urlscan.io logo urlscan.io
SecurityTrails logo

start.mybluelight.com Open in urlscan Pro
64.136.53.44  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://webmaila.mybluelight.com/
Effective URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Submission: On May 06 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 115 IPs in 13 countries across 114 domains to perform 708 HTTP transactions. The main IP is 64.136.53.44, located in United States and belongs to AS-NETZERO, US. The main domain is start.mybluelight.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 24th 2020. Valid for: a year.
This is the only time start.mybluelight.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 64.136.53.59 13446 (AS-NETZERO)
1 25 64.136.53.44 13446 (AS-NETZERO)
3 64.136.45.33 13446 (AS-NETZERO)
1 64.136.44.17 13446 (AS-NETZERO)
2 2a00:1450:400... 15169 (GOOGLE)
3 64.136.53.83 13446 (AS-NETZERO)
12 64.136.44.49 13446 (AS-NETZERO)
20 20 2600:9000:210... 16509 (AMAZON-02)
20 2a04:4e42:1b:... 54113 (FASTLY)
1 64.136.53.30 13446 (AS-NETZERO)
2 151.101.13.108 54113 (FASTLY)
1 46 172.217.23.98 15169 (GOOGLE)
5 65.9.86.127 16509 (AMAZON-02)
3 2a02:2638:1::3 44788 (ASN-CRITE...)
3 8 216.52.2.39 29791 (VOXEL-DOT...)
5 35.157.246.167 16509 (AMAZON-02)
1 34.120.133.55 15169 (GOOGLE)
1 2.21.111.28 16625 (AKAMAI-AS)
1 213.19.162.61 26667 (RUBICONPR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
3 14 35.244.159.8 15169 (GOOGLE)
9 21 185.33.221.14 29990 (ASN-APPNEX)
5 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 178.250.2.131 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
36 2a00:1450:400... 15169 (GOOGLE)
21 2.18.234.190 16625 (AKAMAI-AS)
43 2a00:1450:400... 15169 (GOOGLE)
3 65.9.73.58 16509 (AMAZON-02)
1 3 151.101.114.137 54113 (FASTLY)
2 104.16.88.26 13335 (CLOUDFLAR...)
11 2a00:1450:400... 15169 (GOOGLE)
2 10 52.95.124.165 16509 (AMAZON-02)
1 208.100.17.187 32748 (STEADFAST)
1 13.225.74.107 16509 (AMAZON-02)
3 2.18.232.28 16625 (AKAMAI-AS)
2 104.16.39.14 13335 (CLOUDFLAR...)
16 3.21.99.24 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
5 14 64.202.112.63 22075 (AS-OUTBRAIN)
1 67.202.110.24 32748 (STEADFAST)
1 151.101.1.194 54113 (FASTLY)
2 208.100.17.190 32748 (STEADFAST)
3 151.101.14.132 54113 (FASTLY)
2 18.195.155.181 16509 (AMAZON-02)
3 11 2.18.234.21 16625 (AKAMAI-AS)
14 2.18.233.180 16625 (AKAMAI-AS)
3 3 3.126.56.137 16509 (AMAZON-02)
3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
6 6 2620:116:800d... 16509 (AMAZON-02)
9 11 37.157.6.252 198622 (ADFORM)
9 13 52.208.69.189 16509 (AMAZON-02)
24 64 142.250.186.162 15169 (GOOGLE)
12 12 52.49.40.147 16509 (AMAZON-02)
22 216.52.2.30 30282 (AS-INAPCD...)
4 4 193.0.160.129 54312 (ROCKETFUEL)
12 12 213.19.147.45 26120 (RHYTHMONE)
1 1 52.21.173.249 14618 (AMAZON-AES)
1 52.45.248.59 14618 (AMAZON-AES)
3 50.31.142.31 23352 (SERVERCEN...)
3 62.113.194.12 47447 (TTM)
10 151.101.14.137 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
1 72.21.206.140 16509 (AMAZON-02)
1 2 52.18.91.199 16509 (AMAZON-02)
1 52.4.51.239 14618 (AMAZON-AES)
3 169.197.150.7 398989 (DEEPINTENT)
7 7 151.101.114.49 54113 (FASTLY)
3 9 65.9.73.74 16509 (AMAZON-02)
6 2600:1f18:e8a... 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 185.64.189.115 62713 (AS-PUBMATIC)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
40 143.204.98.66 16509 (AMAZON-02)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 2 104.111.242.245 16625 (AKAMAI-AS)
1 2600:1f18:612... 14618 (AMAZON-AES)
2 104.111.230.142 16625 (AKAMAI-AS)
3 3 159.65.196.12 14061 (DIGITALOC...)
1 1 81.222.128.216 20597 (ELTEL-AS)
1 1 65.9.73.3 16509 (AMAZON-02)
1 1 2620:119:50e3... 14413 (LINKEDIN)
4 4 51.178.20.139 16276 (OVH)
7 7 213.155.156.181 1299 (TELIANET ...)
1 1 178.162.133.149 60781 (LEASEWEB-...)
1 1 185.86.137.122 201081 (SMARTADSE...)
1 1 3.124.33.142 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 1 35.186.193.173 15169 (GOOGLE)
1 34.96.105.8 15169 (GOOGLE)
1 1 172.105.232.22 63949 (LINODE-AP...)
5 8 69.173.144.138 26667 (RUBICONPR...)
1 1 35.212.101.174 15169 (GOOGLE)
2 2 217.66.147.169 29209 (SPBMTS-AS...)
1 1 213.87.44.207 13174 (MTSNET Mo...)
3 4 2001:678:cb4:... 56396 (TURN)
4 4 18.159.187.109 16509 (AMAZON-02)
3 3 34.205.3.24 14618 (AMAZON-AES)
1 1 80.64.106.148 20764 (RASCOM-AS...)
1 174.137.133.49 27257 (WEBAIR-IN...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 178.250.0.163 44788 (ASN-CRITE...)
16 185.64.189.110 62713 (AS-PUBMATIC)
2 2 185.86.137.132 201081 (SMARTADSE...)
6 6 198.148.27.139 19189 (PULSEPOINT)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
1 30 185.64.190.80 62713 (AS-PUBMATIC)
2 72.251.241.196 29791 (VOXEL-DOT...)
1 4 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3 77.243.60.138 42697 (NETIC-AS)
3 3 35.201.96.126 15169 (GOOGLE)
2 185.64.189.249 62713 (AS-PUBMATIC)
8 8 185.29.135.234 30419 (MEDIAMATH...)
2 4 2a00:1288:110... 34010 (YAHOO-IRD)
6 185.64.189.114 62713 (AS-PUBMATIC)
9 10 52.58.146.86 16509 (AMAZON-02)
2 2 154.59.122.79 174 (COGENT-174)
5 5 66.155.71.149 13768 (COGECO-PEER1)
2 4 159.253.128.188 36351 (SOFTLAYER)
4 18.204.252.247 14618 (AMAZON-AES)
8 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.244.174.68 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 2 188.165.137.78 16276 (OVH)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 162.55.6.210 24940 (HETZNER-AS)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 151.101.13.44 54113 (FASTLY)
2 2 51.222.80.231 16276 (OVH)
1 3 54.78.254.47 16509 (AMAZON-02)
2 2 34.98.107.212 15169 (GOOGLE)
3 17 34.254.122.11 16509 (AMAZON-02)
4 65.9.73.79 16509 (AMAZON-02)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
2 2 52.48.137.92 16509 (AMAZON-02)
1 2.18.235.93 16625 (AKAMAI-AS)
4 4 185.184.8.30 ()
1 76.223.111.131 16509 (AMAZON-02)
1 1 69.173.144.165 ()
1 1 8.43.72.97 26667 (RUBICONPR...)
1 1 47.252.78.131 45102 (CNNIC-ALI...)
1 1 2001:678:cb4:... 56396 (TURN)
2 2 34.196.207.72 14618 (AMAZON-AES)
1 150.136.26.45 31898 (ORACLE-BM...)
2 2 35.156.217.79 16509 (AMAZON-02)
1 1 202.241.208.55 4694 (IDCF IDC ...)
2 2 3.127.166.11 16509 (AMAZON-02)
1 2 35.227.248.159 15169 (GOOGLE)
1 38.27.122.126 174 (COGENT-174)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 216.58.212.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
708 115
1    64.136.53.59 (United States)

ASN13446 (AS-NETZERO, US)
PTR: webmail.vgs.mybluelight.com
webmaila.mybluelight.com
25    64.136.53.44 (United States)

ASN13446 (AS-NETZERO, US)
PTR: start.vgs.mybluelight.com
start.mybluelight.com
3    64.136.45.33 (United States)

ASN13446 (AS-NETZERO, US)
PTR: track.dca.mybluelight.com
track.mybluelight.com
1    64.136.44.17 (United States)

ASN13446 (AS-NETZERO, US)
PTR: feed.dca.untd.com
feed.untd.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    64.136.53.83 (United States)

ASN13446 (AS-NETZERO, US)
PTR: webmail.vgs.netzero.net
webmail.netzero.net
12    64.136.44.49 (United States)

ASN13446 (AS-NETZERO, US)
PTR: content.dca.untd.com
static.uolcontent.com
content.uolstatic.com
20    2600:9000:2104:c600:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
20    2a04:4e42:1b::626 (United States)

ASN54113 (FASTLY, US)
assets-jpcust.jwpsrv.com
1    64.136.53.30 (United States)

ASN13446 (AS-NETZERO, US)
PTR: track.vgs.untd.com
track.untd.com
2    151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
46    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
googleads.g.doubleclick.net
5    65.9.86.127 (United States)

ASN16509 (AMAZON-02, US)
c.amazon-adsystem.com
3    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
8    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
5    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    213.19.162.61 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
14    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
uol-d.openx.net
u.openx.net
us-u.openx.net
eu-u.openx.net
21    185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
ib.adnxs.com
5    2a02:fa8:8806:13::1460 (United States)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.ch
6    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
a9da6642da90908de4f1cdce1b3b3aae.safeframe.googlesyndication.com
36    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
21    2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
43    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pagead2.googlesyndication.com
3    65.9.73.58 (United States)

ASN16509 (AMAZON-02, US)
yummy.consumable.com
3    151.101.114.137 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
2    104.16.88.26 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
sc.tynt.com
11    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pagead2.googlesyndication.com
10    52.95.124.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    208.100.17.187 (United States)

ASN32748 (STEADFAST, US)
PTR: ip187.208-100-17.static.steadfastdns.net
ic.tynt.com
1    13.225.74.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-107.fra2.r.cloudfront.net
static.traversedlp.com
3    2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
tcheck.outbrainimg.com
2    104.16.39.14 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-sic.33across.com
16    3.21.99.24 (Columbus, United States)

ASN16509 (AMAZON-02, US)
capi.connatix.com
8    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
14    64.202.112.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
log.outbrainimg.com
b1sync.zemanta.com
sync.outbrain.com
1    67.202.110.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-110.static.steadfastdns.net
sic.33across.com
1    151.101.1.194 (United States)

ASN54113 (FASTLY, US)
clarium.global.ssl.fastly.net
2    208.100.17.190 (United States)

ASN32748 (STEADFAST, US)
PTR: ip190.208-100-17.static.steadfastdns.net
de.tynt.com
3    151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
2    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
cs.emxdgt.com
11    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
14    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
3    2a02:fa8:8806:13::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
6    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
cms.quantserve.com
11    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
13    52.208.69.189 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
64    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
12    52.49.40.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-40-147.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
22    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
4    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
a.rfihub.com
12    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    52.21.173.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
aorta.clickagy.com
1    52.45.248.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
ssc.33across.com
3    50.31.142.31 (United States)

ASN23352 (SERVERCENTRAL, US)
mcdp-chidc2.outbrain.com
3    62.113.194.12 (Münster, Germany)

ASN47447 (TTM, DE)
PTR: edge-481.b-cdn.net
ob.cheqzone.com
10    151.101.14.137 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
vid.connatix.com
img.connatix.com
4    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    72.21.206.140 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com
s.amazon-adsystem.com
2    52.18.91.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dpm.demdex.net
1    52.4.51.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rtb.adentifi.com
3    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
7    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
9    65.9.73.74 (United States)

ASN16509 (AMAZON-02, US)
sb.scorecardresearch.com
6    2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
obs.cheqzone.com
1    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.ch
4    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
10    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
40    143.204.98.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-66.fra50.r.cloudfront.net
live-tag.bannersnack.com
5    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2600:1f18:612b:4264:b4a0:a8db:4a1b:4b37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
2    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    81.222.128.216 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad16.adriver.ru
ssp.adriver.ru
1    65.9.73.3 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    2620:119:50e3:101::6cae:b45 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
4    51.178.20.139 (France)

ASN16276 (OVH, FR)
PTR: ns31193669.ip-51-178-20.eu
c.eu1.dyntrk.com
7    213.155.156.181 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
1    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    185.86.137.122 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    3.124.33.142 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
match.sharethrough.com
2    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
gcm.ctnsnet.com
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
tr.blismedia.com
1    172.105.232.22 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1886-22.members.linode.com
a.c.appier.net
8    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    35.212.101.174 (Washington, United States)

ASN15169 (GOOGLE, US)
cs.chocolateplatform.com
2    217.66.147.169 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-169-147-66-217.spbmts.ru
sm.rtb.mts.ru
1    213.87.44.207 (Moscow, Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-207-44.mts.ru
tech.rtb.mts.ru
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
r.turn.com
4    18.159.187.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
3    34.205.3.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
1    80.64.106.148 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr3.rutarget.ru
google-sync.rutarget.ru
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
7    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:812::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:400a:8::6 (Zurich, Switzerland)

ASN15169 (GOOGLE, US)
r1---sn-1gieen7e.googlevideo.com
1    2a00:1450:4001:5d::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r2---sn-4g5ednld.googlevideo.com
2    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
16    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
6    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
30    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    72.251.241.196 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
4    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
3    77.243.60.138 (Hjørring, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
3    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
2    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
8    185.29.135.234 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
6    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
10    52.58.146.86 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
5    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
4    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
4    18.204.252.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
stats.bannersnack.com
8    2606:4700::6810:c172 (United States)

ASN13335 (CLOUDFLARENET, US)
f.hubspotusercontent00.net
2    2a00:1450:400c:c07::71 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
s.youtube.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
2    188.165.137.78 (France)

ASN16276 (OVH, FR)
PTR: ip78.ip-188-165-137.eu
green.erne.co
2    2606:4700:3039::6815:c03b (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    162.55.6.210 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.210.6.55.162.clients.your-server.de
csync.loopme.me
4    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
4    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
match.taboola.com
2    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: ns574734.ip-51-222-80.net
pixel.onaudience.com
3    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
loadm.exelator.com
2    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
17    34.254.122.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
4    65.9.73.79 (United States)

ASN16509 (AMAZON-02, US)
stats-api.bannersnack.com
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    52.48.137.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
4    185.184.8.30 (Amsterdam, Netherlands)

