.com
dpm.demdex.net
e1.emxdgt.com
eb2.3lift.com
edge.fullstory.com
exchange.mediavine.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
jadserve.postrelease.com
ltvsnl2.ltncapp01.com
match.sharethrough.com
matching.ivitrack.com
measurement-api.criteo.com
onemg.gumlet.io
onemg.sng.link
pagead2.googlesyndication.com
pixel.rubiconproject.com
r.casalemedia.com
region1.analytics.google.com
region1.google-analytics.com
rs.fullstory.com
rtb-csync.smartadserver.com
rudderapi.1mg.com
s.adroll.com
sdk-api-v1.singular.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
sslwidget.criteo.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.1rx.io
sync.outbrain.com
sync.targeting.unrulymedia.com
tags.creativecdn.com
tpc.googlesyndication.com
tr.outbrain.com
visitor.omnitagjs.com
wave.outbrain.com
web-sdk-cdn.singular.net
widget.as.criteo.com
www.1mg.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.notifyvisitors.com
x.bidswitch.net
accounts.tatadigital.com
pagead2.googlesyndication.com
103.132.192.30
104.18.36.155
104.83.4.122
104.83.4.64
13.225.78.93
13.248.245.213
141.226.228.48
142.250.186.98
162.19.138.119
178.250.1.9
18.159.17.218
18.202.102.64
182.161.74.16
184.50.249.159
185.255.84.153
185.64.191.210
2001:4860:4802:34::36
23.37.12.27
23.37.13.101
2600:1f18:612b:4264:551d:13a8:79ea:bf3e
2600:9000:223e:4e00:1e:6c7e:cb00:93a1
2600:9000:223f:8c00:d:a7d1:b5c0:93a1
2600:9000:2359:2800:14:81fb:1e80:93a1
2600:9000:2644:cc00:6:9280:1080:93a1
2600:9000:275d:3600:16:a497:9700:93a1
2606:4700:10::6814:d632
2606:4700:1::6813:854c
2606:4700::6810:5049
2620:1ec:c11::237
2a00:1450:4001:800::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:812::2001
2a00:1450:4001:813::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c1b::9a
2a02:2638:3::19
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:7100::1720:eec2
2a02:6ea0:c700::19
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::729
2a05:d018:cc3:fe05:1e71:f4c5:d8ff:ac61
34.117.157.22
35.186.194.58
35.201.112.186
35.214.149.91
37.157.3.20
37.157.5.133
37.252.173.215
46.228.174.117
52.209.221.228
52.57.182.118
52.57.190.200
54.171.168.223
54.72.172.22
65.1.226.94
69.173.144.139
70.42.32.31
85.215.5.31
89.149.192.201
00ad6250e247f48ce39134d51bc29b0bb689b59564d6412d2649ad3a2801aa32
00ea35066ac2d3866e2b171191643fd38c03ec5f358237d0e89c13364641732d
02eee1baa62e5dfb787d85763f1b9893f082683a294b44fda6e572aeabca8392
039027fdfb64d533991b24885cf5d2cb4ca2ce917d9b4c73f464fe0cc015024f
06737bc48c0d965480e5eb9c32d7b2062b4f580e31d93fe5d3ad7a8e2d7ac107
07b09b318c1d52ee134b788ec7834744cb9e6fd4bc19663988534fc29c3e7b1c
07c1735f7c5a9d4d682a8d8a61baa39f3f05e7963452c22ac5294464a05c4f6f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f7c8ca4341ce357e0424f80dd36181ae812a3449b09b5d7e804133df7c30ebf
120a4eb7cbf17a401cce3ddaf50b1aa20e4ebf96e8cdb48839a91a4738a49507
16531d6c1e30aca566a4ac3fb156e48989861a070e3bb85f740335c333bb4ab3
18c9ba87f79fa2e3d7147d11b0a1c525969bb4b18c6d97cbfe9cdb9e0176f284
1cfd5dd277a394bbee2f64b2e293db2b0336aa9911223e3a0434d17308a08894
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
229b005e2be041608b705607939624dfc0758f970a29d2c766bc53018c1d9fb4
244a5d764dd071a482ce2ca3d3f6e864b0bc509ffb36f0326c7b9985b6569bdc
2dee4daa0b2fd942361f7a4787834b8e40c476f56c4c2c6ebbf064d43cba1795
2ec9e8acc9f901be8c73a102c7cf326dbd4c3354f12ba46953fbb2a472d49dd2
3153f1854f115ae7533a2e7d13c29ec025978a7c642b8c60b5b60721a898ec13
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35f63d40c13fd9bc071345d62d052b2c613b12ca776b8e24ceb866ddbff1a6fb
387c2c6402caf8fa90bd2c0d15dc315fd6707db795dd35d2aa6056be73af0361
3b604f1e389d668b8535edb53e650780275dfa02e874ecc98c8f72c38662799f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45d2c055791d072ed388bb395f90aaebf2425189bbd03942b8f60855ba4f6988
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b9bac858acbb3b447b2d63bc6834014aecea6191a95d46d47e3f166fc182bab
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53f43f7a0d0a67ed43aa343d0d3c18acf4df593b608fe5e04b16c1f67af3a65b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55f017283179055aaeb5642ae7bae973299c19504016022e279e9f9d653c2a52
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5d694147f8b54ab72180558ee885ebb6be3f08bdf839d9da2a894534892375ef