ASN- ()
creativecdn.com
1    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
data.adsrvr.org
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN- ()
pixel-eu.rubiconproject.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    47.252.78.131 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
event.clientgear.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
2    34.196.207.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
1    150.136.26.45 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    35.156.217.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ad.360yield.com
1    202.241.208.55 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    3.127.166.11 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
prod.perf-serving.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
1    38.27.122.126 (United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
1    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
111 doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
pubads.g.doubleclick.net
googleads.g.doubleclick.net
512 KB
84 googlesyndication.com
dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
a9da6642da90908de4f1cdce1b3b3aae.safeframe.googlesyndication.com
385 KB
73 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
aud.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
196 KB
48 bannersnack.com
live-tag.bannersnack.com
stats.bannersnack.com
stats-api.bannersnack.com
7 MB
31 outbrain.com
widgets.outbrain.com
widget-pixels.outbrain.com
odb.outbrain.com
mcdp-chidc2.outbrain.com
sync.outbrain.com
249 KB
30 lijit.com
ap.lijit.com
ce.lijit.com
55 KB
29 connatix.com
cd.connatix.com
cds.connatix.com
capi.connatix.com
vid.connatix.com
img.connatix.com
1 MB
29 mybluelight.com
webmaila.mybluelight.com
start.mybluelight.com
track.mybluelight.com
366 KB
23 adnxs.com
acdn.adnxs.com
secure.adnxs.com
ib.adnxs.com
95 KB
20 jwpsrv.com
assets-jpcust.jwpsrv.com
1 MB
20 jwplayer.com
cdn.jwplayer.com
8 KB
17 gumgum.com
rtb.gumgum.com
5 KB
16 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
78 KB
14 adsrvr.org
match.adsrvr.org
data.adsrvr.org
6 KB
14 openx.net
uol-d.openx.net
u.openx.net
us-u.openx.net
eu-u.openx.net
4 KB
13 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
23 KB
13 yahoo.com
c2shb.ssp.yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
9 KB
12 bidr.io
match.prod.bidr.io
6 KB
12 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
678 KB
12 googletagservices.com
www.googletagservices.com
401 KB
12 google.com
adservice.google.com
www.google.com
793 B
12 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
14 KB
11 gstatic.com
fonts.gstatic.com
csi.gstatic.com
151 KB
11 adform.net
c1.adform.net
5 KB
11 outbrainimg.com
tcheck.outbrainimg.com
log.outbrainimg.com
images.outbrainimg.com Failed
4 KB
10 bidswitch.net
x.bidswitch.net
3 KB
10 ampproject.org
cdn.ampproject.org
214 KB
9 scorecardresearch.com
sb.scorecardresearch.com
8 KB
9 cheqzone.com
ob.cheqzone.com
obs.cheqzone.com
67 KB
8 hubspotusercontent00.net
f.hubspotusercontent00.net
9 MB
8 mathtag.com
sync.mathtag.com
4 KB
8 1rx.io
sync.1rx.io
5 KB
8 dotomi.com
web.hb.ad.cpe.dotomi.com
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
2 KB
7 de17a.com
d5p.de17a.com
2 KB
7 everesttech.net
sync-tm.everesttech.net
2 KB
6 contextweb.com
bh.contextweb.com
4 KB
6 quantserve.com
pixel.quantserve.com
cms.quantserve.com
3 KB
6 uolstatic.com
content.uolstatic.com
9 KB
6 uolcontent.com
static.uolcontent.com
44 KB
5 sitescout.com
pixel-sync.sitescout.com
2 KB
5 zeotap.com
mwzeom.zeotap.com
spl.zeotap.com
2 KB
5 turn.com
ad.turn.com
r.turn.com
d.turn.com
2 KB
5 tynt.com
cdn.tynt.com
sc.tynt.com
ic.tynt.com
de.tynt.com
8 KB
5 criteo.com
bidder.criteo.com
dis.criteo.com
gum.criteo.com
1 KB
4 creativecdn.com
creativecdn.com
1 KB
4 taboola.com
trc.taboola.com
match.taboola.com
815 B
4 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
2 KB
4 simpli.fi
um.simpli.fi
2 KB
4 w55c.net
pm.w55c.net
3 KB
4 dyntrk.com
c.eu1.dyntrk.com
3 KB
4 unrulymedia.com
sync.targeting.unrulymedia.com
2 KB
4 rfihub.com
p.rfihub.com
a.rfihub.com
4 KB
4 33across.com
cdn-sic.33across.com
sic.33across.com
ssc.33across.com
ssc-cms.33across.com Failed
117 KB
3 exelator.com
loadm.exelator.com
5 KB
3 fiftyt.com
visitor.fiftyt.com
1 KB
3 semasio.net
uipglob.semasio.net
2 KB
3 stackadapt.com
sync.srv.stackadapt.com
2 KB
3 mts.ru
sm.rtb.mts.ru
tech.rtb.mts.ru
2 KB
3 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
2 KB
3 bidtheatre.com
match.adsby.bidtheatre.com
2 KB
3 deepintent.com
match.deepintent.com
127 B
3 consumable.com
yummy.consumable.com
80 KB
3 google.ch
adservice.google.ch
409 B
3 criteo.net
static.criteo.net
38 KB
3 netzero.net
webmail.netzero.net
10 KB
2 tapad.com
pixel.tapad.com
616 B
2 perf-serving.com
prod.perf-serving.com
1 KB
2 360yield.com
ad.360yield.com
615 B
2 ipredictive.com
sync.ipredictive.com
950 B
2 crwdcntrl.net
bcp.crwdcntrl.net
1011 B
2 playground.xyz
ads.playground.xyz
724 B
2 onaudience.com
pixel.onaudience.com
796 B
2 loopme.me
csync.loopme.me
415 B
2 ad4m.at
ad4m.at
1 KB
2 erne.co
green.erne.co
651 B
2 youtube.com
s.youtube.com
2 acuityplatform.com
ums.acuityplatform.com
1 KB
2 adgrx.com
cm.adgrx.com
816 B
2 adition.com
dsp.adfarm1.adition.com
1002 B
2 googlevideo.com
r1---sn-1gieen7e.googlevideo.com
r2---sn-4g5ednld.googlevideo.com
1 MB
2 zemanta.com
b1sync.zemanta.com
1 KB
2 teads.tv
sync.teads.tv
407 B
2 demdex.net
dpm.demdex.net
2 KB
2 emxdgt.com
cs.emxdgt.com
59 B
2 rlcdn.com
api.rlcdn.com
id.rlcdn.com
66 B
2 google-analytics.com
www.google-analytics.com
19 KB
2 untd.com
feed.untd.com
track.untd.com
35 KB
1 googleadservices.com
www.googleadservices.com
1 bnmla.com
match.bnmla.com
112 B
1 socdm.com
tg.socdm.com
822 B
1 technoratimedia.com
sync.technoratimedia.com
294 B
1 clientgear.com
event.clientgear.com
259 B
1 media.net
contextual.media.net
371 B
1 ytimg.com
i.ytimg.com
15 KB
1 adkernel.com
dsp.adkernel.com
233 B
1 rutarget.ru
google-sync.rutarget.ru
578 B
1 chocolateplatform.com
cs.chocolateplatform.com
318 B
1 appier.net
a.c.appier.net
557 B
1 blismedia.com
tr.blismedia.com
136 B
1 ctnsnet.com
gcm.ctnsnet.com
478 B
1 sharethrough.com
match.sharethrough.com
355 B
1 sonobi.com
sync.go.sonobi.com
852 B
1 linkedin.com
px.ads.linkedin.com
809 B
1 smaato.net
s.ad.smaato.net
688 B
1 adriver.ru
ssp.adriver.ru
339 B
1 tremorhub.com
partners.tremorhub.com
183 B
1 2mdn.net
s0.2mdn.net
16 KB
1 adentifi.com
rtb.adentifi.com
88 B
1 clickagy.com
aorta.clickagy.com
663 B
1 fastly.net
clarium.global.ssl.fastly.net
41 KB
1 traversedlp.com
static.traversedlp.com
811 B
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
0 digitru.st Failed
prebid.digitru.st Failed
0 deezer.com Failed
api.deezer.com Failed
708 114
Domain Requested by
64 cm.g.doubleclick.net 24 redirects u.openx.net
googleads.g.doubleclick.net
dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
ap.lijit.com
rtb.gumgum.com
us-u.openx.net
42 pagead2.googlesyndication.com www.googletagservices.com
srcdoc
dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
start.mybluelight.com
40 live-tag.bannersnack.com dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
live-tag.bannersnack.com
36 tpc.googlesyndication.com securepubads.g.doubleclick.net
start.mybluelight.com
dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
cdn.ampproject.org
imasdk.googleapis.com
30 simage2.pubmatic.com 1 redirects ads.pubmatic.com
rtb.gumgum.com
25 start.mybluelight.com 1 redirects webmaila.mybluelight.com
start.mybluelight.com
static.uolcontent.com
23 securepubads.g.doubleclick.net static.uolcontent.com
securepubads.g.doubleclick.net
webmaila.mybluelight.com
www.googletagservices.com
cdn-sic.33across.com
cd.connatix.com
start.mybluelight.com
22 ce.lijit.com ap.lijit.com
ads.pubmatic.com
rtb.gumgum.com
us-u.openx.net
20 assets-jpcust.jwpsrv.com start.mybluelight.com
20 cdn.jwplayer.com 20 redirects
19 googleads.g.doubleclick.net 1 redirects dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
webmaila.mybluelight.com
start.mybluelight.com
18 widgets.outbrain.com securepubads.g.doubleclick.net
widgets.outbrain.com
start.mybluelight.com
17 rtb.gumgum.com 3 redirects ap.lijit.com
rtb.gumgum.com
16 image2.pubmatic.com ads.pubmatic.com
16 capi.connatix.com cd.connatix.com
14 ads.pubmatic.com aax-eu.amazon-adsystem.com
ads.pubmatic.com
static.uolcontent.com
ap.lijit.com
rtb.gumgum.com
13 match.adsrvr.org 9 redirects u.openx.net
ssum-sec.casalemedia.com
start.mybluelight.com
us-u.openx.net
13 secure.adnxs.com 5 redirects static.uolcontent.com
12 match.prod.bidr.io 12 redirects
12 www.googletagservices.com securepubads.g.doubleclick.net
yummy.consumable.com
dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
11 c1.adform.net 9 redirects ads.pubmatic.com
10 x.bidswitch.net 9 redirects ads.pubmatic.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 aax-eu.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
u.openx.net
ap.lijit.com
ssum-sec.casalemedia.com
ads.pubmatic.com
9 fonts.gstatic.com fonts.googleapis.com
start.mybluelight.com
9 sb.scorecardresearch.com 3 redirects widgets.outbrain.com
9 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
9 vid.connatix.com cd.connatix.com
9 us-u.openx.net 3 redirects u.openx.net
googleads.g.doubleclick.net
ap.lijit.com
us-u.openx.net
8 f.hubspotusercontent00.net live-tag.bannersnack.com
8 sync.mathtag.com 8 redirects
8 ib.adnxs.com 4 redirects acdn.adnxs.com
googleads.g.doubleclick.net
8 sync.1rx.io 8 redirects
8 log.outbrainimg.com widgets.outbrain.com
8 fonts.googleapis.com yummy.consumable.com
securepubads.g.doubleclick.net
live-tag.bannersnack.com
8 ap.lijit.com 3 redirects static.uolcontent.com
aax-eu.amazon-adsystem.com
ap.lijit.com
7 d5p.de17a.com 7 redirects
7 sync-tm.everesttech.net 7 redirects
6 bh.contextweb.com 6 redirects
6 www.google.com 1 redirects start.mybluelight.com
dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
6 obs.cheqzone.com ob.cheqzone.com
start.mybluelight.com
6 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
6 content.uolstatic.com start.mybluelight.com
6 static.uolcontent.com start.mybluelight.com
static.uolcontent.com
5 pixel-sync.sitescout.com 5 redirects
5 pubads.g.doubleclick.net imasdk.googleapis.com
start.mybluelight.com
5 pixel.quantserve.com 5 redirects
5 dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 web.hb.ad.cpe.dotomi.com static.uolcontent.com
5 c2shb.ssp.yahoo.com static.uolcontent.com
5 c.amazon-adsystem.com static.uolcontent.com
c.amazon-adsystem.com
cdn-sic.33across.com
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 creativecdn.com 4 redirects
4 stats-api.bannersnack.com live-tag.bannersnack.com
4 token.rubiconproject.com 4 redirects
4 stats.bannersnack.com live-tag.bannersnack.com
4 um.simpli.fi 2 redirects ads.pubmatic.com
4 image4.pubmatic.com ads.pubmatic.com
4 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
4 pm.w55c.net 4 redirects
4 pixel.rubiconproject.com 1 redirects start.mybluelight.com
4 c.eu1.dyntrk.com 4 redirects
4 image6.pubmatic.com ads.pubmatic.com
4 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
4 sync.targeting.unrulymedia.com 4 redirects
3 loadm.exelator.com 1 redirects ads.pubmatic.com
3 visitor.fiftyt.com 3 redirects
3 uipglob.semasio.net 1 redirects ads.pubmatic.com
3 mwzeom.zeotap.com ads.pubmatic.com
3 sync.srv.stackadapt.com 3 redirects
3 ad.turn.com 3 redirects
3 a.rfihub.com 3 redirects
3 match.adsby.bidtheatre.com 3 redirects
3 match.deepintent.com ssum-sec.casalemedia.com
rtb.gumgum.com
ads.pubmatic.com
3 ob.cheqzone.com widgets.outbrain.com
3 mcdp-chidc2.outbrain.com widgets.outbrain.com
3 eu-u.openx.net u.openx.net
us-u.openx.net
3 ups.analytics.yahoo.com 3 redirects
3 odb.outbrain.com widgets.outbrain.com
3 widget-pixels.outbrain.com start.mybluelight.com
3 tcheck.outbrainimg.com widgets.outbrain.com
3 yummy.consumable.com webmaila.mybluelight.com
yummy.consumable.com
3 adservice.google.ch securepubads.g.doubleclick.net
3 static.criteo.net static.uolcontent.com
start.mybluelight.com
3 webmail.netzero.net start.mybluelight.com
3 track.mybluelight.com start.mybluelight.com
2 pixel.tapad.com 1 redirects ads.pubmatic.com
2 prod.perf-serving.com 2 redirects
2 ad.360yield.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 bcp.crwdcntrl.net 2 redirects
2 ads.playground.xyz 2 redirects
2 spl.zeotap.com 1 redirects ads.pubmatic.com
2 pixel.onaudience.com 2 redirects
2 match.taboola.com ads.pubmatic.com
2 trc.taboola.com 2 redirects
2 s.tribalfusion.com ads.pubmatic.com
2 a.tribalfusion.com 2 redirects
2 csync.loopme.me 2 redirects
2 ad4m.at ads.pubmatic.com
2 green.erne.co 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 s.youtube.com blank
2 pubmatic-match.dotomi.com ads.pubmatic.com
2 ums.acuityplatform.com 2 redirects
2 aud.pubmatic.com ads.pubmatic.com
2 cm.adgrx.com ads.pubmatic.com
2 dsp.adfarm1.adition.com 2 redirects
2 rtb-csync.smartadserver.com 2 redirects
2 dis.criteo.com ads.pubmatic.com
2 sm.rtb.mts.ru 2 redirects
2 csi.gstatic.com imasdk.googleapis.com
2 b1sync.zemanta.com 2 redirects rtb.gumgum.com
2 eus.rubiconproject.com static.uolcontent.com
eus.rubiconproject.com
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 ssum-sec.casalemedia.com aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
2 cs.emxdgt.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
2 de.tynt.com cdn.tynt.com
2 cdn-sic.33across.com cdn.tynt.com
cdn-sic.33across.com
2 cds.connatix.com start.mybluelight.com
cd.connatix.com
2 bidder.criteo.com static.criteo.net
2 acdn.adnxs.com static.uolcontent.com
cdn-sic.33across.com
2 www.google-analytics.com start.mybluelight.com
www.google-analytics.com
1 www.googleadservices.com
1 match.bnmla.com ads.pubmatic.com
1 tg.socdm.com 1 redirects
1 sync.technoratimedia.com rtb.gumgum.com
1 d.turn.com 1 redirects
1 event.clientgear.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 data.adsrvr.org ap.lijit.com
1 contextual.media.net ap.lijit.com
1 gum.criteo.com static.criteo.net
1 ads.yahoo.com
1 id.rlcdn.com start.mybluelight.com
1 r2---sn-4g5ednld.googlevideo.com start.mybluelight.com
1 r1---sn-1gieen7e.googlevideo.com 1 redirects
1 i.ytimg.com start.mybluelight.com
1 dsp.adkernel.com dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
1 google-sync.rutarget.ru 1 redirects
1 r.turn.com dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
1 tech.rtb.mts.ru 1 redirects
1 cs.chocolateplatform.com 1 redirects
1 a.c.appier.net 1 redirects
1 tr.blismedia.com dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
1 gcm.ctnsnet.com 1 redirects
1 match.sharethrough.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 px.ads.linkedin.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 ssp.adriver.ru 1 redirects
1 cms.quantserve.com 1 redirects
1 partners.tremorhub.com googleads.g.doubleclick.net
1 a9da6642da90908de4f1cdce1b3b3aae.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 s0.2mdn.net imasdk.googleapis.com
1 img.connatix.com start.mybluelight.com
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 s.amazon-adsystem.com ssum-sec.casalemedia.com
1 ssc.33across.com cdn-sic.33across.com
1 aorta.clickagy.com 1 redirects
1 p.rfihub.com 1 redirects ap.lijit.com
rtb.gumgum.com
1 amazon-tam-match.dotomi.com aax-eu.amazon-adsystem.com
1 u.openx.net aax-eu.amazon-adsystem.com
1 clarium.global.ssl.fastly.net start.mybluelight.com
1 sic.33across.com cdn-sic.33across.com
1 static.traversedlp.com start.mybluelight.com
1 ic.tynt.com start.mybluelight.com
1 sc.tynt.com cdn.tynt.com
1 cdn.tynt.com webmaila.mybluelight.com
1 cd.connatix.com 1 redirects
1 uol-d.openx.net static.uolcontent.com
1 hbopenbid.pubmatic.com static.uolcontent.com
1 fastlane.rubiconproject.com static.uolcontent.com
1 htlb.casalemedia.com static.uolcontent.com
1 api.rlcdn.com static.uolcontent.com
1 track.untd.com start.mybluelight.com
1 feed.untd.com start.mybluelight.com
1 webmaila.mybluelight.com
0 ssc-cms.33across.com Failed rtb.gumgum.com
0 rtb.mfadsrvr.com Failed ap.lijit.com
0 prebid.digitru.st Failed yummy.consumable.com
0 images.outbrainimg.com Failed start.mybluelight.com
0 api.deezer.com Failed yummy.consumable.com
708 186
Subject Issuer Validity Valid
start.mybluelight.com
Go Daddy Secure Certificate Authority - G2		 2020-12-24 -
2022-01-03		 a year crt.sh
track.netzero.net
Go Daddy Secure Certificate Authority - G2		 2020-09-15 -
2021-09-25		 a year crt.sh
feed.untd.com
Go Daddy Secure Certificate Authority - G2		 2020-07-13 -
2021-07-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
webmail.netzero.net
Go Daddy Secure Certificate Authority - G2		 2020-07-14 -
2021-07-26		 a year crt.sh
content.uolstatic.com
Go Daddy Secure Certificate Authority - G2		 2020-07-14 -
2021-07-27		 a year crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-20 -
2022-05-22		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-16 -
2022-03-17		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-18 -
2021-09-08		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2020-03-30 -
2022-06-25		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.google.ch
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2020-03-09 -
2021-06-08		 a year crt.sh
*.consumable.com
Amazon		 2020-09-23 -
2021-10-25		 a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2020-09-29 -
2021-10-19		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-01 -
2021-09-30		 2 years crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.traversedlp.com
Go Daddy Secure Certificate Authority - G2		 2020-12-29 -
2022-01-30		 a year crt.sh
*.outbrainimg.com
DigiCert SHA2 Secure Server CA		 2021-05-04 -
2022-05-09		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-01 -
2021-09-30		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
ob.cheqzone.com
R3		 2021-05-04 -
2021-08-02		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
obs.cheqzone.com
R3		 2021-04-15 -
2021-07-14		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
bannersnack.com
Amazon		 2020-09-10 -
2021-10-12		 a year crt.sh
teads.tv
R3		 2021-05-04 -
2021-08-02		 3 months crt.sh
*.tremorhub.com
Amazon		 2020-07-25 -
2021-08-25		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2021-05-01 -
2021-07-30		 3 months crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-31 -
2022-03-31		 a year crt.sh
*.adkernel.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-22 -
2022-01-05		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.c.docs.google.com
GTS CA 1O1		 2021-04-27 -
2021-07-06		 2 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-05 -
2021-08-05		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-04-26 -
2021-06-16		 2 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
*.gumgum.com
Amazon		 2020-07-03 -
2021-08-03		 a year crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh

This page contains 118 frames:

Primary Page: https://start.mybluelight.com/start/sp.do?cf=EOW
Frame ID: 94436A54B4CD42BBBA1D5A6EE2F62A11
Requests: 124 HTTP requests in this frame

Frame: https://start.mybluelight.com/start/view/redesign/common/phoenix/blankPhnx.html?v=34955
Frame ID: F2F9E8F4CB2337D7B7C618C69DE67E37
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuTcbuO4sFQ-v4c8l4MFH4M9A_DXumnui_OhoRVAlv7FgWSfn0OJlHhR3QAwtDHijqqS0-FisR2zlwFLM7axrCvUpD0G0JxYZsmeeMK-x2QxygFKll61xHcG2c76qzFIXhuH5q_LCcNug-llWFKTd1T2ojBXY2KKKVe_RTtXFSiVoc49-MxYiSfJbEKMJNed7byu2dgCzjrKAEPImwtYfXgy301Q4KBmqRS77cA3yBKuOYsbBo-v1MpbsVbm4nXseipJA1yW20OwrrSHo3oQFsxGKtjdUes6CDTwlySDYqjVTASgse9FJUbNAuL4g&sai=AMfl-YR88lvaVX3ZRHAxjdfuyYrmaoWYqslx028vasskRbLZhRJX4zxVv5ahCzUcUmZAKJpIFqP7D_rbfB1hRyVfZqionXn5gUMT2Gtw4rqFkAOrLPAQOqA7ZBoemoxptdt5&sig=Cg0ArKJSzLqUViINThyOEAE&urlfix=1&adurl=
Frame ID: 6690F86C59DC3D2889D001F1A310F7C2
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLSoczt9XyGXlSmhVoonItFWzg6tHSXgA5znLC8FeN4fyFzLOgBAcdhAxYkN2jSn-qkRXC0HsUCRSFcC1hflWDDm3Z38SdOyXCj12iJ4trV-Imi2kHgKNofvPbWD9T6SvnIugVnt56z6QaP42WQR_oB8fANuGolOR8WwMwVwQ58-5rxzEyzlR2XCyeZ3bpXGusNxCpOWH6GX3Z7KUqxwJkJ9jKOs23vWEO3DjoB2GMLxm8LlWyAezkB3ucw_SyO5wPCl7B9gH0FzyVVRrNQ6I0TmNsW88Q8PNR1ovM7gfez7Vb-9zlY_AnoXPukA&sai=AMfl-YTPBXLyWmx7DOwzgyd2kjYwbTzno7lQuVq-j-ZEa7XAMkhPJqwVFn0FuJe-6VpPyPA10rMpdEfrgJ8KXm8eu8Xx1yZoOp-ulnt4RZcHVdz8tVe3y2_FBpJOjYBZvAyx&sig=Cg0ArKJSzIsJ9R_AdysZEAE&urlfix=1&adurl=
Frame ID: A8E4A1F52EEC4ACCE2611757A3DF5900
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJL8xPYCYowJB6cGVzgTUAbhkDfIMxZRZ1FfbNNA_UE3NurCIiNr-ljUrm4-8zIiUy1jCOKihfpy1-JiCpRiyGMNNAenaWNENG4P8sqGI6NA2tfT8jORwFt6JldEemt_i_L3tweIdvpZXnRIuMIjQPp-6wdVMLRLCxhMPEk4afRMU7kq6OJQh8MJJ4q52FBtFy30ygBqskqq-RADP0ukhStfnzncWsPEJc_5MxXfOF5vt2ZpNIQLCuOpC4jWp1vKOmvE2LfW4F0JAEk1ZyIej3EtJ3u7_E-jClNpR1v-9aExgU9NQxHkWIgZ334A&sai=AMfl-YR3hBzVAGaVR4DnLzX1ysCrk7-3jAA2sGcHvn3eN59qtN9_fyEHWNSJDiT6wlRaO3M2EYwCV8rIbzT4JXVRTpsrRpgJU1l0_RJn-r2SJW8z7awxBu1onH-Jb0dTWEja&sig=Cg0ArKJSzDebWabj5z8wEAE&urlfix=1&adurl=
Frame ID: 3F0671FC881A08E53D86DE9551847A47
Requests: 22 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSnXgpcDHNplsGb4tlb5CpUcL6QT9oIdILvib8ZsK7a4JVHVkTwsWJ5TbjGYtkD8AtrUSBPjo5NVdZwvaVtDd7-UtvbgebdyPvFEJX21rY4sVsF3wgta5PEy0QxIi0WTr7COZFSt4Vck2JUz_cyfkdti_p6-sbCjcJke8j_50RbturtI_DT-e5tOAKZ37MoObtr37FZrwiSLdgHKBQFISo9e4gyb6fYJ38HaQxa-k9wjESePU4I9RleiHHPLq8NQMyMTXS9321EbKBO0sw4ADRA5Z0Bg3yJEfZaSKJZ_GRcKPWD7Ivi8WcSwQg&sai=AMfl-YQr3W7qKzNLDDRuuG6H3jLc46u-ux52h6RMONNwYemtmFQyL0o5jYwdX0cmoDrIPG_Ye3PaNABJAoSSl29pRqz6N0wxX69EjAXZjNjuHZwV065mCn6PtSgG0mgspJwo&sig=Cg0ArKJSzKZgHACvyZWPEAE&urlfix=1&adurl=
Frame ID: F315605F0639C53728F0DCBCDEF9A97C
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKRWbT6itrs63xHTNIVBCqqD_uwRat4XWfEGZpyU89--QLepjAlGHdXRb9qA0Ed6TvMx-ph3bAWF3M3mxPiai7s-B2VOvQNSU7Yw71VbzKw9bA-4P-ymwG_O08A4rNFk82C0cwyeeoL--FOEUH6G5vYTppF1Nsl7kiIQA24deh_3OgRhGCdoJGipY1mkrtM-DeoQtxNIdQrHsU3gybF-S7co038tb17p1elFXKr21p7_5zcUA_1st0fJgkHMQjNZIEJVf5SWOj6dvd3-rLk-2RtZ1tfEFAZNgqVf4Y-WBsTA5B8Qy27h4J_g&sai=AMfl-YQv6H1IkgDieRVwBjst3nM_WONrsl-qIkdHC_14dtLvG_VoHH8a1B8nrSqgo0fWGhAiW63mKrfM4cS9ZPTuOPoa1a4qfBCx3I_HN3umf7iXqra9H5cqlutkqU7kIL-F&sig=Cg0ArKJSzKbUZb6_WixiEAE&urlfix=1&adurl=
Frame ID: AC031E8CA8A854441D72BA6884109A05
Requests: 4 HTTP requests in this frame

Frame: https://cds.connatix.com/p/116015/connatix.player.dc.js
Frame ID: D9A3E4AF7A158C9D6783B8531E1E5270
Requests: 29 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUzpGVE5orornFs91JDhBr248ay2iaTmp5EARccko1apVauX8mf83PgBxNRSmNrNgtJMS9iPhhJuICk1avliN3OpQuX2TL3MjXFENh0Lp9fMT5hjbpDrsuqtGnlmRxYrB6s5QulZhyILc4MMnWdS-BpOPwjoFxjIjeHk48omCR03j44i_4z-dWCFrEwe7SZ6dKJNvSq_qb1qjswP38i0tJfGVV7BYe6px0HociHc6aZ4C6b5Z7fA126fLyf9Nue2vclwCGNVXQb_CGSClZgIJjHq-rgOwdRCEYfldkFQfizN6CBhjAPmY7gWU&sai=AMfl-YQ5hLv6qA2ocfiPlxlgJL2EnrCWIz4QoXNVwVoZ2Vr3BsZtBoos8bfQX9FUghwXhWshvtOSqEbnmlJQAvBZwHePzW3xKf134piHWkRv-4UrPhwQlcfhV5KjibYRWIFO&sig=Cg0ArKJSzCi2RpjuLfJOEAE&urlfix=1&adurl=
Frame ID: 4BD5D474CFF7807911417C42F6EE03C7
Requests: 8 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&dcc=t
Frame ID: 179CF31DFF0A7FC523CE524B1E1B4425
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 053EF2D1CD9ADE18F706CD6AD81CB451
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: C8625D506F83652A483F3C8048F0A768
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 19CEF9ED45857A135E304C07A32FA3D3
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Open+Sans:400,800
Frame ID: AD6C1AE596324A1DFC06BD3E2DFFB762
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ast/ast.js
Frame ID: 75A18B736B974742D42B7C876076D821
Requests: 4 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 06D791960AE9677862FAB2269D65A94A
Requests: 2 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Frame ID: B90EE47F9ED59433A1CEF4DA3121CD00
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: F433C385D0CD4F93FA59C53B030C3BF1
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 1086872B2E33E7BDC9CD448B8CADF476
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-2RJX25Z1l2MbC.LCNtaHCH3AMBq_HaY-&
Frame ID: 522562F4DE50EF744E2EB121210060A0
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 78B058B7407A60CB0EB8ACC6960276B8
Requests: 7 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Frame ID: E115A336F22EDCF728F2092540200733
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: CA55BC5C5C1C53A6496F24CFF6D44C8C
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: AB534FBFC35C8210E3FD4A4DE173760D
Requests: 10 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 10E1758836FE9ED323043B1D946C30A6
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 8122A115AD294540705D007DB7B76DDA
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: AAACECBC8BFF5C66E2E4F872B67FAB9B
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.454.1_en.html
Frame ID: 91FFE6D2705AC00A3870A74139DDF87C
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.454.1_en.html
Frame ID: 7C0E15C1F1DBCADFDF40863BBAE5333A
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.454.1_en.html
Frame ID: 8CE8A52712AB21108E5FA13F45BCFA94
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 026E4A9F028EB0CB3478BFA7C4A5D517
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 148D6EB8D6CC42E6682B3D312D7FA793
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3FDB8B99BB52661458B50ED79B8D5E5B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7D18EF64FDB438F24ECB7189C564B9B4
Requests: 22 HTTP requests in this frame

Frame: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E105393B2CB3E753E93E9256BE0BBC71
Requests: 12 HTTP requests in this frame

Frame: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FEE47F0E741B32925397FEC80B71EDC4
Requests: 11 HTTP requests in this frame

Frame: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DEB29D5E767313C59700FD712D673FE1
Requests: 12 HTTP requests in this frame

Frame: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 26741141DE3A6580B4B4C0E35B1BAC65
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 5959A1BAEEB07BD95053948463AE1FCC
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYuvO3mAEwAQ&v=APEucNUNEm7XAhxVFR8avuGdIZsEI5jkI4eoGfDAcfhlGDE0qYVv0CNu7Clm33umCVuFgpl72qgqtt735Vm-cc3J0H9RUkNB6A
Frame ID: 04184AE27CD29584E3BFFE8817DD2756
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYj424mAEwAQ&v=APEucNXEkxezedyxpL90JL5P86PUH4UetfiptlZqLyaPriubkYDqzpHUp_6r_PWh4whWIBN0IsKpmgK6oKgt8AvZnGVtRJMznA
Frame ID: C5F7CAB7262A29FE43503E7EEF46B457
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYwLW3mAEwAQ&v=APEucNVZrugIIKpjez1AJ0KAERRQIwBTERFfoXmTumaLeP7QFXk4FXQE3x3uwsakDLBdrOm_dd-jq5kvoCrr0VWmlzIlTeph_w
Frame ID: 53502286FEE9738EC8C8687BEF28D422
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYwLW3mAEwAQ&v=APEucNWM525ftULsOt7yv_MAh1MMOUiB_9oLJ6pct_UnDAexNrQcUIgCat55LPusBif5oSfIGNB4yEb8wz2177wStC9T3gdw0g
Frame ID: 3F49DF1B4AF35760D2A3A5B753EF4677
Requests: 4 HTTP requests in this frame

Frame: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC76whWm6UYMKRF9abgQe3_L2ABZP5pdBisLmbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_Q4PfwSrMG9f4K9Xnyjj5yBwyBLdMLJoqXoEO4j0_iXLqxa_klistxC7PUCYkb4u4OwEPEFX4Ae22o22C3iqVX2oAghRIpJKEB2SnxBqJmtJ1kisVeDqwdnW9K33NJcJS86FHOwAca-Ixl-cDUJFudqrjUm-xMrsAj4Vn6L-s7Jk7ltKdc07rCpa5YJfKeSuCYx3FqzewtLX_pOuAdePhjdAH9Tz7uhcpfky3Y_rYmJE1txVD6LFs9svveZ4iBEzcJ0S4KDL4sK6LAdO2UkVmIzsZie3zJnI0wAaT6sL_GR4QHiebU5SxsYv0qd2-yjUVl-qw8wATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoN3BBSeC1Z9KHhfFStb6WYg%26sig%3DAOD64_1oUPa_UsKVutRCTGKGw-8M1c_oAg%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-B3YA4nc4zIBsipOpoMrPjF-VPjizEERjb77cV_RJfcks1PJ5u5XGzbtprI0of6Dygtq88J-_RGz7MPpDVbtWOxjLZYBgG9po4OHtmDVy4sYY2W_WN7ZU6URBkhuGRrykR6Rp2KopkggJQTQEqLKZCpLKCsUA%26cry%3D1%26dbm_d%3DAKAmf-DPTrGIHTba5yRbZag0-wDK6PzJgwAucHr7KPCU9FD6uJF0-_cAzRrSq1BtMTY6_9BRGmX5S8V9kkXz1nj3v5G-vyBoHoA-XX3EnR_ThAUhzvul69yPiPiqTIa2OqL7yM1P-N89PrRBlDV2l20OKJfqx-ZWxUA_kRtyIsG4Ui8roI4d6HJQe03N4ZO0BTvoqQemuO8aqfMsIZrnSFkvg2eq8A9KfP_3mpMYx6buYnyMRbUa2r3So0kzQ0l_eAgvJA3dwreItfYCmTm0bXM4ChylFgPTC4EleQruf3vxz49lVO6vUtxjV_x2phRM_kITlD8mK1znY320pEauC0aLxM0XhvV4n6cUnv472niiIg4do_yLH3Q8LRqaNOoq0eswm4ECufgz95C5HGB5MDgk-JjqpviQPKh9bztqwB1LzQw1m_F_2nY%26adurl%3D&userId=41947456&networkId=25
Frame ID: 87E7B69580A66B21E1A8B6AD8D50A5D8
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D69377F8BA3ED0538E473068A78D4EB2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CC2D8EF4EF4F51013B5116EDC3027D6D
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1YNN
Frame ID: 017AFD0AB6612673A6341A031E0207FC
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4E742EE7E99E08FB15A7302F5F2D3D7E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7D3CD8C01924F7D84194A542F4586EDE
Requests: 3 HTTP requests in this frame

Frame: https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4H5dWm6UYMGRF9abgQe3_L2ABZP5pdBiqLWbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_QzeWgi_Z0c29mbW2xF3rK9M4De5lrtXP6m1wKTK2rT4MWBth30j6k-Ra4FvVtxa95RU12Hjr4iiYGB64C03aOsYS8tEnJPrhtlCGV3cZY0umwXVV6NFb8Q0MkKJ0Xxcyfg0fmeWsWsAL0CkDxyXgYUz8TVKXqS9Rm0UmCvAuD4-mfCfqmRyPCePME0B3GiC1Q2yPwZycQCw_L1fcJDzJmhLpztez99tm6mvLnQ4U9bgdHUrdaluUtyhsxRnbyIOVjNZwEHJFGtIS6QRTUhRoLbmw2ocU83dS_ozLCUV6ShkJachhHatIqOGuOXfV-liglCMfpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopA5rDjHBkcTzvxbzbkv4dA%26sig%3DAOD64_0jOZYwbX-BHoC2D8tng9K4yhpSiw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-AsKV_G9Qmfi8F1iXMVr2bUQRawsJNef_qPTyfAwfjG6M-JQ1NL50YmLTQIo5RBLKp4hBqhFbFqVVAb8oXwxUxl25sfIuwadSSnXBhZ_ghpVu5rtW0fKwLa7LOMyWRywnOOHIU10DvFy7peMu42W-ixq4pkgA%26cry%3D1%26dbm_d%3DAKAmf-D7ATsnersCdrpAxQVZH74YiN__v6R-LA0yQahIxwmuRUxSCHzFEzA1ajkEe8k-MnNvGGe9DfKWAiPwK7UReKtbM1Dp2lfS_uglSg7440C3qLKmhMDx3v5Naau3vz6c72fn4imoWubwcOR0SKYAdEPQsjbn55j_9QWEBpGd_HMFxo9Qp7n1JI8LkhDgZsyh5aCRGUaBdqcVP92wLZkG3hvKfspPh98Fi78XKnASVdhYKhnIcsLLKSdZYdmAEyJJmP15IwOMxrGoXgKtJL6lOVXLNhGBCu1peur35GeuJy50CpbTVrT03E26u6N62lIScbEhxyFmG1dX8g_soTFCOtcqsY4fGId75gSpTAxTPTEBWC-whPHm3wqKcyd75qgvoOSOAZq2FFhLqLk3h5W6Eu1LmCVH1ZbXTuJJdYt8b5PqtLNflAs%26adurl%3D&userId=41947456&networkId=25
Frame ID: 3C9955B8DC76413DD4CD0C0E300FB699
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 810B97573D923F9CA23B5771A0BED699
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 14310BF924E367DFD50C45D42FF7EBD7
Requests: 3 HTTP requests in this frame

Frame: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsXbcWm6UYMCRF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTxAU_QldOKkl5vj1rePCUIZ_iezJurMotthR6XrWLnMdkI-zAa8YjnRvTaBkSzilXozbaUPYs-3RbpOj9WEky5EV-B3SJGFi--Tnc9pxBe9WO0ADEOudaMFNdULAhJ5g1VCDUKloxUEWrLlyTeEHLHvLsgVqpyIVBaG-Jy3j5Nb8l-r99_lHQw_EW3nZfBRowH5E-cxvoR-82MwmYat1kWWv5dK2AEsSd6SFuE7jEbdGxyl9d3sKrD1ADY-2TdqVH5i_fVauCPxx9is3kKsAL255VAmwLbgA9oULune5si4mEwfecDJ4FGmZXhcRgsstZuZV7ABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyNDecGgnwBI669VZLQBo2Q%26sig%3DAOD64_0g4YmrpUhmcr8mbkX3JY4bbRoDGw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-APxEViDHoqe08WsdpfTvgXbvb_u0978C8NjA6QwEy_RAPb9WEYcAuAYdwsfJkyitWuWLiGXD-Uk1mtpi3ro8f6e6sMmXGtIiJgC77rUN0BQXk5-p5YGMgexlDxTz8vsFasgL-iweklfDW0Zd9PwXXnoT9WKQ%26cry%3D1%26dbm_d%3DAKAmf-CpagjvtdQdr8PnA_oYByU5jiTPyd3rqpH84SDOKLy6B3pWCLa7bK2CB4YN9bS3rdGojCOM878IHVb5CFAyHh25K8NxdiMPtdquI4wQtgJ7fA68pdPVbR4MyhA3JBtyADr0xtDQr3uQOX_MLDCSCyiTMEb1EKNArF7wIVXc3kQmKEL9i49bqX2NPy4smwWITxM5jAUfPsGFqAD_GpNkTLAx5iBupHHJrDrsUEVpkMr2jvgKvUw9LxNZ2kA4XEqV3BUJlgJiI67adlUT_9MZTqrJc0Y0WSTP3oHEglnxQgx80wqj4t9wBbpUPNRcXv5Wj7pZ7BL0Y0D-kXtG6k_8EbnXnBtW5Vze2rSj7IIkSFsAfc9MVs9RN2Uq-Z7891dbJa8TcL4Vc1XWQ5ViMD1rB0gAlxNSWvUBUUnhUf0elMXMtyJ1FqQ%26adurl%3D&userId=41947456&networkId=25
Frame ID: 83D09A0EC0EFC4A70A20C413D95CD87B
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F29F9A866DFB524172C8589356194FB1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DB3D7F12D6E84E8BB8BDCDA72D9E3656
Requests: 3 HTTP requests in this frame

Frame: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAa7GWm6UYL-RF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTuAU_Qn26a3csvo5Uwz7SUWZOa9fMu92-0D4LguiZtb-J5TW290vwfSotkzuiDkM_zX2CFAtRfGhVLtwjVIp-sgBo7fScovZbNGTNnOVRRBUfuBh0-PRYhJBY5Lp76dkl4A1Vp09P8RqnQoM1woNTfI-sWRmadNI77W6mhgbF64YJHNSFXNnfQS5l4tGXngsKy_FAiCUKtBm-7zmKST3YNv8gjVQkKgGEc-bq6epJ39eIpw8Rv-Cm_sSc7AbIf84jSrYManqmDEfcrfcPK0pLA13_51VmGafL4B42i4qL8DqcPS4ItSAFa5cwDcH4pb8TABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2B42yRIHYTnql7LZDFeweA%26sig%3DAOD64_1IDDT88AgBX6nkbhKbrF8PUGegbQ%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-BZFOc8VK2sUpmFWlJuWh_ZZfMjJt6r0LICqJEc1neZgi6gVRM90Vp5Q3886sxrX-DlQwTgMGCbCjDpj5e-FfKMJSOKvvxLzXgBT5hT0e_dB_nLqP_1SkcOvPOpX0PsMxEoX0uROT3mkLO_7ZsjXkNeM5dnYQ%26cry%3D1%26dbm_d%3DAKAmf-C45xxJVMle2Y0zXyVO2ObVzdRlv05nLIPEX9neH_lxh36kBdYuQnsocFaze6i-6RZLvPv0sRCTZ30ReOwO0E6oYnWtLDlU6sl4ngbuF6Hkw38AXWx4Cksf73cI9ltIa7rpfgvwsZoN8QTY3W2ngoVt0jwZJEZNnvgRSvuUgar03i83WOyI09RF_3d9w3SMcRWW0jXaN9-jkjoYnesue2JiTnQpgKCsboUbgJaNb10fGrggKDlvScwylh_zdGTx8YWakPcqmy1po13dkEu58CZCHMNtVqbc1ESeNMJJmCQvSHEWMAnA-VI75f2uqeEH-OSDGv7siEAj3px5IKhHTSeYNf02Lbo-fLfQ4qIsPwSb1cFe5hBbnc8QLFpTlpwk0X-mCXi7-WbXxY_A2wQLIR0rw1n2Pb_3ExJs3BhXVKinfraFlaE%26adurl%3D&userId=41947456&networkId=25
Frame ID: 65E50920B19670E57018A347768B975A
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1D6BCECC33AC8467925B5EF741262928
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 237D703B037A6A4ED2226E1EE328B520
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 1711DEA7CF55CBB3C8715723B1FB5D03
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 78ADC6B1A3B0472DED398BCBDD9311AF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1514147791061770928
Frame ID: 239572C5F034E0B558098D7197E9BF6C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABt9E7BKN0AADEs5oZmag
Frame ID: 0B8704C202CB8F2EB710BC06C80C9891
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959308665611614348
Frame ID: FDD750F3450760D25ABCD5D79802E2EF
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 540D2B617994FD5C688F966954FCBF9E
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&ex=pubmatic.com
Frame ID: 1ED54EB621F6FF77553E504A59E7E3CE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 4FFD20F0DC04CCA28442E91A695BF28B
Requests: 3 HTTP requests in this frame

Frame: https://s.youtube.com/api/stats/playback?ns=yt&fexp=21064201&el=adunit&cpn=tASCC0TeQHF1peuk&docid=vrSkrZv08sk&ver=2&cmt=0.261&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fstart.mybluelight.com%2F&len=19.017&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=17&rtn=10
Frame ID: C449A3E91272590D196049F9D3019504
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=C0B8DCA6-4544-4BC6-B95F-C7A276B84852
Frame ID: C105387E0049A8803841D1DCC675FEDF
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=56&3pid=RX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003
Frame ID: 20CF683EB4A97C4C2D5592672375F5EE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=BTsXeaJtpCtTTSyY7ypCWw2n
Frame ID: C4C92EFE6036052D58B2B10C34905603
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 9CB6FB01F6C2D83BD880590C2D181E72
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: 512C10E4CEAE8EF6BD65EE6BB837CE8E
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: ADAB161329C4517196B7B3C0EEF85244
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=UooWvvXuhaFT&pid=557219
Frame ID: AF108AD4D0BFA98292319CDFA731D19B
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=4bf6dfe7-8304-4a92-b383-5051e3339845-tuct78df3e0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 05F6D08E659C4F96F32A929AC8ADBD00
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=start.mybluelight.com
Frame ID: 315ECC49981200FD1346803A4974B5FB
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Frame ID: 43F3C8A2C682B78B11CAB04AA352A30C
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 888003977F4698692352E7889EB34680
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Frame ID: 2D908230915A8BCD9A73E368E9F1E127
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 01156A5C11352D3CA81DCB393E3B80C7
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 6C81CAB53919DF49D4D838014A4DAF42
Requests: 8 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=4271185589018318154&gdpr=0&gdpr_consent=
Frame ID: 66312FC134AD868CDF0022CE5668D4B6
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 7C0E71BED459A5CCD8F6B5FE68C80BC7
Requests: 15 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&gdpr=0&gdpr_consent=
Frame ID: 9F1D674684DA85FFE513EE974AB66B7A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YJRuYgAAxwC5uwAC&gdpr=0&gdpr_consent=&_test=YJRuYgAAxwC5uwAC
Frame ID: 9E2F6066AC2807125ABB91A88C9C2C8B
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yZWM2ZDBjOS1kZWU2LTQyYmItODQ4MC03MmFkZmI1NzUwMjI=&gdpr=0&gdpr_consent=
Frame ID: 083CCBA5E57438877D3B085E7102B543
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: CA10F5E08915390FD6F5C06490C52B51
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: D77E516788687E355C38BF393681F2F5
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=22fe8aa1-4f8a-4049-8a52-8b2373e884a9&t=1622932322
Frame ID: 76856EB77DB859EBD84BA6B38F19387C
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 6F3A0AEE2BAE82D96FDA9A3C28E9AAF9
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YJRua8Co5ucAAL3g7O0AAAAA
Frame ID: 7DB55B19028E7212876A892F4574B60C
Requests: 1 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?pub=42796&in=1
Frame ID: F3071DDCB8DA9BC52B426E8A4975D6EA
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=reLeMpMclYqpO0dbclZB&pi=gumgum&tc=1
Frame ID: 60695BAF84DE021DC91F7F169E291070
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 8040A651631102DCA49BCC4FE5C7251C
Requests: 25 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: A685DB4E228377E9F0C58D361ED0C7B6
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3699798750C2CCF0362360B69BA81737
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 2ACD1FBD68D897E03EB213FBB2A809CB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5717983315047178940
Frame ID: 191B3D0125BD45EC285DE081C5B969B3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACNRE7BKN0AADHLDT3q2w
Frame ID: D8D0B62564AFAFC70FE084B442E4C86E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959308699979610263
Frame ID: 72BBA0F754AB3D65322B134472DF6B0F
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 0FFC00DB128BBA42FAAE4D42FEEE5F68
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4f743916-283d-4466-931d-bfbcacf76400-003
Frame ID: 9D2A5A85A37EC07BD564BEE63201640D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=mJcndMYPjPKMJbAaaRGKWw2o
Frame ID: AF3429272C5B3D7A3FBAE2A6908696E6
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: E041828377BD514BC06C055CC68A5D88
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: 625B470670BAD17AAB91839B7391E949
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: DAD1B6749C40812A234B1B4FD68AD899
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=yk5KnuSNyFBd&pid=557219
Frame ID: 2A2108C66DAF158F942093132561DB3C
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=4bf6dfe7-8304-4a92-b383-5051e3339845-tuct78df3e0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 9256967D8430E7DD20C36F5A0B570EDE
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=3D16A8B2-6B0E-42C7-B409-977568EE93CF
Frame ID: B4FBD4428DD0CF6F0B94C3D33F74F600
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=3D16A8B2-6B0E-42C7-B409-977568EE93CF
Frame ID: 0DE4DBFD2278A352FCF666CCAF01F097
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 98B51DDB4EF35ABB162699C37FBF9A48
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: E6ACD40D8F8B1A79B858A7C0E9658EDD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:XoKneRYm1LEMxo5&gdpr=0&gdpr_consent=
Frame ID: 63F6979F9E8477D214A5E0C96D9E8ABE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=EooNs2zMS6dkIvoTb0JXMFuEiFQ
Frame ID: B11F5B1ED2B6D9DB273F7F05075F2A59
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 31710824976A0AD8DA3B2710B5546D07
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:92A3FB32CF24423295B57FEF7DADC14C
Frame ID: 3D08DFA8B8DFC1D95F7AF7EE85570EC4
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=3D16A8B2-6B0E-42C7-B409-977568EE93CF
Frame ID: 438E5AC5E834A1C3AC2F0C257E1CDCCC
Requests: 1 HTTP requests in this frame

Frame: https://s.youtube.com/api/stats/watchtime?rti=10&st=0.000&et=10.198&rtn=19.017&ns=yt&fexp=21064201&el=adunit&cpn=tASCC0TeQHF1peuk&docid=vrSkrZv08sk&ver=2&cmt=10.198&fmt=18&rt=10.000&adformat=2_2_1&euri=https%3A%2F%2Fstart.mybluelight.com%2F&len=19.017&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Frame ID: 6E59A7B23BBD236C89459A8ED4AFEC97
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://webmaila.mybluelight.com/ Page URL
  2. http://start.mybluelight.com/start/sp.do?cf=EOW HTTP 302
    https://start.mybluelight.com/start/sp.do?cf=EOW Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /adnxs\.(?:net|com)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