5e06009401fc87aacf3d8c2adfa2c1b168fabad313ad68d04a988a99eb83bb28
602358d68544ed2d54986ebd6ae716461cd6d68433e99f2e1ca63d2a284034c3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
642f7f1afc83ff364ec3ea2e2a97be46af8507ed361b0f719ef168c89c1f21c2
68b1bfa295429f6c9be793b0daf7ed0dcad6959e42a1ae57e983d206cb366792
6f993153efcc7420f89746666b7ad09cfa914fcd866ca4ed932ecd544b5d4016
70b5da9ec7021d319b0feca1dd271703b35e4769a79693818f485887ee3cf014
748754eccccb46d25fed1dfe75a1b239668c4d6af51fdcdbabcb3fc8de59a95b
7e0b1b7ea0f2f228044e927db965182d8dac1d16ee5791105b7274b571e71411
8227ffc52bfabfd8a38a60e0f82571f68461fbd8f2a87a0f76f0b298cb520730
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87fef9686ea69553a8cc543478bb2eb8f81f2a97ca12c5873211da5bd6369de5
8968952133b3bb3967e6dbb69f8b4b294d5acfa420816ecf3e0da0dd86a131ef
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a49ea5083c8030f058182dcd6ae7da0960e68a0d762f71e8e8375f5732fb2fb
8c2dae0d93380e1cca1ed3cb66cadab9659b6c215b2f9e1381ec5c31d5c3ab2f
913d7e209b69e0165ba3c05335f9f69dc9c9ccdd3ffb69fcd659c7ac86cef79b
94f9e180adb7145ad009a8b42ad69f636e67d6827589ad36c3ae0a92f49f7249
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a7616157191cea33870e61c8f37b9842c4a63088c5821eeee34e570679e904f
9ed48ac96631b01913a1fd9a137615d166861ba8e8a4ba23f8bb609e178ef7a4
9f33dd00f84462acb293331e7cc6913bd7fa68a04828782c516c3d231fefdf0c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d
a365e6c3e212e2f61ed61bdbbfb1d617538e2a23aeee47dac97e980083faddc6
a5e810c538d9ac115faaaa527625164da813013d225ad8b3f7bf19a3ccc409f2
a5f20e9b821bed653ca955a4f1a07f3ccb774616234e9b74f1d604c81b7a84a0
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac885652cc1229cfefa2e72039f82a4e46b31c99bce56ced32a72b6e403a718a
ad6c2c0fc874ba4ce8e30e31a87d0aa06490ce1a8e0e16b16551c1781815ccc4
ae9c236263cb8e8f25952636acbe3086558d6d6097aec1f57eddf5bdb77f2ad0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22a050d932d3e45a382251c3c3357a2e33f9aa3569ec35f8248d22112f855c7
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b7cc4fb8769e3877813e4a5e3fa911d1c3d44317462752c540ad764a3e643352
b7d268782abc0bf36222d894b73825051c6a6ba9009e2c49417828f2ccfc3559
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bf4084fed3de0377f36385aca1ed62af8daa37cc4756b6a1640e874011824284
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb00a860660974b25947b756849035378feb8893f3699e16d391cabbf8374f2d
cd374bea8f2cce1e9514e9f9a7af6cd7efbb566a5eea5cda53affc1391ada818
cd794281e9928f14810a8a6cb332da93a053661f5e30ed51bc2186237d423650
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d275d6bb9c6a52cb8a308721e547723d6e47ec38fc8a483e91494a52ba92b3ca
d382094a8c37174c10313addaecabbc1ce5d4948fbf56a5edfd8b8ae4f83327b
d3c2f5bfe4c9152aa9466dd2ad3e17eae58c06b47edc68270f1935d1a994068b
d6cf4e7f02d4b0427aeb1e8ecdb04df15e29bf295793410d53baf0083b9441a7
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddb459f341fe3717372b613db375fc1e2886da52acd6fc8eb06a4228ae60de54
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df89109a4619b412c75d063662f307c519859e8f109030107a157ae1b6827714
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef76f5b1477899678208a85ad3654ceeae2c76d4dd935cddf53ac77daddd772e
f3af7fc46ed6c6bf15919507a7cfb7561518075efd81e3541911977c754fba48
f77309a3390de4674d1b9179d69de9c1e284256e9c14bbf5a86e0c80586640bd
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9d5b667c6b7e4e03152a7ecb28b091672b7112489fb3b7e1d95e1c76c5206ed
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7
fc277dc3f55597c0a3c5001363166d58aea4103cd2adafde32773472bc7a4728
fd2c4520a3d59da0d21fbe3d009df84ff3e448c28f7c88807fc277038f7ae9ed

www.1mg.com Open in urlscan Pro 2606:4700:10::6814:d632 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

155 Requests

93 %HTTPS

48 %IPv6

54 Domains

78 Subdomains

68 IPs

13 Countries

2654 kBTransfer

8879 kBSize

87 Cookies

2 Outgoing links

Page URL History

Redirected requests

155 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.1mg.com Open in urlscan Pro
2606:4700:10::6814:d632 Public Scan

Screenshot
Live screenshot

Full Image

155
Requests

93 %
HTTPS

48 %
IPv6

54
Domains

78
Subdomains

68
IPs

13
Countries

2654 kB
Transfer

8879 kB
Size

87
Cookies

155 HTTP transactions
1 data transactions