708
Requests

97 %
HTTPS

25 %
IPv6

114
Domains

186
Subdomains

115
IPs

13
Countries

24623 kB
Transfer

32255 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://webmaila.mybluelight.com/ Page URL
  2. http://start.mybluelight.com/start/sp.do?cf=EOW HTTP 302
    https://start.mybluelight.com/start/sp.do?cf=EOW Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://cdn.jwplayer.com/thumbs/y9Wqv0p8-720.jpg HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/xh0mrvts-720.jpg
Request Chain 27
  • https://cdn.jwplayer.com/thumbs/0MMuPfSR-720.jpg HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/kp5b9g5l-720.jpg
Request Chain 28
  • https://cdn.jwplayer.com/thumbs/uyJvgset-720.jpg HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/3mfpiae8-720.jpg
Request Chain 29
  • https://cdn.jwplayer.com/thumbs/0524iFow-720.jpg HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/pi9j559l-720.jpg
Request Chain 30
  • https://cdn.jwplayer.com/thumbs/rkeKamX9-720.jpg HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/m0kv9so1-720.jpg
Request Chain 31
  • https://cdn.jwplayer.com/thumbs/85V3QvLD-720.jpg HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/hab8iteu-720.jpg
Request Chain 32
  • https://cdn.jwplayer.com/thumbs/DleaSRcY-720.jpg HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/4qkhcj4x-720.jpg
Request Chain 33
  • https://cdn.jwplayer.com/thumbs/O4E9gzXJ-720.jpg HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/5ho3p2o5-720.jpg
Request Chain 34
  • https://cdn.jwplayer.com/thumbs/eja7DevK-720.jpg HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/7fx5tomo-720.jpg
Request Chain 35
  • https://cdn.jwplayer.com/thumbs/EwwuVyid-720.jpg HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/opywfgga-720.jpg
Request Chain 36
  • https://cdn.jwplayer.com/thumbs/z9Ck7Fsc-720.jpg HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/b1licf0n-720.jpg
Request Chain 37
  • https://cdn.jwplayer.com/thumbs/BDz6CqA6-720.jpg HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/xm7lkxex-720.jpg
Request Chain 38
  • https://cdn.jwplayer.com/thumbs/PVHEOdwP-720.jpg HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/h6610izr-720.jpg
Request Chain 39
  • https://cdn.jwplayer.com/thumbs/FzATK1x4-720.jpg HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/uaqnaku0-720.jpg
Request Chain 40
  • https://cdn.jwplayer.com/thumbs/eMmybZNp-720.jpg HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/i1w6qz5e-720.jpg
Request Chain 41
  • https://cdn.jwplayer.com/thumbs/n1vVC5LQ-720.jpg HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/o8xed1hc-720.jpg
Request Chain 42
  • https://cdn.jwplayer.com/thumbs/qwtwcHXd-720.jpg HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/gi8hmxp6-720.jpg
Request Chain 43
  • https://cdn.jwplayer.com/thumbs/TeV4C1Jh-720.jpg HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/hkvtympq-720.jpg
Request Chain 44
  • https://cdn.jwplayer.com/thumbs/z3ziscND-720.jpg HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/jh9mccsq-720.jpg
Request Chain 45
  • https://cdn.jwplayer.com/thumbs/KJ8bG9Yt-720.jpg HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/hyx8ic1p-720.jpg
Request Chain 116
  • https://cd.connatix.com/connatix.player.js HTTP 302
  • https://cds.connatix.com/p/116015/connatix.player.dc.js
Request Chain 129
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&dcc=t
Request Chain 175
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-2RJX25Z1l2MbC.LCNtaHCH3AMBq_HaY-&
Request Chain 178
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 180
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=U4dGBFPSSglIgUhRXdJSVlGBRgBIhRxUUNNTj6S0
Request Chain 181
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4232242844760825305
Request Chain 184
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJdVbsck1h6uv5F7rC_tcYQ&google_cver=1
Request Chain 186
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AABt9E7BKN0AADEs5oZmag&gdpr=0
Request Chain 187
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=1871878969834174420
Request Chain 188
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=0PFQedCkXHTL914s3qREK9L3UH3L8wop06XP_7iC
Request Chain 189
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2991395683 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/6f5b57e8-58b1-4c2f-8ab8-4329b8f9ea3d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003 HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=RX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003
Request Chain 190
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=75dceddf9fb94857879a4914&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:4d160f8d096936575a242b508c31c559
Request Chain 233
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJRuWPBednFrO4SxEmtV.QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMmqJq8rRMeqIXfelKlS0uE&google_cver=1&google_hm=2
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJRuWPBednFrO4SxEmtV-QAABL8AAAIB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEA2PNrImugQRqTmq91R0kWM&google_cver=1
Request Chain 237
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YJRuWPBednFrO4SxEmtV.QAA%261215 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YJRuWPBednFrO4SxEmtV.QAA%261215
Request Chain 240
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YJRuWwAAziE1gwA4 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YJRuWwAAziE1gwA4&_test=YJRuWwAAziE1gwA4
Request Chain 255
  • https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=10278&cs_ucfr=1&ns__t=1620340314162&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D10278%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DCH&c9=https%3A%2F%2Fstart.mybluelight.com%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=10278&cs_ucfr=1&ns__t=1620340314162&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D10278%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DCH&c9=https%3A%2F%2Fstart.mybluelight.com%2F
Request Chain 256
  • https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=10278&cs_ucfr=1&ns__t=1620340314162&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D10278%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DCH&c9=https%3A%2F%2Fstart.mybluelight.com%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=10278&cs_ucfr=1&ns__t=1620340314162&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D10278%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DCH&c9=https%3A%2F%2Fstart.mybluelight.com%2F
Request Chain 257
  • https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=10278&cs_ucfr=1&ns__t=1620340314163&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D10278%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DCH&c9=https%3A%2F%2Fstart.mybluelight.com%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=10278&cs_ucfr=1&ns__t=1620340314163&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D10278%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DCH&c9=https%3A%2F%2Fstart.mybluelight.com%2F
Request Chain 349
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmqJq8rRMeqIXfelKlS0uE&google_cver=1
Request Chain 350
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJRuWPBednFrO4SxEmtV.QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmqJq8rRMeqIXfelKlS0uE&google_cver=1&google_hm=2
Request Chain 352
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmqJq8rRMeqIXfelKlS0uE&google_cver=1
Request Chain 353
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJRuWPBednFrO4SxEmtV.QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmqJq8rRMeqIXfelKlS0uE&google_cver=1&google_hm=2
Request Chain 354
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHQyjAGz0LZo1t5l9TNDPWA&google_cver=1
Request Chain 355
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAxNjY2MDcxNjgzNTAyMjk0OQ%3D%3D
Request Chain 356
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJdVbsck1h6uv5F7rC_tcYQ&google_cver=1
Request Chain 357
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTc5NmY4MTgtZjUxNC0yODZjLWQzYjItMmY0MGZjZjE4NGJh
Request Chain 358
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESELww_5Cj2g5ax0hLQB2_KNM&google_cver=1
Request Chain 359
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjVmYmIwYjYtNmI3Yi00MTA4LTgxYWEtZjNkM2E3NmQyMzll
Request Chain 360
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEHUYlWBkhTxo9MmkIkVwCPQ&google_cver=1
Request Chain 371
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMJyj7MzyqFrfhhI3Y0-SEo&google_cver=1&google_push=AQvitUK2G0toPXfq6RhdX9u0cUA_ZByyzI5QVWWa9mJwscZiK-9WTk_7_1fo_7IelDheCxwEdKKh3163A6z3p0JWQq06SMmZmw HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUK2G0toPXfq6RhdX9u0cUA_ZByyzI5QVWWa9mJwscZiK-9WTk_7_1fo_7IelDheCxwEdKKh3163A6z3p0JWQq06SMmZmw&google_hm=L2MXPv8Q3y8AaJyG0ZTfMw
Request Chain 372
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEBFbeyXhXcE0k0ygwhX8nUw&google_cver=1&google_push=AQvitUKm1zF9pC_sftsfwIwPMsQY_OG5ebFWNHmEQzZ64_uAkz13FSw3ZtDWgxBXqIdxV7966ODFdVHSXyf5snMFNCUu9nONL5k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AQvitUKm1zF9pC_sftsfwIwPMsQY_OG5ebFWNHmEQzZ64_uAkz13FSw3ZtDWgxBXqIdxV7966ODFdVHSXyf5snMFNCUu9nONL5k
Request Chain 373
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF6X8Ig1r1SJEjQNA1m-gTY&google_cver=1&google_push=AQvitUIfRj8sKbBpBG8Tvypt4pGpFtaMBGefRG7ptjJpijLEz2NWh-YfK7R7l79nmwKNEccqNaMaRFRTDY4qqN8A_ttx_fkrhtM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIzMjI0Mjg0NDc2MDgyNTMwNQ&google_push=AQvitUIfRj8sKbBpBG8Tvypt4pGpFtaMBGefRG7ptjJpijLEz2NWh-YfK7R7l79nmwKNEccqNaMaRFRTDY4qqN8A_ttx_fkrhtM
Request Chain 374
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEM2CTAjyxc1x-S6m2jTVVAY&google_cver=1&google_push=AQvitUIcX0n7YKjqg1mD_zD6jSnBipC7Xn0brDXeho-qCMgyZqQHIhQHvkPyUTWo2AZ_Va6vS5qdmREyPqj3DP7dA2tU-LmsaXM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AQvitUIcX0n7YKjqg1mD_zD6jSnBipC7Xn0brDXeho-qCMgyZqQHIhQHvkPyUTWo2AZ_Va6vS5qdmREyPqj3DP7dA2tU-LmsaXM&google_hm=QXRhdWJtZWxrNWxYbDBvU1dXX1RHNHc=
Request Chain 375
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEE9sfYnE2PVsE8N53GKM0zk&google_cver=1&google_push=AQvitULJC3CHV9PTTpVpjdXIpMJPJ3hA7c-PJbupLklMJ7coNx9_99ycBsKe3pDleS1SQn0P8-tilu4Kj6k3i9KjCIk461QzTA HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEE9sfYnE2PVsE8N53GKM0zk&google_push=AQvitULJC3CHV9PTTpVpjdXIpMJPJ3hA7c-PJbupLklMJ7coNx9_99ycBsKe3pDleS1SQn0P8-tilu4Kj6k3i9KjCIk461QzTA&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AQvitULJC3CHV9PTTpVpjdXIpMJPJ3hA7c-PJbupLklMJ7coNx9_99ycBsKe3pDleS1SQn0P8-tilu4Kj6k3i9KjCIk461QzTA&google_hm=NF8yXzhWQ042bEtnaUctTzEtREs=
Request Chain 376
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEG0Z1JNwo2w3xAkVAk6qiqI&google_cver=1&google_push=AQvitUJt-Wf1IX_O_DFz369E6YjY7DWFef9N43OVkodu3ftE-OJo51guz0Y-1wgY2dEh9VBfmnnddbIxHbO8BQXnnpEoqdxNPHY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=44601a8f367ae8378395&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUJt-Wf1IX_O_DFz369E6YjY7DWFef9N43OVkodu3ftE-OJo51guz0Y-1wgY2dEh9VBfmnnddbIxHbO8BQXnnpEoqdxNPHY
Request Chain 377
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEBYY8hhxWfTCos8mSCxmCjs&google_cver=1&google_push=AQvitUJqyH-sMC5BNndguuIchfEr5z8nGCxlZcAXpZnZqJe8tOQk2AiQYiueuvFVzXFHVAjr0QJFoOBs8lDc0GN5CDF8DFOb5IE1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUJqyH-sMC5BNndguuIchfEr5z8nGCxlZcAXpZnZqJe8tOQk2AiQYiueuvFVzXFHVAjr0QJFoOBs8lDc0GN5CDF8DFOb5IE1&google_hm=MjA0MDA4NzkxODUxMTE0MzU5Nw==
Request Chain 394
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEC0DaOqeAtiF7EcIbY97wLw&google_cver=1&google_push=AQvitUIef9NxKmLI-C51ViZo6A6jA8CSH_y6jofV-TvWOZztljBAINOTMGM9fkw50pUoItALaihpKN90e1EQ1VWU96wIW19jCmY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitUIef9NxKmLI-C51ViZo6A6jA8CSH_y6jofV-TvWOZztljBAINOTMGM9fkw50pUoItALaihpKN90e1EQ1VWU96wIW19jCmY
Request Chain 395
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBM8Wm-xGmwpDsdpDyCKkKw&google_cver=1&google_push=AQvitUL9ghE7DUMyK5GQ851BxwWKNQ_SWusiMvBh8kjRmRuPz6O7dJdo1hyY9P88p8j9uex1UpUjQ1gMWBYKwyZN6HHY4jKaiw HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBM8Wm-xGmwpDsdpDyCKkKw&google_cver=1&google_push=AQvitUL9ghE7DUMyK5GQ851BxwWKNQ_SWusiMvBh8kjRmRuPz6O7dJdo1hyY9P88p8j9uex1UpUjQ1gMWBYKwyZN6HHY4jKaiw&prevuid=03030001_60946e5b95784&knw=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitUL9ghE7DUMyK5GQ851BxwWKNQ_SWusiMvBh8kjRmRuPz6O7dJdo1hyY9P88p8j9uex1UpUjQ1gMWBYKwyZN6HHY4jKaiw&google_hm=MDMwMzAwMDFfNjA5NDZlNWJhMGNlYg%3D%3D
Request Chain 396
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEGCWUpvvCsodkO3er16m97s&google_cver=1&google_push=AQvitUKI0o2n7272osiomacsCSOPhhE4YMk9c2h-0fxaHkN1P4HwIwfEwqxMeeyZCjvAjnj7LPssIjk12HyEbDWVZTVMHR4uiuA HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGCWUpvvCsodkO3er16m97s&google_cver=1&google_push=AQvitUKI0o2n7272osiomacsCSOPhhE4YMk9c2h-0fxaHkN1P4HwIwfEwqxMeeyZCjvAjnj7LPssIjk12HyEbDWVZTVMHR4uiuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUKI0o2n7272osiomacsCSOPhhE4YMk9c2h-0fxaHkN1P4HwIwfEwqxMeeyZCjvAjnj7LPssIjk12HyEbDWVZTVMHR4uiuA
Request Chain 397
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAQvitUJGZr20-WPsxEt0Jm1C9ZOnepZYTe1YepDJc9SFT4NBWDvIH2vV_nNAOXAJWbuviia-K07qcKhAfUl4LQoQ_5sfwD0_bg%26google_hm%3D%5BUID%5D&google_gid=CAESEIrI2qW8VVyTqwM-bunLlcM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AQvitUJGZr20-WPsxEt0Jm1C9ZOnepZYTe1YepDJc9SFT4NBWDvIH2vV_nNAOXAJWbuviia-K07qcKhAfUl4LQoQ_5sfwD0_bg&google_hm=1d72639a-28ea-43a4-9c45-a45ddcd9c5bf
Request Chain 398
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEF1SVWgMZ44sDJtutDFLVPg&google_cver=1&google_push=AQvitUJ2jhgj8G9ssfLa1I3T1bGwiyI83Z62MtZ1491AB4ThqO2LaGfOOzF7ClEUQFKDEpmzHtHosSFxrACWfGagAZSe2tuBdA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUJ2jhgj8G9ssfLa1I3T1bGwiyI83Z62MtZ1491AB4ThqO2LaGfOOzF7ClEUQFKDEpmzHtHosSFxrACWfGagAZSe2tuBdA&google_hm=NTkxMDg1NTg0OTc0ODY3MDM3NQ%3D%3D
Request Chain 399
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESECYg2wfmhnGsRI5AK-vEWXU&google_cver=1&google_push=AQvitULqHwCZYRztg_9vC5SAHz8snDCLLDWMS0MxoZm5Cdjye5IilFeNlKKbdAxHonmgbQEFTuYpkKlxsudD4nvTbxn_vJG-R7G9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ODA4YTk0NWItNjhkMC00MzgzLWJhOWUtYTRhNGE1YTNjMzZj&google_push=AQvitULqHwCZYRztg_9vC5SAHz8snDCLLDWMS0MxoZm5Cdjye5IilFeNlKKbdAxHonmgbQEFTuYpkKlxsudD4nvTbxn_vJG-R7G9
Request Chain 400
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEBYY8hhxWfTCos8mSCxmCjs&google_cver=1&google_push=AQvitUJT5NKmsiiT_bzy-Cvn1B7CRjx0w4ffcLF1i8DaZ0tyzZQSJYceCVOvbc_VE0pE9YP_4KAWhQkCAXNRjuQrNjo81jTja-s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUJT5NKmsiiT_bzy-Cvn1B7CRjx0w4ffcLF1i8DaZ0tyzZQSJYceCVOvbc_VE0pE9YP_4KAWhQkCAXNRjuQrNjo81jTja-s&google_hm=MjA0MDA4NzkxODUxMTE0MzU5Nw==
Request Chain 405
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMwz4Ad2ZwbRzNYZ51LpNC0&google_cver=1&google_push=AQvitUKpSDyRiH_rM8XQWMyMd8sxwcFR1ZXLso-VYDCXv6hqpGDJefAJ_uTsI2Pffvvol2y08s4m3jM0-sHAaJeQm3EeiLhuJa_K HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUKpSDyRiH_rM8XQWMyMd8sxwcFR1ZXLso-VYDCXv6hqpGDJefAJ_uTsI2Pffvvol2y08s4m3jM0-sHAaJeQm3EeiLhuJa_K&google_hm=vHLmyHjsQ-CqT0FwIYL8yFQ
Request Chain 407
  • https://a.c.appier.net/gcm?google_gid=CAESELSuw8SPRz7ORIOg3YPncc4&google_cver=1&google_push=AQvitUJ3sC7oWwsu1FYhkFVTuv-q65WRnSRUhZBk964xW3cy-onDt_Qo34mKSjDy6BN_usCrdlHXMd4wDYcQWJKtVp2EvQRrP9Ax HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=TkR2VDZ1VEtBUS1BNncxd1htNlVZQQ%3D%3D&google_push=AQvitUJ3sC7oWwsu1FYhkFVTuv-q65WRnSRUhZBk964xW3cy-onDt_Qo34mKSjDy6BN_usCrdlHXMd4wDYcQWJKtVp2EvQRrP9Ax
Request Chain 408
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEGCWUpvvCsodkO3er16m97s&google_cver=1&google_push=AQvitUKFVVA5Iqthk1QF1gjwgqzo53i6RMSFzvZXSNuyAbuWqFJvKLIEnfXW78vLtPgE6m2EdxLeUa8rRnRu0QjtT4LWTE-nzkT3 HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGCWUpvvCsodkO3er16m97s&google_cver=1&google_push=AQvitUKFVVA5Iqthk1QF1gjwgqzo53i6RMSFzvZXSNuyAbuWqFJvKLIEnfXW78vLtPgE6m2EdxLeUa8rRnRu0QjtT4LWTE-nzkT3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUKFVVA5Iqthk1QF1gjwgqzo53i6RMSFzvZXSNuyAbuWqFJvKLIEnfXW78vLtPgE6m2EdxLeUa8rRnRu0QjtT4LWTE-nzkT3
Request Chain 409
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGU_8k2ZRJ_GCo5K6wLP8hU&google_cver=1&google_push=AQvitUKPoqloJauXGq6ZMWCVg8Xv-xRU1dqKNq1vvWSXcJH72Zt4V6ZrL3k0qTm6VApOnCsf0XHWs9kU478OpPPYyAy7b5F4JDkj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09ER1NBUlgtMVAtSFQzNQ==&google_push=AQvitUKPoqloJauXGq6ZMWCVg8Xv-xRU1dqKNq1vvWSXcJH72Zt4V6ZrL3k0qTm6VApOnCsf0XHWs9kU478OpPPYyAy7b5F4JDkj
Request Chain 410
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEGoowKIWkiCHEUJq6IzmpxM&google_cver=1&google_push=AQvitUIuFpdaxEUCLJ7u__wuDZoBzC26DfBtjOnWbnLJ9juTh9gEU9CHcrUghg9cFQ9juYiYMFqw1LFsTdTuwag77ZNcE6vPzR0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=czAwRG5WZDdGWA==&google_push=AQvitUIuFpdaxEUCLJ7u__wuDZoBzC26DfBtjOnWbnLJ9juTh9gEU9CHcrUghg9cFQ9juYiYMFqw1LFsTdTuwag77ZNcE6vPzR0
Request Chain 411
  • https://sm.rtb.mts.ru/p?ssp=googlevid&pm=1&google_gid=CAESECHuog64XLYRtOyCGyZ_YlU&google_cver=1&google_push=AQvitUJVvNESFk3HhjWAo1qR3jsQ4MffE3LQCVB6FBJRNct3_j97Z_vRt9suH9fNmKKJOQgh-9Rhq500uABz0HLqGnZIEFV6vyaR HTTP 301
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Dc4248c1f-ddb3-4721-87ab-f9366f79baf9%26google_push%3DAQvitUJVvNESFk3HhjWAo1qR3jsQ4MffE3LQCVB6FBJRNct3_j97Z_vRt9suH9fNmKKJOQgh-9Rhq500uABz0HLqGnZIEFV6vyaR&ssp=googlevid&exu=CAESECHuog64XLYRtOyCGyZ_YlU HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=c4248c1f-ddb3-4721-87ab-f9366f79baf9&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Dc4248c1f-ddb3-4721-87ab-f9366f79baf9%26google_push%3DAQvitUJVvNESFk3HhjWAo1qR3jsQ4MffE3LQCVB6FBJRNct3_j97Z_vRt9suH9fNmKKJOQgh-9Rhq500uABz0HLqGnZIEFV6vyaR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=c4248c1f-ddb3-4721-87ab-f9366f79baf9&google_push=AQvitUJVvNESFk3HhjWAo1qR3jsQ4MffE3LQCVB6FBJRNct3_j97Z_vRt9suH9fNmKKJOQgh-9Rhq500uABz0HLqGnZIEFV6vyaR
Request Chain 414
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESECW7Z4wqyF9nIR8zUe4VcMw&google_cver=1&google_push=AQvitUJPAZF78dxOp1Zg6F7udBzEtAlQVEpK0h9OCcS07DryUGaeEhZsEFzvqeaFfbOgc5f1aoRp1JiQZv6mBdSMFhYie4lxz-4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDU2NjM1MDg4OTA2NjE1MzI2Nw== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESECW7Z4wqyF9nIR8zUe4VcMw&google_cver=1
Request Chain 415
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBE9_TFYiXlqEtjL4dC52Wg&google_cver=1&google_push=AQvitUI2VJTEM_n7WAPljM1eBfFf00cRFg0gUJSsKpeUEDFBUmzig6fJ_hp9Xfuzd_zgKxyFbESVK-JRjx1Y6YwSdmwx2OESYsQ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBE9_TFYiXlqEtjL4dC52Wg&google_cver=1&google_push=AQvitUI2VJTEM_n7WAPljM1eBfFf00cRFg0gUJSsKpeUEDFBUmzig6fJ_hp9Xfuzd_zgKxyFbESVK-JRjx1Y6YwSdmwx2OESYsQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a1lBRk82RXcxTEVNeG81&google_gid=CAESEBE9_TFYiXlqEtjL4dC52Wg&google_cver=1&google_push=AQvitUI2VJTEM_n7WAPljM1eBfFf00cRFg0gUJSsKpeUEDFBUmzig6fJ_hp9Xfuzd_zgKxyFbESVK-JRjx1Y6YwSdmwx2OESYsQ
Request Chain 416
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBM8Wm-xGmwpDsdpDyCKkKw&google_cver=1&google_push=AQvitUKKwgQFyXaM-fc3lYzMIIu_mzVBF_0Gnaorce41P-BbUCrFx_dwivp_4b8X4JkekX__qRrOb-9XrTEGtO0Q6nJAMzFxqSU HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBM8Wm-xGmwpDsdpDyCKkKw&google_cver=1&google_push=AQvitUKKwgQFyXaM-fc3lYzMIIu_mzVBF_0Gnaorce41P-BbUCrFx_dwivp_4b8X4JkekX__qRrOb-9XrTEGtO0Q6nJAMzFxqSU&prevuid=03030001_60946e5ba0ceb&knw=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitUKKwgQFyXaM-fc3lYzMIIu_mzVBF_0Gnaorce41P-BbUCrFx_dwivp_4b8X4JkekX__qRrOb-9XrTEGtO0Q6nJAMzFxqSU&google_hm=MDMwMzAwMDFfNjA5NDZlNWJhMGNlYg%3D%3D
Request Chain 417
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEMfFMrCPUj4VFGnkULWK32c&google_cver=1&google_push=AQvitUJXpDtM7yHsR1kvol9Jm9c4JhmMjBjfRiYJbGkMV1M4OkGOs8cNH8m5zJPn3rTh-ReuuTytWS9SyiH8F1-WnL7l_B617Oo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=tHB46TA1RBN1CogKdmN081uEiFQ&google_push=AQvitUJXpDtM7yHsR1kvol9Jm9c4JhmMjBjfRiYJbGkMV1M4OkGOs8cNH8m5zJPn3rTh-ReuuTytWS9SyiH8F1-WnL7l_B617Oo
Request Chain 418
  • https://google-sync.rutarget.ru/sync?google_gid=CAESEENPyAwdtEjmQPd1igrN2u4&google_cver=1&google_push=AQvitUJBW84AHe3kewTZFsDrCMPOnSo8JHsgKVs5TNe73O3t0ETcv9EBjOrmwPX2Zq_F6dRbMzBcqfFSlai9K7BJW3RAoDwsQzM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=X3FZc1BuS3hfUk9C&google_ula=2046794&google_push=AQvitUJBW84AHe3kewTZFsDrCMPOnSo8JHsgKVs5TNe73O3t0ETcv9EBjOrmwPX2Zq_F6dRbMzBcqfFSlai9K7BJW3RAoDwsQzM
Request Chain 420
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEBYY8hhxWfTCos8mSCxmCjs&google_cver=1&google_push=AQvitUKbM8WsbPKSp3JA2SJkEt5ZAm-3iN7A7MOaEq0SV94_OcOScijHEq5BPNQxNu6qPy6_dLmZhnTaaoPFYWDaOCXmEmlD1Mc2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUKbM8WsbPKSp3JA2SJkEt5ZAm-3iN7A7MOaEq0SV94_OcOScijHEq5BPNQxNu6qPy6_dLmZhnTaaoPFYWDaOCXmEmlD1Mc2&google_hm=MjA0MDA4NzkxODUxMTE0MzU5Nw==
Request Chain 449
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 451
  • https://r1---sn-1gieen7e.googlevideo.com/videoplayback?expire=1620369115&ei=W26UYOyIF8bBgQfJzoG4Bw&ip=91.132.136.84&id=beb4a4ad9bf4f2c9&itag=22&source=youtube&requiressl=yes&mh=M0&mm=31&mn=sn-1gieen7e&ms=au&mv=m&mvi=1&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=19.086&lmt=1619700667255134&mt=1620340133&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAOFuWkhM6B00HgFYaBlYLbV8VImvrf6hjlqoSpkKSGnxAiEA-XVWV_n8hCGZyHzVcjjlPG5_wqD8ls2b0bpVglUTj5M=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgPzWUzlXI7Gkn01ok8JpBX9IHg1soyxbzsOL8CN0_uWMCIDTK1AzwueRabubznkjmGS-rt19C5JZcKBb8iLq17dxD&cpn=tASCC0TeQHF1peuk HTTP 302
  • https://r2---sn-4g5ednld.googlevideo.com/videoplayback?expire=1620369115&ei=W26UYOyIF8bBgQfJzoG4Bw&ip=91.132.136.84&id=beb4a4ad9bf4f2c9&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=19.086&lmt=1619700667255134&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAOFuWkhM6B00HgFYaBlYLbV8VImvrf6hjlqoSpkKSGnxAiEA-XVWV_n8hCGZyHzVcjjlPG5_wqD8ls2b0bpVglUTj5M=&cpn=tASCC0TeQHF1peuk&redirect_counter=1&rm=sn-1gies7e&req_id=a145b8df4e0136e2&cms_redirect=yes&ipbypass=yes&mh=M0&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednld&ms=au&mt=1620339894&mv=m&mvi=2&pl=50&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPL_xptUb2TLvos6D5xjKxPAQgGPgSz3EBwNJjV4Non5AiBFG1G-kmvXcwV2b0Dxd37t5UiX2MhLcTjediz5bsJnxg%3D%3D
Request Chain 462
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1514147791061770928
Request Chain 463
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBbXRFN0JLTjBBQUNfX0RUM3Eydw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABt9E7BKN0AADEs5oZmag&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=862809366025152390 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABt9E7BKN0AADEs5oZmag&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D862809366025152390%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=862809366025152390&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABt9E7BKN0AADEs5oZmag&pid=558502&do=add HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABt9E7BKN0AADEs5oZmag
Request Chain 464
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959308665611614348
Request Chain 467
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wLjcpkVES8a5X8eidrhIUg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 469
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 470
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&addseg=31
Request Chain 471
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4232242844760825305
Request Chain 472
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFnvxqKmN8vMjY9dRB3MP4I&google_cver=1
Request Chain 473
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6f5b57e8-58b1-4c2f-8ab8-4329b8f9ea3d
Request Chain 474
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:f34d6094-6e61-4400-b50c-3f9391941115&gdpr=0&gdpr_consent=
Request Chain 475
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9016660716835022949&gdpr=0&gdpr_consent=
Request Chain 477
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-P4qJDi9E2uVxfTf36FrvIE_VbDDKJR8-~A&gdpr=0&gdpr_consent=
Request Chain 478
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_TGlzP1kqcHmN6uZ82Sxnv83pcjmM_-c_mVkFtji
Request Chain 479
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ums.acuityplatform.com/bum?tpid=29&uid=910f06f5-f32a-411a-847a-5dfadff5bbd3&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=577306398175&expires=30&user_group=1&ssp=Pubmatic
Request Chain 480
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4566350889066153267&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 481
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJRuWwAAziE1gwA4&gdpr=0&gdpr_consent=
Request Chain 482
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3095a883-14ee-46de-a205-c1fc460e4adf&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 484
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=3bca5b9b-e212-4741-b3b1-79260df8c15d-60946e5c-4348&gdpr=0&gdpr_consent=
Request Chain 552
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1YNN HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ATQUfFnu1WztKuaEE2IGfsn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1YNN HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4370208921288564982
Request Chain 553
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1YNN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09ER1NBUlgtMVAtSFQzNQ==&us_privacy=1YNN
Request Chain 554
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1YNN HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=84d46094-6e61-4c00-8fbb-699479726b69
Request Chain 556
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1YNN HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YJRuWwAAziE1gwA4&us_privacy=1YNN
Request Chain 557
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1YNN HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KODGSARX-1P-HT35&sigv=1&esig=2~0c36b833d7b4177d0c8fc526ff8087ed44db7392&us_privacy=1YNN
Request Chain 558
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1YNN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTEzNzdjNzc3YWJkNzQ2MjU4ODg3Y2JhMmM5MTQwYTMwZjliMWExMQ&us_privacy=1YNN
Request Chain 562
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8632975931 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/6f5b57e8-58b1-4c2f-8ab8-4329b8f9ea3d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003 HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=RX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003
Request Chain 563
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=BTsXeaJtpCtTTSyY7ypCWw2n
Request Chain 565
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 566
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 567
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=UooWvvXuhaFT&pid=557219
Request Chain 568
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=4bf6dfe7-8304-4a92-b383-5051e3339845-tuct78df3e0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 569
  • https://pixel.onaudience.com/?partner=214&mapped=C0B8DCA6-4544-4BC6-B95F-C7A276B84852 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=8907b3e4e0470fbc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fc5091d7-b5c5-4a0f-5bcb-b45c6c516076&reqId=f6ed399e-2e51-4b1d-4103-e7de95b209a7&zcluid=8907b3e4e0470fbc&zdid=1332 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fc5091d7-b5c5-4a0f-5bcb-b45c6c516076&reqId=f6ed399e-2e51-4b1d-4103-e7de95b209a7&zcluid=8907b3e4e0470fbc&zdid=1332&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESENdGeAPejHuFgdlkSIeviD4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fc5091d7-b5c5-4a0f-5bcb-b45c6c516076&reqId=f6ed399e-2e51-4b1d-4103-e7de95b209a7&zcluid=8907b3e4e0470fbc&zdid=1332
Request Chain 570
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3
Request Chain 571
  • https://loadm.exelator.com/load/?p=204&g=71&buid=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&gdpr=0&gdpr_consent=&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=71&buid=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Request Chain 572
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzBCOERDQTYtNDU0NC00QkM2LUI5NUYtQzdBMjc2Qjg0ODUy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 573
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3005018923156814124
Request Chain 574
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2ec6d0c9-dee6-42bb-8480-72adfb575022
Request Chain 591
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=75dceddf9fb94857879a4914/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=75dceddf9fb94857879a4914/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=5001&3pid=570137fbd57db8fc31612670fa0c36ce&gdpr=0&gdpr_consent=
Request Chain 592
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=NzVkY2VkZGY5ZmI5NDg1Nzg3OWE0OTE0 HTTP 302
  • https://ap.lijit.com/dsp/google/reporting
Request Chain 593
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=yk5KnuSNyFBd&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 594
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=3005018923156814124&gdpr=0&gdpr_consent=
Request Chain 596
  • https://um.simpli.fi/lj_match?r=1620340322135&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=92A3FB32CF24423295B57FEF7DADC14C
Request Chain 597
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=182e41fb-8a9c-4292-83b6-0c5cce7e7fe4-60946e62-4348&gdpr=0&gdpr_consent=
Request Chain 598
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NzVkY2VkZGY5ZmI5NDg1Nzg3OWE0OTE0
Request Chain 599
  • https://ums.acuityplatform.com/tum?umid=27&uid=75dceddf9fb94857879a4914&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=66&3pid=577306398447
Request Chain 600
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=reLeMpMclYqpO0dbclZB&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
Request Chain 604
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=KODGSI2V-1S-AOYY&gdpr=0
Request Chain 605
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=75dceddf9fb94857879a4914&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&gdpr=0&gdpr_consent=
Request Chain 606
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=KODGSI2V-1S-AOYY&gdpr=0
Request Chain 607
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=19f1618b-fd29-4fd8-9321-db36db1f52b1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk283b88e3-c228-40ed-a42f-850e5680a19b&expires=7&user_group=5&ssp=fmx&bsw_param=19f1618b-fd29-4fd8-9321-db36db1f52b1 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=19f1618b-fd29-4fd8-9321-db36db1f52b1
Request Chain 608
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Request Chain 611
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Request Chain 612
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=4271185589018318154&gdpr=0&gdpr_consent=
Request Chain 614
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=3005018923156814124
Request Chain 615
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_2ec6d0c9-dee6-42bb-8480-72adfb575022&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_2ec6d0c9-dee6-42bb-8480-72adfb575022&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5197838155464045137&ssp=gumgum2 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=19f1618b-fd29-4fd8-9321-db36db1f52b1
Request Chain 616
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28oXeZ44Hb-1X3rVLjfMJ_f567piNoixkJHYP8p0g0DmnPPIeBC86EPofXGBpnLokf%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28oXeZ44Hb-1X3rVLjfMJ_f567piNoixkJHYP8p0g0DmnPPIeBC86EPofXGBpnLokf%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_2ec6d0c9-dee6-42bb-8480-72adfb575022&obuid=ENC(oXeZ44Hb-1X3rVLjfMJ_f567piNoixkJHYP8p0g0DmnPPIeBC86EPofXGBpnLokf) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=oXeZ44Hb-1X3rVLjfMJ_f567piNoixkJHYP8p0g0DmnPPIeBC86EPofXGBpnLokf HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=oXeZ44Hb-1X3rVLjfMJ_f567piNoixkJHYP8p0g0DmnPPIeBC86EPofXGBpnLokf
Request Chain 617
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=ddd9c951-e825-0ca0-32ac-690a3b8e7bb4
Request Chain 618
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-128a0db3-6ccc-4ba7-6422-fa136f425730$ip$91.132.136.84
Request Chain 619
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-xtoBfWRE2pfHDg8wUeeETnEohv9V0iF38jwv~A
Request Chain 620
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=e1a06f38-aeba-11eb-bc02-c149ea2be043
Request Chain 624
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=aabe7e09-fbbe-4f42-b8da-afaf14bbc01d
Request Chain 625
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8502742850 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/22fe8aa1-4f8a-4049-8a52-8b2373e884a9 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4f743916-283d-4466-931d-bfbcacf76400-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-4f743916-283d-4466-931d-bfbcacf76400-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4f743916-283d-4466-931d-bfbcacf76400-003
Request Chain 626
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=yk5KnuSNyFBd&ev=1&pid=558355
Request Chain 628
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&gdpr=0&gdpr_consent=
Request Chain 629
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YJRuYgAAxwC5uwAC HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YJRuYgAAxwC5uwAC&gdpr=0&gdpr_consent=&_test=YJRuYgAAxwC5uwAC
Request Chain 633
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=22fe8aa1-4f8a-4049-8a52-8b2373e884a9&t=1622932322
Request Chain 635
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YJRua8Co5ucAAL3g7O0AAAAA
Request Chain 637
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=reLeMpMclYqpO0dbclZB&pi=gumgum&tc=1
Request Chain 639
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3
Request Chain 640
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=5RtlfeVOanv-Hmwv50pxf7ESay_-Tm9x4hJtgty3
Request Chain 641
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3376588916070258701
Request Chain 644
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPJlx9moQMKuPzvSg17di-s&google_cver=1
Request Chain 650
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJZb53_1D563pdXQYHOPwLg&google_cver=1
Request Chain 652
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5197838155464045137
Request Chain 654
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5717983315047178940
Request Chain 655
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=22fe8aa1-4f8a-4049-8a52-8b2373e884a9
Request Chain 656
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&gdpr=0&gdpr_consent=
Request Chain 657
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3005018923156814124&gdpr=0&gdpr_consent=
Request Chain 658
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=r-vu6q--4ey07ue4rbr66Pvi4Li0vuTmqOKfDejO
Request Chain 659
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=6ba30be7-7b05-4d44-9517-42e5dbcb82af&ssp=pubmatic&user_group=1 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=19f1618b-fd29-4fd8-9321-db36db1f52b1&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 660
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDTlJFN0JLTjBBQURITERUM3Eydw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACNRE7BKN0AADHLDT3q2w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACNRE7BKN0AADHLDT3q2w&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACNRE7BKN0AADHLDT3q2w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4186993798339832025 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACNRE7BKN0AADHLDT3q2w
Request Chain 661
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959308699979610263
Request Chain 662
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c9667447-5839-47b1-b2bd-e0735b0c1038&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 663
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=182e41fb-8a9c-4292-83b6-0c5cce7e7fe4-60946e62-4348&gdpr=0&gdpr_consent=
Request Chain 665
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2986547117 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/22fe8aa1-4f8a-4049-8a52-8b2373e884a9 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4f743916-283d-4466-931d-bfbcacf76400-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-4f743916-283d-4466-931d-bfbcacf76400-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4f743916-283d-4466-931d-bfbcacf76400-003
Request Chain 666
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=mJcndMYPjPKMJbAaaRGKWw2o
Request Chain 667
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3005018923156814124
Request Chain 669
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 670
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2ec6d0c9-dee6-42bb-8480-72adfb575022
Request Chain 671
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 672
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=yk5KnuSNyFBd&pid=557219
Request Chain 673
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=4bf6dfe7-8304-4a92-b383-5051e3339845-tuct78df3e0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 675
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PRaosmsOQse0CZd1aO6Tzw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 678
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3D16A8B2-6B0E-42C7-B409-977568EE93CF&gdpr= HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3D16A8B2-6B0E-42C7-B409-977568EE93CF&addseg=31
Request Chain 679
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0QxNkE4QjItNkIwRS00MkM3LUI0MDktOTc3NTY4RUU5M0NG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 681
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3D16A8B2-6B0E-42C7-B409-977568EE93CF&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-PDlO9rZE2uWC5hRYtgNrOokZG3_sa4I-~A&gdpr=0&gdpr_consent=
Request Chain 682
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4271185589018318154&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 683
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJRuYgAAxwC5uwAC&gdpr=0&gdpr_consent=
Request Chain 693
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 694
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:XoKneRYm1LEMxo5&gdpr=0&gdpr_consent=
Request Chain 695
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=EooNs2zMS6dkIvoTb0JXMFuEiFQ
Request Chain 697
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:92A3FB32CF24423295B57FEF7DADC14C
Request Chain 699
  • https://pixel.onaudience.com/?partner=214&mapped=3D16A8B2-6B0E-42C7-B409-977568EE93CF HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=a781b521c9eb9b04
Request Chain 700
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3
Request Chain 702
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e1a06f38-aeba-11eb-bc02-c149ea2be043&gdpr=0&gdpr_consent=
Request Chain 703
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=CtziRW26UYKKhC5rl-gaKwID4C9yNmcVix8nkvuINsJAfEAEg0pbmOGD1lc6B4ASgAe3xtdoDyAEFqQKZ6G7ZRneyPuACAKgDAZgEAKoEpwJP0PWFkLZ4hiSwvcK_AJ1VX32oyRHEdxiXNuk1MLcOWxs4PzS4ozhvIyWL6t6BtrdftOklDopYZDCvT7FcQA0Wd4KXmnreni2Qw4N_e81LxGcIYiNo9OUSJW7ZbfSAgmGKVuhq8xDv8_fKRNd7eRKvOGR1rMUHgFvyVs5XtP6qwZptV7Uh_bORRIIbjljswOz30AWCu8D4W9JaoIzclJ5qxFu04FE6-izj2A7394DeS53ABMC3YCFQxOQSNVFV9SZ-buL9rxq0oY1inCDwjCCnRsUuUjbmCXnGeI3S5vXxnFgPOj2dVDf1ywD06o-x9tJHEhiQwEky7XhZx7v4UXCD96xAF1BhHwTxXWSF3TTlOBQtb5TpN4CYdAoCyczjN0pzLjex9reYwATG-_KHuwPgBAGgBlSAB7C58SmoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIIBwiAYRABGB3yCBthZHgtc3Vic3luLTY1MDg1NzM4NTQwOTg2ODaaCaQBaHR0cHM6Ly93d3cuaW50ZXJkaXNjb3VudC5jaC9kZS9tb2JpbHRlbGVmb24tdGFibGV0LXdlYXJhYmxlcy9tb2JpbHRlbGVmb24vbW9iaWx0ZWxlZm9uZS0tYzQxMTAwMC9zYW1zdW5nLWdhbGF4eS1hNTEtNi01LTEyOC1nYi00OC1tcC1wcmlzbS1jcnVzaC1ibGFjay0tcDAwMDIxMDk5OTKxCYAwQivRJz32gAoDyAsB0AsO4AsBuAwB2BMN0BUB4hYCCAGAFwE&num=1&sig=AOD64_1gOUVVu_trY5ZtTaBdQqc-I6N4sA&client=ca-pub-7379978810940306&adurl=http://clickserve.dartsearch.net/link/click%3F%26ds_a_cid%3D85922208%26ds_a_caid%3D12897681005%26ds_a_agid%3D118933470662%26ds_a_fiid%3D%26ds_a_lid%3D%26%26ds_e_adid%3D518055251970%26ds_e_matchtype%3Dcontent%26ds_e_device%3Dc%26ds_e_network%3Dvp%26%26ds_url_v%3D2%26ds_dest_url%3Dhttps://www.interdiscount.ch/de/mobiltelefon-tablet-wearables/mobiltelefon/mobiltelefone--c411000/samsung-galaxy-a51-6-5-128-gb-48-mp-prism-crush-black--p0002109992%3Fgclsrc%3Daw.ds%26&ctype=110&label=video_10s_engaged_view&ad_mt=10198&acvw=sv%3D894%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D585,516,838,966%26p0%3D585,516,838,966%26p1%3D585,516,838,966%26p2%3D585,516,838,966%26tos%3D10727,0,0,0,0%26mtos%3D10727,10727,10727,10727,10727%26amtos%3D0,0,0,0,0%26mtos1%3D5478,0,0%26mtos2%3D4752,0,0%26mcvt%3D10727%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10727%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2599%26pst%3D554%26dur%3D19017%26vmtime%3D10198%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26cs%3D16782099%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D497,497,497,497,497%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1159%26femvt%3D0%26emc%3D54%26emuc%3D0%26emb%3D54,0,0,0,0%26avms%3Dexc%26qi%3D679419909%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D1620340327088%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10727%26ss0%3D0.05%26ss1%3D0.05%26ss2%3D0.05&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.05%26t%3D1620340315545 HTTP 302
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=C7Pc9W26UYKKhC5rl-gaKwID4C9yNmcVix8nkvuINsJAfEAEg0pbmOGD1lc6B4ASgAe3xtdoDyAEFqQKZ6G7ZRneyPuACAKgDAZgEAKoEpwJP0PWFkLZ4hiSwvcK_AJ1VX32oyRHEdxiXNuk1MLcOWxs4PzS4ozhvIyWL6t6BtrdftOklDopYZDCvT7FcQA0Wd4KXmnreni2Qw4N_e81LxGcIYiNo9OUSJW7ZbfSAgmGKVuhq8xDv8_fKRNd7eRKvOGR1rMUHgFvyVs5XtP6qwZptV7Uh_bORRIIbjljswOz30AWCu8D4W9JaoIzclJ5qxFu04FE6-izj2A7394DeS53ABMC3YCFQxOQSNVFV9SZ-buL9rxq0oY1inCDwjCCnRsUuUjbmCXnGeI3S5vXxnFgPOj2dVDf1ywD06o-x9tJHEhiQwEky7XhZx7v4UXCD96xAF1BhHwTxXWSF3TTlOBQtb5TpN4CYdAoCyczjN0pzLjex9reYwATG-_KHuwPgBAHABW6gBlSAB7C58SmoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIIBwiAYRABGB3yCBthZHgtc3Vic3luLTY1MDg1NzM4NTQwOTg2ODaaCaQBaHR0cHM6Ly93d3cuaW50ZXJkaXNjb3VudC5jaC9kZS9tb2JpbHRlbGVmb24tdGFibGV0LXdlYXJhYmxlcy9tb2JpbHRlbGVmb24vbW9iaWx0ZWxlZm9uZS0tYzQxMTAwMC9zYW1zdW5nLWdhbGF4eS1hNTEtNi01LTEyOC1nYi00OC1tcC1wcmlzbS1jcnVzaC1ibGFjay0tcDAwMDIxMDk5OTKxCYAwQivRJz32gAoDyAsB0AsO4AsBuAwB2BMN0BUB4hYCCAGAFwE&num=1&client=ca-pub-7379978810940306&ctype=110&label=video_10s_engaged_view&ad_mt=10198&acvw=sv%3D894%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D585,516,838,966%26p0%3D585,516,838,966%26p1%3D585,516,838,966%26p2%3D585,516,838,966%26tos%3D10727,0,0,0,0%26mtos%3D10727,10727,10727,10727,10727%26amtos%3D0,0,0,0,0%26mtos1%3D5478,0,0%26mtos2%3D4752,0,0%26mcvt%3D10727%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10727%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2599%26pst%3D554%26dur%3D19017%26vmtime%3D10198%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26cs%3D16782099%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D497,497,497,497,497%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1159%26femvt%3D0%26emc%3D54%26emuc%3D0%26emb%3D54,0,0,0,0%26avms%3Dexc%26qi%3D679419909%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D1620340327088%26pngs%3D9s,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10727%26ss0%3D0.05%26ss1%3D0.05%26ss2%3D0.05&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.05%26t%3D1620340315545&cid=CAQSKQCNIrLMkp2WXD4qRRUy7qT7TLrqNfQegCHIoHm35-XLKBTL7Jq_gigV&dblrd=1&val=ChAyMjQ2M2M0YzBhYzgwMDUxEODc0YQGGgjUxXwugXKkKSABKAE&sig=AOD64_3NjH91dIglQBq2OaMYlvQwfWiZUQ&adurl=http://clickserve.dartsearch.net/link/click%3F%26ds_a_cid%3D85922208%26ds_a_caid%3D12897681005%26ds_a_agid%3D118933470662%26ds_a_fiid%3D%26ds_a_lid%3D%26%26ds_e_adid%3D518055251970%26ds_e_matchtype%3Dcontent%26ds_e_device%3Dc%26ds_e_network%3Dvp%26%26ds_url_v%3D2%26ds_dest_url%3Dhttps://www.interdiscount.ch/de/mobiltelefon-tablet-wearables/mobiltelefon/mobiltelefone--c411000/samsung-galaxy-a51-6-5-128-gb-48-mp-prism-crush-black--p0002109992%3Fgclsrc%3Daw.ds%26

708 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
webmaila.mybluelight.com/ 		458 B
881 B 		Document
General
Check archive.org
Download Go to
Full URL
http://webmaila.mybluelight.com/
Protocol
HTTP/1.1
Server
64.136.53.59 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
webmail.vgs.mybluelight.com
Software
Apache /
Resource Hash
fac315f36acbafe16ba7f6700cb28dd13be5b5624176cc2a5b40a61db63f0cd5

Request headers

Host
webmaila.mybluelight.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:46 GMT
Server
Apache
Pragma
no-cache
Cache-Control
no-cache, no-store
X-User
P3P
policyref="http://www.mybluelight.com/common/w3c/bluelight.xml",CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
Keep-Alive
timeout=60, max=1000
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html
Primary Request Cookie set sp.do
start.mybluelight.com/start/
Redirect Chain
  • http://start.mybluelight.com/start/sp.do?cf=EOW
  • https://start.mybluelight.com/start/sp.do?cf=EOW
56 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://start.mybluelight.com/start/sp.do?cf=EOW
Requested by
Host: webmaila.mybluelight.com
URL: http://webmaila.mybluelight.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
/
Resource Hash
36e801960d2570c3570d1efdef631b93f48a7692daf0c7b4543f2fbbc86fe94a

Request headers

Host
start.mybluelight.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://webmaila.mybluelight.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
JSESSIONID=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; wsessionid=FB3526C3AB012E95D19E87BD77278C12|86400|1620426708
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://webmaila.mybluelight.com/

Response headers

Date
Thu, 06 May 2021 22:31:49 GMT
Server
Pragma
no-cache
Cache-Control
no-cache,post-check=0,pre-check=0
Expires
0
P3P
policyref="http://start.mybluelight.com/common/w3c/bluelight.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
Content-Type
text/html;charset=ISO-8859-1
Content-Language
en-US
Set-Cookie
usprivacy=1YNN; Max-Age=31536000; Expires=Fri, 06-May-2022 22:31:49 GMT; Domain=mybluelight.com; Path=/ wsessionid=FB3526C3AB012E95D19E87BD77278C12|86400|1620426709 cf=EOW; Domain=mybluelight.com; Path=/ switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; Max-Age=1261440000; Expires=Tue, 26-Apr-2061 22:31:49 GMT; Domain=mybluelight.com; Path=/ wsessionid=; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Domain=mybluelight.com; Path=/ tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; Domain=mybluelight.com; Path=/ switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0; Max-Age=1261440000; Expires=Tue, 26-Apr-2061 22:31:49 GMT; Domain=start.mybluelight.com; Path=/
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
16011

Redirect headers

Date
Thu, 06 May 2021 22:31:47 GMT
Server
Location
https://start.mybluelight.com/start/sp.do?cf=EOW
Set-Cookie
JSESSIONID=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; Path=/start; HttpOnly wsessionid=FB3526C3AB012E95D19E87BD77278C12|86400|1620426708
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
20
Content-Type
text/html
bootstrap.min.css
start.mybluelight.com/redesign/common/css/ 		99 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://start.mybluelight.com/redesign/common/css/bootstrap.min.css?v=42606
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
Apache /
Resource Hash
11c74aed50911d54c04455fe1d9c04f42c5f6cf438a94976f890f25f2a59f699

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
start.mybluelight.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
Cookie
usprivacy=1YNN; cf=EOW; switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0
Connection
keep-alive
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Oct 2014 05:19:27 GMT
Server
Apache
ETag
"18cdb-50674ca8155c0"
Content-Type
text/css
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
17247
Expires
Fri, 01 Apr 2022 22:31:49 GMT
common-redesign.css
start.mybluelight.com/redesign/common/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://start.mybluelight.com/redesign/common/css/common-redesign.css?v=50388
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
Apache /
Resource Hash
530a7ec85c99a87c16767bea53210c18c3ec6c45449c931931276271d5b58bbc

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
start.mybluelight.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
Cookie
usprivacy=1YNN; cf=EOW; switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0
Connection
keep-alive
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Mar 2018 10:13:07 GMT
Server
Apache
ETag
"5982-566f809ddb2c0"
Content-Type
text/css
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
4945
Expires
Fri, 01 Apr 2022 22:31:49 GMT
sp-redesign.css
start.mybluelight.com/static/start/view/common/css/ 		44 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://start.mybluelight.com/static/start/view/common/css/sp-redesign.css?v=46787
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
Apache /
Resource Hash
1bc13a75564c6146f9ecde68e8ce49a345d225fdf663c8486dad373e06d5fcd8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
start.mybluelight.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
Cookie
usprivacy=1YNN; cf=EOW; switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0
Connection
keep-alive
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Feb 2021 05:20:02 GMT
Server
Apache
ETag
"b16b-5bb957ccec480"
Content-Type
text/css
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
9651
Expires
Fri, 01 Apr 2022 22:31:49 GMT
mobile-detect.min.js
start.mybluelight.com/static/start/view/common/js/ 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://start.mybluelight.com/static/start/view/common/js/mobile-detect.min.js
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
Apache /
Resource Hash
6ba6cfb901156845a6d571c65a55728e59509155f4c05f49a9fc42c2682ee367

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
start.mybluelight.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
Cookie
usprivacy=1YNN; cf=EOW; switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0
Connection
keep-alive
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Sep 2015 10:37:38 GMT
Server
Apache
ETag
"8b85-51ed55f392080"
Content-Type
application/x-javascript
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
14933
Expires
Fri, 01 Apr 2022 22:31:49 GMT
jquery-1.12.3.min.js
start.mybluelight.com/redesign/common/js/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://start.mybluelight.com/redesign/common/js/jquery-1.12.3.min.js
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
Apache /
Resource Hash
e7d49cca61290be8f37223db523fef0f0b39fc9f894f75143c8784077fde395d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
start.mybluelight.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
Cookie
usprivacy=1YNN; cf=EOW; switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0
Connection
keep-alive
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Jan 2018 04:08:39 GMT
Server
Apache
ETag
"17b9b-561ff9a6ddfc0"
Content-Type
application/x-javascript
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
33793
Expires
Fri, 01 Apr 2022 22:31:49 GMT
sp-redesign.js
start.mybluelight.com/static/start/view/common/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://start.mybluelight.com/static/start/view/common/js/sp-redesign.js
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
Apache /
Resource Hash
1db969871c252b37b3b7e5e5e37289a810a1c50cde47c2baf91239acb35f7fd4

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
start.mybluelight.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
Cookie
usprivacy=1YNN; cf=EOW; switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0
Connection
keep-alive
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Mar 2017 05:23:18 GMT
Server
Apache
ETag
"3625-54ae6600dbd80"
Content-Type
application/x-javascript
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
4675
Expires
Fri, 01 Apr 2022 22:31:49 GMT
global.js
start.mybluelight.com/static/start/view/common/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://start.mybluelight.com/static/start/view/common/js/global.js
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
Apache /
Resource Hash
9365d1378568455d4ceacb9d6ca1699bb3318d564d46ba2f9d2acf683ab35440

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
start.mybluelight.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
Cookie
usprivacy=1YNN; cf=EOW; switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0
Connection
keep-alive
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Aug 2018 04:30:23 GMT
Server
Apache
ETag
"2281-572d0da3195c0"
Content-Type
application/x-javascript
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
3021
Expires
Fri, 01 Apr 2022 22:31:49 GMT
common-redesign.js
start.mybluelight.com/redesign/common/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://start.mybluelight.com/redesign/common/js/common-redesign.js?v=2345
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
Apache /
Resource Hash
293a55ecf8395b41ce9f3520d72cfc943bf09807aac64595855a8a380f76f19e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
start.mybluelight.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
Cookie
usprivacy=1YNN; cf=EOW; switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0
Connection
keep-alive
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 11 Jan 2019 03:46:52 GMT
Server
Apache
ETag
"235b-57f268ba6c300"
Content-Type
application/x-javascript
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
2679
Expires
Fri, 01 Apr 2022 22:31:49 GMT
jquery.bxslider.min.js
start.mybluelight.com/redesign/common/js/vendor/ 		37 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://start.mybluelight.com/redesign/common/js/vendor/jquery.bxslider.min.js
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
Apache /
Resource Hash
b9517f28fb51171cbcace1fbc240edbaa95a935aa6eede6379f6d1d0057e8857

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
start.mybluelight.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
Cookie
usprivacy=1YNN; cf=EOW; switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0
Connection
keep-alive
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 May 2017 04:44:19 GMT
Server
Apache
ETag
"9517-54fc50eccaec0"
Content-Type
application/x-javascript
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
7063
Expires
Fri, 01 Apr 2022 22:31:49 GMT
jquery.bxslider.min.css
start.mybluelight.com/redesign/common/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://start.mybluelight.com/redesign/common/css/jquery.bxslider.min.css
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
Apache /
Resource Hash
bec558803cf18dc8e707f1c98a5d6903988dd250ae909ec27b37bdd2114a16d6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
start.mybluelight.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
Cookie
usprivacy=1YNN; cf=EOW; switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0
Connection
keep-alive
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 May 2017 04:44:19 GMT
Server
Apache
ETag
"e41-54fc50eccaec0"
Content-Type
text/css
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
911
Expires
Fri, 01 Apr 2022 22:31:49 GMT
b_logo.png
start.mybluelight.com/redesign/common/images/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://start.mybluelight.com/redesign/common/images/b_logo.png
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
Apache /
Resource Hash
1680cef5511941e32a03b76fd612b97220908c5c774f163d7908ca145c062b25

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
start.mybluelight.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
Cookie
usprivacy=1YNN; cf=EOW; switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0
Connection
keep-alive
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:50 GMT
Last-Modified
Fri, 17 Mar 2017 05:23:18 GMT
Server
Apache
ETag
"4164-54ae6600dbd80"
Content-Type
image/png
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
16740
Expires
Fri, 01 Apr 2022 22:31:50 GMT
SearchEdit.jpg
start.mybluelight.com/redesign/common/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://start.mybluelight.com/redesign/common/images/SearchEdit.jpg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
Apache /
Resource Hash
53e22408f0b5477c711dce11f452d5850c6f13b0d3cc46a916ac6da8453e84d8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
start.mybluelight.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
Cookie
usprivacy=1YNN; cf=EOW; switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0
Connection
keep-alive
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:50 GMT
Last-Modified
Mon, 03 Jul 2017 05:34:43 GMT
Server
Apache
ETag
"18a2-553631fbe82c0"
Content-Type
image/jpeg
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
6306
Expires
Fri, 01 Apr 2022 22:31:50 GMT
hourlybtn-arrow.png
start.mybluelight.com/redesign/common/css/images/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://start.mybluelight.com/redesign/common/css/images/hourlybtn-arrow.png
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
Apache /
Resource Hash
02c26b6ef5d8f82cd0876a49ef25a6946bdb56d39db132c5e2913dc5a77a7f9c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
start.mybluelight.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
Cookie
usprivacy=1YNN; cf=EOW; switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0
Connection
keep-alive
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:50 GMT
Last-Modified
Mon, 03 Jul 2017 05:34:43 GMT
Server
Apache
ETag
"136e1-553631fbe82c0"
Content-Type
image/png
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
79585
Expires
Fri, 01 Apr 2022 22:31:50 GMT
prev.png
start.mybluelight.com/redesign/common/css/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://start.mybluelight.com/redesign/common/css/images/prev.png
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
Apache /
Resource Hash
c9c58e2aea98de3196b45cfbed9c7b2e91b5384ed6d64f86d35be8c4ba73bccb

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
start.mybluelight.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
Cookie
usprivacy=1YNN; cf=EOW; switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0
Connection
keep-alive
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:50 GMT
Last-Modified
Mon, 03 Jul 2017 05:34:43 GMT
Server
Apache
ETag
"b65-553631fbe82c0"
Content-Type
image/png
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
2917
Expires
Fri, 01 Apr 2022 22:31:50 GMT
next.png
start.mybluelight.com/redesign/common/css/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://start.mybluelight.com/redesign/common/css/images/next.png
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
Apache /
Resource Hash
e4f5bcb7f8edef1979e6de5a327ed393f167230dba2f40c71b4f6a4e6507ea60

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
start.mybluelight.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
Cookie
usprivacy=1YNN; cf=EOW; switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0
Connection
keep-alive
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:50 GMT
Last-Modified
Mon, 03 Jul 2017 05:34:43 GMT
Server
Apache
ETag
"b68-553631fbe82c0"
Content-Type
image/png
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
2920
Expires
Fri, 01 Apr 2022 22:31:50 GMT
sp-text-feeds.js
start.mybluelight.com/static/start/view/common/js/ 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://start.mybluelight.com/static/start/view/common/js/sp-text-feeds.js?v=17864
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
Apache /
Resource Hash
35d54aea0904a49c26427aa821f53f9d5c5297a5b9455ab526164f48f836d4d3

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
start.mybluelight.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
Cookie
usprivacy=1YNN; cf=EOW; switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0
Connection
keep-alive
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Feb 2021 05:20:03 GMT
Server
Apache
ETag
"2b5c-5bb957cde06c0"
Content-Type
application/x-javascript
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
1960
Expires
Fri, 01 Apr 2022 22:31:50 GMT
speed-detector.js
start.mybluelight.com/redesign/common/js/vendor/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://start.mybluelight.com/redesign/common/js/vendor/speed-detector.js?v=20930
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
Apache /
Resource Hash
d762c0ab92d46134c186e1a5c1c21ed4484836560ad255af4d3937c30dc983e7

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
start.mybluelight.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
Cookie
usprivacy=1YNN; cf=EOW; switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0
Connection
keep-alive
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Aug 2018 04:30:23 GMT
Server
Apache
ETag
"c90-572d0da3195c0"
Content-Type
application/x-javascript
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
1325
Expires
Fri, 01 Apr 2022 22:31:50 GMT
pv
track.mybluelight.com/s/ 		43 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.mybluelight.com/s/pv?s=999999&a=sp&p=startsp2017&d=null&i=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04&cf=EOW&srt=71583746&crt=0
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.45.33 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
track.dca.mybluelight.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:49 GMT
Server
Apache-Coyote/1.1
Transfer-Encoding
chunked
P3P
policyref="http://www.mybluelight.com/common/w3c/bluelight.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
Cache-Control
no-cache,post-check=0,pre-check=0
X-User
Content-Type
image/gif
Expires
0
spWeather.do
start.mybluelight.com/start/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://start.mybluelight.com/start/spWeather.do?type=ipaddress&q=91.132.136.84&callback=json_weathercallback
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/redesign/common/js/jquery-1.12.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
/
Resource Hash
a0bbe5990274f939f4e90f0bd0da003e6485edd3e553c3120e085e89931f9f0f

Request headers

Sec-Fetch-Mode
cors
Origin
https://start.mybluelight.com
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
JSESSIONID=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; wsessionid=FB3526C3AB012E95D19E87BD77278C12|86400|1620426709; usprivacy=1YNN; cf=EOW; switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0
Connection
keep-alive
Content-Length
0
Pragma
no-cache
Host
start.mybluelight.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Cache-Control
no-cache
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
Sec-Fetch-Site
same-origin
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:50 GMT
Content-Encoding
gzip
Server
Vary
Accept-Encoding
Content-Language
en-US
P3P
policyref="http://start.mybluelight.com/common/w3c/bluelight.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
Cache-Control
no-cache no-store
Content-Type
application/json;charset=UTF-8
Content-Length
2154
Expires
Thu, 01 Jan 1970 00:00:00 GMT
feed
feed.untd.com/feed/ 		34 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://feed.untd.com/feed/feed?action=multifeed&synd=fd_newser_rss_entertainment,fd_newser_rss_topnews,fd_newser_rss_us_world,fd_newser_rss_sports,fd_newser_rss_science,fd_newser_rss_crime&format=jsonp&callback=jsoncallback&_=1620340310049
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/redesign/common/js/jquery-1.12.3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.44.17 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
feed.dca.untd.com
Software
Apache-Coyote/1.1 /
Resource Hash
65fb4af05f44d6853cd36e4c88ec6b4f449784a85205609e7543537f0bca361c

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
server
Apache-Coyote/1.1
p3p
policyref="http://my.untd.com/common/w3c/untd.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
content-length
35215
content-type
application/javascript
pv
track.mybluelight.com/s/ 		43 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.mybluelight.com/s/pv?s=999999&a=sp&p=sp2017&d=null&i=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04&cf=EOW&srt=54000994&crt=1
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.45.33 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
track.dca.mybluelight.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:50 GMT
Server
Apache-Coyote/1.1
Transfer-Encoding
chunked
P3P
policyref="http://www.mybluelight.com/common/w3c/bluelight.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
Cache-Control
no-cache,post-check=0,pre-check=0
X-User
Content-Type
image/gif
Expires
0
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
298
date
Thu, 06 May 2021 22:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Fri, 07 May 2021 00:26:52 GMT
hdr_lg_new_accl_n.gif
webmail.netzero.net/images/headers/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webmail.netzero.net/images/headers/hdr_lg_new_accl_n.gif?ts=1620340310257
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.53.83 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
webmail.vgs.netzero.net
Software
Apache /
Resource Hash
fa21121e62cdbfb40b4c81f67428faeea8ed0d9af4943f285019645c9fd90f85

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
last-modified
Fri, 25 Sep 2009 12:30:24 GMT
server
Apache
etag
"c27-474661cb5b800"
p3p
policyref="http://my.netzero.net/common/w3c/netzero.xml",CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
cache-control
max-age=315360000
accept-ranges
bytes
content-type
image/gif
content-length
3111
expires
Sun, 04 May 2031 22:31:50 GMT
as-3.1.6.min.js
static.uolcontent.com/js_api/ 		116 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.uolcontent.com/js_api/as-3.1.6.min.js
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/redesign/common/js/jquery-1.12.3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
content.dca.untd.com
Software
lighttpd /
Resource Hash
c78c0b34dd7efde9294129cabaac1cf502f9d99a097e7706eb7120c48e42b677

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
content-encoding
gzip
last-modified
Mon, 19 Oct 2020 10:25:01 GMT
server
lighttpd
etag
"2744734455"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000
accept-ranges
bytes
content-length
36648
expires
Sun, 01 May 2022 22:31:50 GMT
xh0mrvts-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/thumbs/y9Wqv0p8-720.jpg
  • https://assets-jpcust.jwpsrv.com/thumbnails/xh0mrvts-720.jpg
33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/xh0mrvts-720.jpg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
01a6bfadd0b3f21d224ec036d91b69e64fb17dd5f30c6e374986809e965509c9

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
content-encoding
gzip
age
676
x-amz-server-side-encryption
AES256
x-cache
MISS, HIT
content-length
33661
x-served-by
cache-bwi5147-BWI, cache-hhn4073-HHN
access-control-allow-origin
*
last-modified
Thu, 06 May 2021 22:20:10 GMT
server
nginx
x-timer
S1620340310.472926,VS0,VE1
etag
"15a42b45a73a1623e2ff2daddd2fbafc"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
0, 1

Redirect headers

date
Thu, 06 May 2021 22:31:50 GMT
via
1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/xh0mrvts-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
16FF3y4PlGyHWVStQmcTD80tPQ54ASDp7t3DVQlzYhX0iMD9hiqqTg==
play.png
start.mybluelight.com/redesign/common/css/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://start.mybluelight.com/redesign/common/css/images/play.png
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
Apache /
Resource Hash
551b935a77c004908939b75f18bad914aeb49d0d66eff7708c6dfce8586ba34e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
start.mybluelight.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
Cookie
usprivacy=1YNN; cf=EOW; switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0
Connection
keep-alive
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:50 GMT
Last-Modified
Mon, 03 Jul 2017 05:34:43 GMT
Server
Apache
ETag
"4ad3-553631fbe82c0"
Content-Type
image/png
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
19155
Expires
Fri, 01 Apr 2022 22:31:50 GMT
kp5b9g5l-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/thumbs/0MMuPfSR-720.jpg
  • https://assets-jpcust.jwpsrv.com/thumbnails/kp5b9g5l-720.jpg
88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/kp5b9g5l-720.jpg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b91f676bed98332eb3f886d320446ddc68d2872d9af542a1ffaec182cf90ef77

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
content-encoding
gzip
age
545
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
89914
x-served-by
cache-bwi5149-BWI, cache-hhn4073-HHN
access-control-allow-origin
*
last-modified
Thu, 06 May 2021 13:14:45 GMT
server
nginx
x-timer
S1620340310.472915,VS0,VE1
etag
"e18acd893e256837885fa68cdef0a38d"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Thu, 06 May 2021 22:31:50 GMT
via
1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/kp5b9g5l-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
RglZZGA2H9SHvKYKweSx16Y21r1cJdhJ0B5AkinFXRInIT0xBB1XcA==
3mfpiae8-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/thumbs/uyJvgset-720.jpg
  • https://assets-jpcust.jwpsrv.com/thumbnails/3mfpiae8-720.jpg
87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/3mfpiae8-720.jpg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d26038195ab27931c1d7b7ea8c9b2d893624a9d028e688116f0328f5d691ad89

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
content-encoding
gzip
age
289
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
89174
x-served-by
cache-bwi5127-BWI, cache-hhn4073-HHN
access-control-allow-origin
*
last-modified
Thu, 06 May 2021 13:14:50 GMT
server
nginx
x-timer
S1620340310.472975,VS0,VE1
etag
"cb04b5c4ace3b15af0285937d76ca1f8"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Thu, 06 May 2021 22:31:50 GMT
via
1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/3mfpiae8-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
7L8o7O8K2cp70Ry5F8y00w9lx23V2F9D95_H5ybRzW-hLbUv0rxlmw==
pi9j559l-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/thumbs/0524iFow-720.jpg
  • https://assets-jpcust.jwpsrv.com/thumbnails/pi9j559l-720.jpg
63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/pi9j559l-720.jpg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c23ebfdfbad6823ba4002465ad8d0dfbfbabb09e93f4084cd971896386660c74

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
content-encoding
gzip
age
546
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
64240
x-served-by
cache-bwi5135-BWI, cache-hhn4073-HHN
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 13:08:12 GMT
server
nginx
x-timer
S1620340310.489452,VS0,VE89
etag
"e6af95f6899908512696349a5e18505f"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Thu, 06 May 2021 22:31:50 GMT
via
1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/pi9j559l-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
EccoehumPzPKYFxdqSbSpOHc_g17Tm6qBeUXsP5PCGRZfCdZOaCotA==
m0kv9so1-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/thumbs/rkeKamX9-720.jpg
  • https://assets-jpcust.jwpsrv.com/thumbnails/m0kv9so1-720.jpg
80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/m0kv9so1-720.jpg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fd34ec8ffdb9c1ff366bfff307840b945bf3df04ae324fc8a25af4c47bbae918

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
content-encoding
gzip
age
545
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
81361
x-served-by
cache-bwi5123-BWI, cache-hhn4073-HHN
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 13:08:06 GMT
server
nginx
x-timer
S1620340310.489223,VS0,VE87
etag
"1d8789cf741e93cae92a013841b56275"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Thu, 06 May 2021 22:31:50 GMT
via
1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/m0kv9so1-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
Rv9OqxgqWFkOAHPot83axfD3dLByMXOX_9bpSx0oXWlLNgcGZ-6vsA==
hab8iteu-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/thumbs/85V3QvLD-720.jpg
  • https://assets-jpcust.jwpsrv.com/thumbnails/hab8iteu-720.jpg
54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/hab8iteu-720.jpg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0123e9bc7a53fbeca38312713282fe939bc22a8baeb449a3217ac2c37d85df62

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
content-encoding
gzip
age
723
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
54996
x-served-by
cache-bwi5147-BWI, cache-hhn4073-HHN
access-control-allow-origin
*
last-modified
Thu, 06 May 2021 00:47:39 GMT
server
nginx
x-timer
S1620340310.488939,VS0,VE1
etag
"faeeccaabeba409e9de56cb4b8f6541d"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
2, 1

Redirect headers

date
Thu, 06 May 2021 22:31:50 GMT
via
1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/hab8iteu-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
z4bKizSCAiDWAT4LQDIAejg9YIBKuFqioOSqvr-XIhtMNr9Fy5BYxQ==
4qkhcj4x-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/thumbs/DleaSRcY-720.jpg
  • https://assets-jpcust.jwpsrv.com/thumbnails/4qkhcj4x-720.jpg
87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/4qkhcj4x-720.jpg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
712e522aa363e7e1e24d3b5637d39d93977c1a7536408f856fe52996a43e1ab5

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
content-encoding
gzip
age
362
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
89334
x-served-by
cache-bwi5150-BWI, cache-hhn4073-HHN
access-control-allow-origin
*
last-modified
Thu, 06 May 2021 00:20:41 GMT
server
nginx
x-timer
S1620340310.489241,VS0,VE1
etag
"0135a4617b9ad25ea58dacee5341e1aa"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Thu, 06 May 2021 22:31:50 GMT
via
1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/4qkhcj4x-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
Oe1M76KLfd4zckrxrwXVJ91x5efbJuuXZuQBbQju0D2Np1u75Rw_qw==
5ho3p2o5-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/thumbs/O4E9gzXJ-720.jpg
  • https://assets-jpcust.jwpsrv.com/thumbnails/5ho3p2o5-720.jpg
43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/5ho3p2o5-720.jpg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8713322a5eaef2c29558258a138a0be0d24c0badeaba46f8cec8419b2e486440

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
content-encoding
gzip
age
670
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
43870
x-served-by
cache-bwi5139-BWI, cache-hhn4073-HHN
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 20:20:45 GMT
server
nginx
x-timer
S1620340310.489252,VS0,VE1
etag
"de2e946238828729065e1c2ef85764ab"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Thu, 06 May 2021 22:31:50 GMT
via
1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/5ho3p2o5-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
w1kgvCtxEyXsK2Ro157_1wdrrMfoWSQVSJOQKdZ0IUghcn-c8BfpWQ==
7fx5tomo-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/thumbs/eja7DevK-720.jpg
  • https://assets-jpcust.jwpsrv.com/thumbnails/7fx5tomo-720.jpg
70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/7fx5tomo-720.jpg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5b796c9a64100ed8fa396c46f1aa202af78bada81dabb8f9a52a8e23d6a3aca3

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
content-encoding
gzip
age
650
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
72094
x-served-by
cache-bwi5129-BWI, cache-hhn4073-HHN
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 20:21:02 GMT
server
nginx
x-timer
S1620340310.490232,VS0,VE1
etag
"d7392fa69b9216034b06191c54e50c03"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
2, 1

Redirect headers

date
Thu, 06 May 2021 22:31:50 GMT
via
1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/7fx5tomo-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
dGoyGXrzezpiWHSDX67TZVX5Kg199d2115d2N7lNkt6sjBL-Yc_P9A==
opywfgga-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/thumbs/EwwuVyid-720.jpg
  • https://assets-jpcust.jwpsrv.com/thumbnails/opywfgga-720.jpg
54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/opywfgga-720.jpg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
31cc8bec04e7785b9ec1b885fc80298d22913e91f6675e91caaf0b9bc66de507

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
content-encoding
gzip
age
651
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
54758
x-served-by
cache-bwi5151-BWI, cache-hhn4073-HHN
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 15:32:06 GMT
server
nginx
x-timer
S1620340310.489352,VS0,VE1
etag
"e58e1f5a63518f73e2c76cc161defd9b"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Thu, 06 May 2021 22:31:50 GMT
via
1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/opywfgga-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
skBw56xucBzlVNsM4lXUMLcPXYy_UhNDPPvr_Zu9Uc1XNtjyKSYirQ==
b1licf0n-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/thumbs/z9Ck7Fsc-720.jpg
  • https://assets-jpcust.jwpsrv.com/thumbnails/b1licf0n-720.jpg
56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/b1licf0n-720.jpg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6cb4884d70212e14ae7395c4181769f6f19ce89d10055b513f766a655bc5e1f2

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
content-encoding
gzip
age
329
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
56829
x-served-by
cache-bwi5138-BWI, cache-hhn4073-HHN
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 13:21:54 GMT
server
nginx
x-timer
S1620340310.494606,VS0,VE1
etag
"8ae9b2f4abafbd6989dd67de4120bc5d"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Thu, 06 May 2021 22:31:50 GMT
via
1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/b1licf0n-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
-ML8q5-KE9HWdPTeuaGV_rUsAL-G9HDqI4CQRwKvXvoc0s5GER0ckg==
xm7lkxex-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/thumbs/BDz6CqA6-720.jpg
  • https://assets-jpcust.jwpsrv.com/thumbnails/xm7lkxex-720.jpg
97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/xm7lkxex-720.jpg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fdac25284d6e12e8ad48ca8d9d2c8fc9b59682bc14c169bd702efb5b548e21f9

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
content-encoding
gzip
age
394
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
99285
x-served-by
cache-bwi5138-BWI, cache-hhn4073-HHN
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 03:09:47 GMT
server
nginx
x-timer
S1620340310.489380,VS0,VE86
etag
"5759adba05804e1edc57c87806ce18f0"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
2, 1

Redirect headers

date
Thu, 06 May 2021 22:31:50 GMT
via
1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/xm7lkxex-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
PDo2r8tPDHwM7MWNnWGVx8kpVPvW7-_hjbjlj2gBs1MO4GLo5ITDNg==
h6610izr-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/thumbs/PVHEOdwP-720.jpg
  • https://assets-jpcust.jwpsrv.com/thumbnails/h6610izr-720.jpg
22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/h6610izr-720.jpg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
58471a2ef554df8a455cd050e725a2e3b6507ebc81e5e64eda08692d21f7c457

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
content-encoding
gzip
age
580
x-amz-server-side-encryption
AES256
x-cache
MISS, HIT
content-length
22014
x-served-by
cache-bwi5148-BWI, cache-hhn4073-HHN
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 00:37:19 GMT
server
nginx
x-timer
S1620340310.489345,VS0,VE1
etag
"70f20a0c8a8f923a7f59ec2b8d907d9d"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
0, 1

Redirect headers

date
Thu, 06 May 2021 22:31:50 GMT
via
1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/h6610izr-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
pwiGeuODiCR_OEV8o5Cu6vzgaaCvKcyr0FI0j1hpktH_HYKctx4I2A==
uaqnaku0-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/thumbs/FzATK1x4-720.jpg
  • https://assets-jpcust.jwpsrv.com/thumbnails/uaqnaku0-720.jpg
54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/uaqnaku0-720.jpg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
24542722400062f6587a69daec97eec648ccef60bae33f4de35a07ea6e0cb07d

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
content-encoding
gzip
age
318
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
55618
x-served-by
cache-bwi5130-BWI, cache-hhn4073-HHN
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 00:32:36 GMT
server
nginx
x-timer
S1620340310.489582,VS0,VE1
etag
"fa6d60548ac20d8a57c084b42910a72d"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
3, 1

Redirect headers

date
Thu, 06 May 2021 22:31:50 GMT
via
1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/uaqnaku0-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
qCJGesSrhmDYUmLNNSTofzNvFeDppVaRSAAKmK0DRPSFpudRGZB-xA==
i1w6qz5e-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/thumbs/eMmybZNp-720.jpg
  • https://assets-jpcust.jwpsrv.com/thumbnails/i1w6qz5e-720.jpg
67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/i1w6qz5e-720.jpg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
08e7af151e5e199c955ba59ab95b00bbbc34a2ff9a5b1ffc649cb05b5b43871b

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
content-encoding
gzip
age
860
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
68492
x-served-by
cache-bwi5136-BWI, cache-hhn4073-HHN
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 00:11:17 GMT
server
nginx
x-timer
S1620340310.489603,VS0,VE0
etag
"d417a363e96ba2fc064a70b98222b903"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
3, 2

Redirect headers

date
Thu, 06 May 2021 22:31:50 GMT
via
1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/i1w6qz5e-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
uXn4hvl9nKKNPYYu9gNHmiWWTGAInFBJ_saMM40wGdB3WCnl6bMfiQ==
o8xed1hc-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/thumbs/n1vVC5LQ-720.jpg
  • https://assets-jpcust.jwpsrv.com/thumbnails/o8xed1hc-720.jpg
123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/o8xed1hc-720.jpg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
80cb8b77c2e22b243800225d70f207fef4900b9bb61a7847769d099bfe82a23c

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
content-encoding
gzip
age
749
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
125308
x-served-by
cache-bwi5132-BWI, cache-hhn4073-HHN
access-control-allow-origin
*
last-modified
Tue, 04 May 2021 23:24:05 GMT
server
nginx
x-timer
S1620340310.489573,VS0,VE0
etag
"175bcab66996cb4d4e23560933339924"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
3, 2

Redirect headers

date
Thu, 06 May 2021 22:31:50 GMT
via
1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/o8xed1hc-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
7NGqfLDUSQuE8BIHQfI431Vy0QIfENkaskI6h5jNumHq3rGg8jPLgQ==
gi8hmxp6-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/thumbs/qwtwcHXd-720.jpg
  • https://assets-jpcust.jwpsrv.com/thumbnails/gi8hmxp6-720.jpg
71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/gi8hmxp6-720.jpg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8ad3241e0660687718c6c548ba357ec4ecd8791d43bb3e11d4ffd18c94007a3a

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
content-encoding
gzip
age
505
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
72764
x-served-by
cache-bwi5140-BWI, cache-hhn4073-HHN
access-control-allow-origin
*
last-modified
Tue, 04 May 2021 18:41:49 GMT
server
nginx
x-timer
S1620340310.490599,VS0,VE1
etag
"fbdc6649929613ede6a3c066b5112938"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Thu, 06 May 2021 22:31:50 GMT
via
1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/gi8hmxp6-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
bh3R44VVeP50Ji5msjOJwoFOft7CE0rZ1853bZWkkTLnLv5mjktk1A==
hkvtympq-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/thumbs/TeV4C1Jh-720.jpg
  • https://assets-jpcust.jwpsrv.com/thumbnails/hkvtympq-720.jpg
23 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/hkvtympq-720.jpg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
459409c580090cce4725084cab76a0314405ad2ebac07868fb1581e69fcc8230

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
content-encoding
gzip
age
407
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
22287
x-served-by
cache-bwi5138-BWI, cache-hhn4073-HHN
access-control-allow-origin
*
last-modified
Tue, 04 May 2021 17:32:37 GMT
server
nginx
x-timer
S1620340310.490253,VS0,VE1
etag
"9aacdaf97d57c920eaf35a1417ffec6d"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
2, 1

Redirect headers

date
Thu, 06 May 2021 22:31:50 GMT
via
1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/hkvtympq-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
V_Uxw1JJVUnmLEQmpdpd6Xr9XnHGc99Eojxe1pWHu2zCE_H7YnAi6A==
jh9mccsq-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/thumbs/z3ziscND-720.jpg
  • https://assets-jpcust.jwpsrv.com/thumbnails/jh9mccsq-720.jpg
71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/jh9mccsq-720.jpg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
35233737150ccafa09688c70fb8319ce78bf20c53524b536bd1d46c639c1a4e1

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
content-encoding
gzip
age
502
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
72150
x-served-by
cache-bwi5138-BWI, cache-hhn4073-HHN
access-control-allow-origin
*
last-modified
Tue, 04 May 2021 18:40:09 GMT
server
nginx
x-timer
S1620340310.489438,VS0,VE0
etag
"b06c9af71fa2af991a065c5df75bdd68"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 2

Redirect headers

date
Thu, 06 May 2021 22:31:50 GMT
via
1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/jh9mccsq-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
Iy28FBIhnCz7ZcR0NTCcm1R_Y8eLakPC3sjBUiPljXeQ3PvV85YxZg==
hyx8ic1p-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/thumbs/KJ8bG9Yt-720.jpg
  • https://assets-jpcust.jwpsrv.com/thumbnails/hyx8ic1p-720.jpg
43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/hyx8ic1p-720.jpg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
62c51fbde161d009953daecb2e19983d2ac158ccfa64aad24bcab6ba1db46c4e

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
content-encoding
gzip
age
709
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
43769
x-served-by
cache-bwi5129-BWI, cache-hhn4073-HHN
access-control-allow-origin
*
last-modified
Tue, 04 May 2021 11:51:53 GMT
server
nginx
x-timer
S1620340310.490231,VS0,VE1
etag
"1ebfc753bcf4274d843bb81b6db3917b"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
2, 1

Redirect headers

date
Thu, 06 May 2021 22:31:50 GMT
via
1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-C1
location
https://assets-jpcust.jwpsrv.com/thumbnails/hyx8ic1p-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
Y5PKB1tZzQd01NI8bwq-vIp7ng7HCY5Mf_9wuCVn9fhTv4kBOAtlDw==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=104796195&t=pageview&_s=1&dl=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&dr=http%3A%2F%2Fwebmaila.mybluelight.com%2F&ul=en-us&de=windows-1252&dt=Bluelight%20-%20My%20Bluelight%20Personalized%20Start%20Page%20-%20Sign%20in&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=125973139&gjid=1844499160&cid=1366745438.1620340310&tid=UA-7101665-7&_gid=1183485802.1620340310&_r=1&_slc=1&z=350209127
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://start.mybluelight.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
fd_newser_rss_topnews.gif
content.uolstatic.com/feed/img/logo/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.uolstatic.com/feed/img/logo/fd_newser_rss_topnews.gif
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
content.dca.untd.com
Software
lighttpd /
Resource Hash
cd43e2ff94fccb39f756a6a4e87eeec4a2be6f40ce297fb8e122ac87d72a0355

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
last-modified
Wed, 25 Jan 2017 06:19:02 GMT
server
lighttpd
etag
"2886228820"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1493
expires
Sat, 05 Jun 2021 22:31:50 GMT
fd_newser_rss_crime.gif
content.uolstatic.com/feed/img/logo/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.uolstatic.com/feed/img/logo/fd_newser_rss_crime.gif
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
content.dca.untd.com
Software
lighttpd /
Resource Hash
cd43e2ff94fccb39f756a6a4e87eeec4a2be6f40ce297fb8e122ac87d72a0355

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
last-modified
Fri, 22 Nov 2019 05:13:23 GMT
server
lighttpd
etag
"3971892909"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1493
expires
Sat, 05 Jun 2021 22:31:50 GMT
fd_newser_rss_us_world.gif
content.uolstatic.com/feed/img/logo/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.uolstatic.com/feed/img/logo/fd_newser_rss_us_world.gif
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
content.dca.untd.com
Software
lighttpd /
Resource Hash
cd43e2ff94fccb39f756a6a4e87eeec4a2be6f40ce297fb8e122ac87d72a0355

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
last-modified
Wed, 25 Jan 2017 06:19:18 GMT
server
lighttpd
etag
"2886228862"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1493
expires
Sat, 05 Jun 2021 22:31:50 GMT
fd_newser_rss_entertainment.gif
content.uolstatic.com/feed/img/logo/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.uolstatic.com/feed/img/logo/fd_newser_rss_entertainment.gif
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
content.dca.untd.com
Software
lighttpd /
Resource Hash
cd43e2ff94fccb39f756a6a4e87eeec4a2be6f40ce297fb8e122ac87d72a0355

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
last-modified
Wed, 25 Jan 2017 06:18:30 GMT
server
lighttpd
etag
"2886228982"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1493
expires
Sat, 05 Jun 2021 22:31:50 GMT
fd_newser_rss_sports.gif
content.uolstatic.com/feed/img/logo/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.uolstatic.com/feed/img/logo/fd_newser_rss_sports.gif
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
content.dca.untd.com
Software
lighttpd /
Resource Hash
cd43e2ff94fccb39f756a6a4e87eeec4a2be6f40ce297fb8e122ac87d72a0355

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
last-modified
Mon, 24 Dec 2018 11:26:02 GMT
server
lighttpd
etag
"2793063028"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1493
expires
Sat, 05 Jun 2021 22:31:50 GMT
fd_newser_rss_science.gif
content.uolstatic.com/feed/img/logo/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.uolstatic.com/feed/img/logo/fd_newser_rss_science.gif
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
content.dca.untd.com
Software
lighttpd /
Resource Hash
cd43e2ff94fccb39f756a6a4e87eeec4a2be6f40ce297fb8e122ac87d72a0355

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
last-modified
Wed, 25 Jan 2017 06:18:47 GMT
server
lighttpd
etag
"2886228881"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1493
expires
Sat, 05 Jun 2021 22:31:50 GMT
12.png
start.mybluelight.com/redesign/common/images/accuweatherIcons/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://start.mybluelight.com/redesign/common/images/accuweatherIcons/12.png
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
Apache /
Resource Hash
0bd525a199ef705111c4f54be61caa037e880afeae01776567d87b0bda08d0dc

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
start.mybluelight.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
Cookie
usprivacy=1YNN; cf=EOW; switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0; _ga=GA1.2.1366745438.1620340310; _gid=GA1.2.1183485802.1620340310; _gat=1
Connection
keep-alive
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:50 GMT
Last-Modified
Mon, 03 Jul 2017 05:34:42 GMT
Server
Apache
ETag
"2482-553631faf4080"
Content-Type
image/png
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
9346
Expires
Fri, 01 Apr 2022 22:31:50 GMT
AccuWeather_Logo.png
start.mybluelight.com/redesign/common/images/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://start.mybluelight.com/redesign/common/images/AccuWeather_Logo.png
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
Apache /
Resource Hash
30232afad469007331a231fc6c57b5af5ab3021cb3c2099310dd1e3c98c3eaa6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
start.mybluelight.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
Cookie
usprivacy=1YNN; cf=EOW; switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0; _ga=GA1.2.1366745438.1620340310; _gid=GA1.2.1183485802.1620340310; _gat=1
Connection
keep-alive
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:50 GMT
Last-Modified
Fri, 17 Mar 2017 05:23:18 GMT
Server
Apache
ETag
"16eb9-54ae6600dbd80"
Content-Type
image/png
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
93881
Expires
Fri, 01 Apr 2022 22:31:50 GMT
18.png
start.mybluelight.com/redesign/common/images/accuweatherIcons/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://start.mybluelight.com/redesign/common/images/accuweatherIcons/18.png
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
Apache /
Resource Hash
873836fba496d5a674f96960ae28c14f052d5bd15919b93c00d3cb0643033e7a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
start.mybluelight.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
Cookie
usprivacy=1YNN; cf=EOW; switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0; _ga=GA1.2.1366745438.1620340310; _gid=GA1.2.1183485802.1620340310; _gat=1
Connection
keep-alive
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:50 GMT
Last-Modified
Mon, 03 Jul 2017 05:34:43 GMT
Server
Apache
ETag
"26b2-553631fbe82c0"
Content-Type
image/png
Cache-Control
max-age=28512000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
9906
Expires
Fri, 01 Apr 2022 22:31:50 GMT
hdr_lg_new_accl_n.gif
webmail.netzero.net/images/headers/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webmail.netzero.net/images/headers/hdr_lg_new_accl_n.gif?ts=1620340310883
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.53.83 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
webmail.vgs.netzero.net
Software
Apache /
Resource Hash
fa21121e62cdbfb40b4c81f67428faeea8ed0d9af4943f285019645c9fd90f85

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:50 GMT
last-modified
Fri, 25 Sep 2009 12:30:24 GMT
server
Apache
etag
"c27-474661cb5b800"
p3p
policyref="http://my.netzero.net/common/w3c/netzero.xml",CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
cache-control
max-age=315360000
accept-ranges
bytes
content-type
image/gif
content-length
3111
expires
Sun, 04 May 2031 22:31:50 GMT
hdr_lg_new_accl_n.gif
webmail.netzero.net/images/headers/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webmail.netzero.net/images/headers/hdr_lg_new_accl_n.gif?ts=1620340311061
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.53.83 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
webmail.vgs.netzero.net
Software
Apache /
Resource Hash
fa21121e62cdbfb40b4c81f67428faeea8ed0d9af4943f285019645c9fd90f85

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:51 GMT
last-modified
Fri, 25 Sep 2009 12:30:24 GMT
server
Apache
etag
"c27-474661cb5b800"
p3p
policyref="http://my.netzero.net/common/w3c/netzero.xml",CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
cache-control
max-age=315360000
accept-ranges
bytes
content-type
image/gif
content-length
3111
expires
Sun, 04 May 2031 22:31:51 GMT
aconfig
static.uolcontent.com/cgi/ 		25 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.uolcontent.com/cgi/aconfig?site=uolstart&apiVersion=3.1.6&brand=BL&format=json
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
content.dca.untd.com
Software
lighttpd /
Resource Hash
b583ac1a3d3916bbb7be40021cac162fe65f3ad9dddc93317a4e0d0000ef0b2d

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:51 GMT
content-encoding
gzip
last-modified
Tue, 02 Mar 2021 05:08:29 GMT
server
lighttpd
etag
"3173577456"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
7367
spacer.gif
static.uolcontent.com/images/ 		43 B
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.uolcontent.com/images/spacer.gif?msg=AS%3AI%3AsessLog%3Auh%3D%26site%3Duolstart%26dnt%3D0%26dapp%3D0%26dnw%3D4g%26deval%3D0&command=ADLOG&count=1620340311126
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
content.dca.untd.com
Software
lighttpd /
Resource Hash
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:51 GMT
last-modified
Wed, 04 Jan 2017 07:38:14 GMT
server
lighttpd
etag
"4030218971"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
43
expires
Sat, 05 Jun 2021 22:31:51 GMT
oasrdb
track.untd.com/s/ 		43 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.untd.com/s/oasrdb?pid=SDS&profile=1&ts=1620340311250
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.30 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
track.vgs.untd.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:52 GMT
Server
Apache-Coyote/1.1
P3P
policyref="http://my.untd.com/common/w3c/untd.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
Cache-Control
no-cache,post-check=0,pre-check=0
Content-Type
image/gif
Content-Length
43
Expires
0
ast.js
acdn.adnxs.com/ast/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ast/ast.js
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
30654defc778040ccd8fae70f843909f7949b50f367edf1feab456f7d5e52b77

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:52 GMT
Content-Encoding
gzip
Age
20373
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
31011
X-Served-By
cache-lga21963-LGA, cache-fra19154-FRA
Access-Control-Allow-Origin
*
Last-Modified
Mon, 03 May 2021 16:50:57 GMT
Server
nginx/1.13.10
X-Timer
S1620340312.383712,VS0,VE0
ETag
W/"609029f1-15d37"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Tue, 04 May 2021 16:52:15 GMT
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
1, 20570
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
a30a4a350b665415cb951d678d4d3d24afbe2dce719abf4e7b97128ba03cfdb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"864 / 620 of 1000 / last-modified: 1620339182"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21221
x-xss-protection
0
expires
Thu, 06 May 2021 22:31:52 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 04:56:33 GMT
content-encoding
gzip
server
Server
age
63318
etag
8975e8311e479cf7d71d71133ee2dff8
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
RvFob.r3TH_ft5dtWL2SCNMCpiQphReE
x-amz-cf-id
YpnlCjDVet-qbrNEEKuql4Mj3_LWRnSDRa35ZKpcDCj9QedrA-Gcmw==
publishertag.js
static.criteo.net/js/ld/ 		114 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:29 GMT
server
nginx
etag
W/"605322dd-1c9d1"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 07 May 2021 22:31:52 GMT
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13392629&uid=united_online
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Apr 2020 20:06:40 GMT
Server
nginx
ETag
W/"5e8cdd50-17e9"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Cache-Control
max-age=604800, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap7ams1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Credentials
true
Expires
Thu, 13 May 2021 22:31:52 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
753 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96943b0174746d718b6f8167590083&pos=startpage_top_728x90&cmd=bid&us_privacy=1YNN&
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
0a5a9579fb139ab98ecdafe7258605745508de23ce307ff22b0151e82eb37c6e

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:52 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://start.mybluelight.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
753 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96943b0174746d718b6f8167590083&pos=startpage_low_728x90&cmd=bid&us_privacy=1YNN&
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
744dd8e2599d64ffca3f986dc0eec9b06a30d937b7eb36aaa2ab42aca5feb383

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:52 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://start.mybluelight.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
753 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96943b0174746d718b6f8167590083&pos=startpage_atf_300x250_1&cmd=bid&us_privacy=1YNN&
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
14444e67faad8282ef044b591f9341b5275450dcf94ad3cbaa12e14303a8ac05

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:52 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://start.mybluelight.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
753 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96943b0174746d718b6f8167590083&pos=startpage_medium_atf_300x250&cmd=bid&us_privacy=1YNN&
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
1b2c34342ddaf03ab00f9251888556ff0b026d22094cdb0c40527f2c47ee746b

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:52 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://start.mybluelight.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
753 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96943b0174746d718b6f8167590083&pos=startpage_160x600&cmd=bid&us_privacy=1YNN&
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
c1fc732fb5f1253f540711777e5fb90703a1a6ea1520ec27eedab51361744e38

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:52 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://start.mybluelight.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
envelope
api.rlcdn.com/api/identity/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1330&
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
via
1.1 google
alt-svc
clear
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://start.mybluelight.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
cygnus
htlb.casalemedia.com/ 		19 B
683 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?ac=j&sd=1&v=7.2&s=190480&r=%7B%22id%22%3A%22529430049%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW%22%2C%22ref%22%3A%22http%3A%2F%2Fwebmaila.mybluelight.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNN%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22417566117%22%2C%22ext%22%3A%7B%22siteID%22%3A190480%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22503707221%22%2C%22ext%22%3A%7B%22siteID%22%3A190477%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22500932385%22%2C%22ext%22%3A%7B%22siteID%22%3A190476%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22092017899%22%2C%22ext%22%3A%7B%22siteID%22%3A190478%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22786731644%22%2C%22ext%22%3A%7B%22siteID%22%3A192192%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f849286e80a1fc9cee783eb24520b0d27e7086cf3a96d5071f249e49e4da015b

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:52 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[91.132.136.84], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://start.mybluelight.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
39
x-ak-client-geo
12
expires
Thu, 06 May 2021 22:31:52 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		5 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20470&site_id=249838&p_screen_res=1600x1200&tk_flint=uol-ad.js-3.1.6&rp_secure=1&rp_floor=0.01&rf=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&zone_id=1240574%3B1240558%3B1240550%3B1240564%3B1240578&size_id=2%3B2%3B15%3B15%3B9&alt_size_ids=%3B%3B%3B%3B8&p_pos=atf%3Batf%3Batf%3Batf%3Batf&x_source.tid=616340549%3B596629595%3B719866959%3B035960812%3B483580922&rand=992525762&slots=5&us_privacy=1YNN
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
cf8bea8a81da7dade0056dae24e1ba506930812f1248364c445be02f8f43483c

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:52 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://start.mybluelight.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
1905
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://start.mybluelight.com
date
Thu, 06 May 2021 22:31:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
uol-d.openx.net/w/1.0/ 		189 B
579 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://uol-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&jr=http%3A%2F%2Fwebmaila.mybluelight.com%2F&ch=windows-1252&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.7&nocache=1620340312271&ns=0&lre=&pubcid=6855148b-95e4-493f-9c84-bd1152347927&aus=728x90%7C728x90%7C300x250%7C300x250%7C160x600%2C120x600&dddid=936456768%2C979172823%2C650455567%2C391561176%2C425108037&auid=540737102%2C540737103%2C540737100%2C540737101%2C540737099&us_privacy=1YNN
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
5efe0ae4bed58db3f3d879e1ee19e2cefbd95795fc1b8d6fa4cdfd19382b275b

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:52 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://start.mybluelight.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
178
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
jpt
secure.adnxs.com/ 		0
667 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?&id=10431377&size=728x90&us_privacy=1YNN&referrer=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&_=1620340312273&callback=asJSONPCB_1620340311122
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:52 GMT
X-Proxy-Origin
91.132.136.84; 91.132.136.84; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.151:80
AN-X-Request-Uuid
969d8e6b-0c2c-4c0e-be55-5a22107261c4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		0
666 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?&id=10431373&size=728x90&us_privacy=1YNN&referrer=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&_=1620340312273&callback=asJSONPCB_1620340311123
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:52 GMT
X-Proxy-Origin
91.132.136.84; 91.132.136.84; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.44:80
AN-X-Request-Uuid
5d8a1680-98e7-4bc2-9c05-d84774971f77
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		0
667 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?&id=10431369&size=300x250&us_privacy=1YNN&referrer=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&_=1620340312273&callback=asJSONPCB_1620340311124
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:52 GMT
X-Proxy-Origin
91.132.136.84; 91.132.136.84; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.236:80
AN-X-Request-Uuid
ba2a67fd-ffd3-4d5a-bd6a-4194aef76fb3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		0
667 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?&id=10431375&size=300x250&us_privacy=1YNN&referrer=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&_=1620340312273&callback=asJSONPCB_1620340311125
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:52 GMT
X-Proxy-Origin
91.132.136.84; 91.132.136.84; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.154:80
AN-X-Request-Uuid
7eba68e6-f339-4b56-88a6-37ac5b40ae47
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		56 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?&id=12407938&size=728x90&us_privacy=1YNN&referrer=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&_=1620340312274&callback=asJSONPCB_1620340311126
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
95557e4b4b2aa0101cbf163cf32b97fd663b0b10db5e52f66a50d653725d4be1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:52 GMT
X-Proxy-Origin
91.132.136.84; 91.132.136.84; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.185:80
AN-X-Request-Uuid
7a379f1a-c702-40ea-bf2a-28b49edea794
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
56
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		56 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?&id=12407939&size=728x90&us_privacy=1YNN&referrer=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&_=1620340312274&callback=asJSONPCB_1620340311127
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a8ef3ac7657f304a7f6ecd13213289a1014a2e6421224c9c20d98b3f2867f47c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:52 GMT
X-Proxy-Origin
91.132.136.84; 91.132.136.84; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.74:80
AN-X-Request-Uuid
27895b87-2fa0-436c-8450-c7f88de25571
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
56
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		56 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?&id=12407937&size=300x250&us_privacy=1YNN&referrer=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&_=1620340312274&callback=asJSONPCB_1620340311128
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
7729a1e838d2bd0839f9d367d81d24116b8b99e1bef09c094afddf445f01f34d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:52 GMT
X-Proxy-Origin
91.132.136.84; 91.132.136.84; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.52:80
AN-X-Request-Uuid
28917e0a-bca7-40e1-bae1-93dd3f07f943
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
56
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
jpt
secure.adnxs.com/ 		56 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/jpt?&id=12407953&size=300x250&us_privacy=1YNN&referrer=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&_=1620340312274&callback=asJSONPCB_1620340311129
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4848007d24b12b03e2fb92095133138ad19fc228f786e27258b39e0e6f3f7cee
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:52 GMT
X-Proxy-Origin
91.132.136.84; 91.132.136.84; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.236:80
AN-X-Request-Uuid
4684901c-1cb0-4994-93bf-874a1d13c770
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
56
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
24
web.hb.ad.cpe.dotomi.com/s2s/header/ 		180 B
368 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24?
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:13::1460 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
c2e6d9bb16c312f695a12201f9002cf231ffa3f49445cb0bb629bfbcef5695e4

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:52 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://start.mybluelight.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
180
expires
0
24
web.hb.ad.cpe.dotomi.com/s2s/header/ 		180 B
368 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24?
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:13::1460 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
dadb0fbe548c7f93abe6c3b34ea76492273060c55e5f0799f7a98d0a2d40469b

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:52 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://start.mybluelight.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
180
expires
0
24
web.hb.ad.cpe.dotomi.com/s2s/header/ 		180 B
368 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24?
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:13::1460 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
b3587f3fd7ba020037a928372ed6080f0f36fd5aab5300811e5eca31d5a74d81

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:52 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://start.mybluelight.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
180
expires
0
24
web.hb.ad.cpe.dotomi.com/s2s/header/ 		180 B
369 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24?
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:13::1460 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
12e71bc2c0146f162f4576466a6afe965f56e6226ae2cacd0e9e5195d0cdf4f4

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:52 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://start.mybluelight.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
180
expires
0
24
web.hb.ad.cpe.dotomi.com/s2s/header/ 		180 B
368 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24?
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:13::1460 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
68ceee2bd53966ab642387037a12e55ac2315bf1dd353005b33c54f5ef0a4256

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:52 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://start.mybluelight.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
180
expires
0
bid
ap.lijit.com/rtb/ 		43 B
584 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?&br=%7B%22id%22%3A%22368546408%22%2C%22site%22%3A%7B%22domain%22%3A%22start.mybluelight.com%22%2C%22page%22%3A%22%2Fstart%2Fsp.do%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22665199045%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22409809%22%7D%2C%7B%22id%22%3A%22364798267%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22409811%22%7D%2C%7B%22id%22%3A%22585955069%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22453832%22%7D%2C%7B%22id%22%3A%22787466288%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%22tagid%22%3A%22409810%22%7D%2C%7B%22id%22%3A%22364281178%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%7D%2C%22tagid%22%3A%22443264%22%7D%5D%7D&us_privacy=1YNN&_=1620340312279&callback=asJSONPCB_1620340311130
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
e790f51c3078bfd9d2a92640d3e884b00206e6aa932f12ffed16f01eeb0bcb54

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:52 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
63
pubads_impl_2021042801.js
securepubads.g.doubleclick.net/gpt/ 		300 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 08:37:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108145
x-xss-protection
0
expires
Thu, 06 May 2021 22:31:52 GMT
cdb
bidder.criteo.com/ 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=106&profileId=184&cb=14544821165
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://start.mybluelight.com
date
Thu, 06 May 2021 22:31:52 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via
1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
content-type
application/javascript
x-amz-cf-id
dajplu-GfMoTxqk2sK9Ix-YYW7DBLOkQ2Sy4pfe8d24ILabW9N5RhA==
bid
c.amazon-adsystem.com/e/dtb/ 		145 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3406&u=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&pr=http%3A%2F%2Fwebmaila.mybluelight.com%2F&pid=kkurt097NYYQA&cb=0&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2210022%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2210015%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%2210007%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%2210020%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%2210009%22%7D%5D&pj=%7B%22us_privacy%22%3A%221YNN%22%7D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
7afda841e3abde56b0cfda49f53150ce15d814cb8bf949d3a2fd170c45efe48e

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
AMS1-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://start.mybluelight.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
146
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
x-amz-cf-id
L3pg_4sT5CQLGdRU7tnCob6MFR2l-Zd79YQl_85K8cneZX7WwlXzXg==
integrator.js
adservice.google.ch/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=start.mybluelight.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=start.mybluelight.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		50 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3830630729570559&correlator=2296549680476338&output=ldjh&impl=fifs&eid=31060899&vrg=2021042801&ptt=17&us_privacy=1YNN&sc=1&sfv=1-0-38&ecs=20210506&iu_parts=21228205%2CSCC3_CTR_ISP_ATF%2CSCC2_CTR_ISP_ATF%2CSCC1_CTR_ISP_ATF%2CRtChan-RT-ISP-BTF%2CVID_CTR_ISP_ATF%2CRMA1_ICTR_SP_ATF&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=525x220%2C525x220%2C525x220%2C300x600%7C300x250%2C525x325%2C1x1&prev_scp=UOL_POS%3DCustomCentIn_4%26uolpagename%3Ddesk%252Fhome%26uoldialup%3Dfalse%26uolbrand%3DBL%26uolrotate%3Dfalse%7CUOL_POS%3DCustomCentIn_2%26uolpagename%3Ddesk%252Fhome%26uoldialup%3Dfalse%26uolbrand%3DBL%26uolrotate%3Dfalse%7CUOL_POS%3DCustomCentIn_1%26uolpagename%3Ddesk%252Fhome%26uoldialup%3Dfalse%26uolbrand%3DBL%26uolrotate%3Dfalse%7CUOL_POS%3DCustomRtChan%26uolpagename%3Ddesk%252Fhome%26uoldialup%3Dfalse%26uolbrand%3DBL%26uolrotate%3Dfalse%7CUOL_POS%3DCustomCenterA%26uolpagename%3Ddesk%252Fhome%26uoldialup%3Dfalse%26uolbrand%3DBL%26uolrotate%3Dfalse%7CUOL_POS%3DRMA1%26uolpagename%3Ddesk%252Fhome%26uoldialup%3Dfalse%26uolbrand%3DBL%26uolrotate%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1620340312&dt=1620340312528&dlt=1620340309298&idt=3169&frm=20&biw=1600&bih=1200&oid=3&adxs=468%2C468%2C468%2C1010%2C468%2C1309&adys=2382%2C1747%2C1112%2C1382%2C555%2C1163&adks=779180892%2C2981802734%2C3369658261%2C1762261500%2C607342741%2C3467785237&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&ref=http%3A%2F%2Fwebmaila.mybluelight.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=525x259%7C525x259%7C525x259%7C300x630%7C525x325%7C1020x-1&msz=525x220%7C525x220%7C525x220%7C300x600%7C525x325%7C1x-1&ga_vid=1366745438.1620340310&ga_sid=1620340313&ga_hid=104796195&ga_fc=false&fws=0%2C0%2C0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0%2C0&btvi=1%7C2%7C0%7C3%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
f2e3d7f89251325b4d8918d46a2d569fd3340df1ce6d453c43459d6e54818bd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10869
x-xss-protection
0
google-lineitem-id
5436611468,5436611468,5436611468,5261159429,5482922534,5401007683
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138318758131,138318758128,138318368193,138299752834,138323925048,138314675402
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://start.mybluelight.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
blankPhnx.html
start.mybluelight.com/start/view/redesign/common/phoenix/ Frame F2F9 		1 KB
893 B 		Document
General
Check archive.org
Download Go to
Full URL
https://start.mybluelight.com/start/view/redesign/common/phoenix/blankPhnx.html?v=34955
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.53.44 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
start.vgs.mybluelight.com
Software
/
Resource Hash
e9c692bd0c30a7bbc17154b2be4e32f407c11db5098a9a4a02ff148dc4754eed

Request headers

Host
start.mybluelight.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
JSESSIONID=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; wsessionid=FB3526C3AB012E95D19E87BD77278C12|86400|1620426709; usprivacy=1YNN; cf=EOW; switch2=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_a_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_a_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_a_0.wlsDSF_a_1.mp1_a_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_a_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_a_0; tid=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04; switch=rhino_b_1.spsplitwww_b_0.googleAdTest_b_1.scottradeLogo_c_0.dslna_satellite_3.bpTest_b_2.dmecl_b_6.nznetshop_a_11.sp_a_4.dmecr_a_0.spRedesign_b_29.nzspanish_a_1.sp160_b_1.n_b_8.mp2_b_0.wlsDSF_a_1.mp1_b_0.phoenixServe_b_2.p_a_1.popupwww_a_0.q_a_0.cyber_a_0.s_a_3.sp2_a_4.nzdsl_b_0.googleSearch_a_1.w_a_8.y_d_20.yapi_a_5.wwwNewLanding_a_1.gateway_b_0; _ga=GA1.2.1366745438.1620340310; _gid=GA1.2.1183485802.1620340310; _gat=1; CT=1; _pubcid=6855148b-95e4-493f-9c84-bd1152347927
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://start.mybluelight.com/start/sp.do?cf=EOW

Response headers

Date
Thu, 06 May 2021 22:31:52 GMT
Server
Accept-Ranges
bytes
ETag
W/"1045-1494907690000"
Last-Modified
Tue, 16 May 2017 04:08:10 GMT
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
610
X-Pad
avoid browser bug
events
bidder.criteo.com/csm/ 		0
151 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://start.mybluelight.com
date
Thu, 06 May 2021 22:31:52 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 01 May 2022 22:31:52 GMT
pixel.gif
static.criteo.net/images/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 01 May 2022 22:31:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6690 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuTcbuO4sFQ-v4c8l4MFH4M9A_DXumnui_OhoRVAlv7FgWSfn0OJlHhR3QAwtDHijqqS0-FisR2zlwFLM7axrCvUpD0G0JxYZsmeeMK-x2QxygFKll61xHcG2c76qzFIXhuH5q_LCcNug-llWFKTd1T2ojBXY2KKKVe_RTtXFSiVoc49-MxYiSfJbEKMJNed7byu2dgCzjrKAEPImwtYfXgy301Q4KBmqRS77cA3yBKuOYsbBo-v1MpbsVbm4nXseipJA1yW20OwrrSHo3oQFsxGKtjdUes6CDTwlySDYqjVTASgse9FJUbNAuL4g&sai=AMfl-YR88lvaVX3ZRHAxjdfuyYrmaoWYqslx028vasskRbLZhRJX4zxVv5ahCzUcUmZAKJpIFqP7D_rbfB1hRyVfZqionXn5gUMT2Gtw4rqFkAOrLPAQOqA7ZBoemoxptdt5&sig=Cg0ArKJSzLqUViINThyOEAE&urlfix=1&adurl=
Requested by
Host: webmaila.mybluelight.com
URL: http://webmaila.mybluelight.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:31:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 06 May 2021 22:31:52 GMT
outbrain.js
widgets.outbrain.com/ Frame 6690 		172 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c134a62536fcfbd3017774119bbcbd5365432911d8763e43e9583cef68768d05

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 06:21:32 GMT
etag
W/"2b1c0-QdXiAA5wbuvZHAIxQI2DOchSsXw"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah-stg
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
e262af1e3d3bf690c0f33747424be394
timing-allow-origin
*, *
content-length
58559
expires
Fri, 07 May 2021 02:31:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6690 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8a504a4dd65ff18b978b7bfb1d43a60dc8b17c09ed5429ff54decfa45a52d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620214045155586"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36073
x-xss-protection
0
expires
Thu, 06 May 2021 22:31:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A8E4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLSoczt9XyGXlSmhVoonItFWzg6tHSXgA5znLC8FeN4fyFzLOgBAcdhAxYkN2jSn-qkRXC0HsUCRSFcC1hflWDDm3Z38SdOyXCj12iJ4trV-Imi2kHgKNofvPbWD9T6SvnIugVnt56z6QaP42WQR_oB8fANuGolOR8WwMwVwQ58-5rxzEyzlR2XCyeZ3bpXGusNxCpOWH6GX3Z7KUqxwJkJ9jKOs23vWEO3DjoB2GMLxm8LlWyAezkB3ucw_SyO5wPCl7B9gH0FzyVVRrNQ6I0TmNsW88Q8PNR1ovM7gfez7Vb-9zlY_AnoXPukA&sai=AMfl-YTPBXLyWmx7DOwzgyd2kjYwbTzno7lQuVq-j-ZEa7XAMkhPJqwVFn0FuJe-6VpPyPA10rMpdEfrgJ8KXm8eu8Xx1yZoOp-ulnt4RZcHVdz8tVe3y2_FBpJOjYBZvAyx&sig=Cg0ArKJSzIsJ9R_AdysZEAE&urlfix=1&adurl=
Requested by
Host: webmaila.mybluelight.com
URL: http://webmaila.mybluelight.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:31:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 06 May 2021 22:31:52 GMT
outbrain.js
widgets.outbrain.com/ Frame A8E4 		172 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c134a62536fcfbd3017774119bbcbd5365432911d8763e43e9583cef68768d05

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 06:21:32 GMT
etag
W/"2b1c0-QdXiAA5wbuvZHAIxQI2DOchSsXw"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah-stg
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
e262af1e3d3bf690c0f33747424be394
timing-allow-origin
*, *
content-length
58559
expires
Fri, 07 May 2021 02:31:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A8E4 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8a504a4dd65ff18b978b7bfb1d43a60dc8b17c09ed5429ff54decfa45a52d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620214045155586"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36073
x-xss-protection
0
expires
Thu, 06 May 2021 22:31:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3F06 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJL8xPYCYowJB6cGVzgTUAbhkDfIMxZRZ1FfbNNA_UE3NurCIiNr-ljUrm4-8zIiUy1jCOKihfpy1-JiCpRiyGMNNAenaWNENG4P8sqGI6NA2tfT8jORwFt6JldEemt_i_L3tweIdvpZXnRIuMIjQPp-6wdVMLRLCxhMPEk4afRMU7kq6OJQh8MJJ4q52FBtFy30ygBqskqq-RADP0ukhStfnzncWsPEJc_5MxXfOF5vt2ZpNIQLCuOpC4jWp1vKOmvE2LfW4F0JAEk1ZyIej3EtJ3u7_E-jClNpR1v-9aExgU9NQxHkWIgZ334A&sai=AMfl-YR3hBzVAGaVR4DnLzX1ysCrk7-3jAA2sGcHvn3eN59qtN9_fyEHWNSJDiT6wlRaO3M2EYwCV8rIbzT4JXVRTpsrRpgJU1l0_RJn-r2SJW8z7awxBu1onH-Jb0dTWEja&sig=Cg0ArKJSzDebWabj5z8wEAE&urlfix=1&adurl=
Requested by
Host: webmaila.mybluelight.com
URL: http://webmaila.mybluelight.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:31:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 06 May 2021 22:31:52 GMT
outbrain.js
widgets.outbrain.com/ Frame 3F06 		172 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5071917eca43e25495e51915afc517a05ef1a07bf1d62be4fee5ba91449c5599

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 06:21:32 GMT
etag
W/"2b1c0-PhlUNjrBd2NacpjrFB57Wn3ydCA"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
b4faf9195cae8216bc4f8b2bc46083a2
timing-allow-origin
*, *
content-length
58559
expires
Fri, 07 May 2021 02:31:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3F06 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8a504a4dd65ff18b978b7bfb1d43a60dc8b17c09ed5429ff54decfa45a52d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620214045155586"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36073
x-xss-protection
0
expires
Thu, 06 May 2021 22:31:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F315 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSnXgpcDHNplsGb4tlb5CpUcL6QT9oIdILvib8ZsK7a4JVHVkTwsWJ5TbjGYtkD8AtrUSBPjo5NVdZwvaVtDd7-UtvbgebdyPvFEJX21rY4sVsF3wgta5PEy0QxIi0WTr7COZFSt4Vck2JUz_cyfkdti_p6-sbCjcJke8j_50RbturtI_DT-e5tOAKZ37MoObtr37FZrwiSLdgHKBQFISo9e4gyb6fYJ38HaQxa-k9wjESePU4I9RleiHHPLq8NQMyMTXS9321EbKBO0sw4ADRA5Z0Bg3yJEfZaSKJZ_GRcKPWD7Ivi8WcSwQg&sai=AMfl-YQr3W7qKzNLDDRuuG6H3jLc46u-ux52h6RMONNwYemtmFQyL0o5jYwdX0cmoDrIPG_Ye3PaNABJAoSSl29pRqz6N0wxX69EjAXZjNjuHZwV065mCn6PtSgG0mgspJwo&sig=Cg0ArKJSzKZgHACvyZWPEAE&urlfix=1&adurl=
Requested by
Host: webmaila.mybluelight.com
URL: http://webmaila.mybluelight.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:31:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 06 May 2021 22:31:52 GMT
unit.js
yummy.consumable.com/9125/cnsmbl-audio-300x250-slider/widget/ Frame F315 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yummy.consumable.com/9125/cnsmbl-audio-300x250-slider/widget/unit.js?cb=1620340312686
Requested by
Host: webmaila.mybluelight.com
URL: http://webmaila.mybluelight.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2779960fddcd6bae4547affd9d4eac6d557ae7e2e3a756afb8b46f21a6a00133

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:54 GMT
content-encoding
gzip
last-modified
Thu, 31 Oct 2019 02:10:59 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
etag
W/"759b500619442012ad95c1aee64d4da0"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront)
x-amz-cf-id
69Z7Z2BkxuEUXIqP9g9hVhKNCc1L9Cp6IrLih1tDEEzHNsnlZ7p_EQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F315 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8a504a4dd65ff18b978b7bfb1d43a60dc8b17c09ed5429ff54decfa45a52d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620214045155586"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36073
x-xss-protection
0
expires
Thu, 06 May 2021 22:31:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AC03 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKRWbT6itrs63xHTNIVBCqqD_uwRat4XWfEGZpyU89--QLepjAlGHdXRb9qA0Ed6TvMx-ph3bAWF3M3mxPiai7s-B2VOvQNSU7Yw71VbzKw9bA-4P-ymwG_O08A4rNFk82C0cwyeeoL--FOEUH6G5vYTppF1Nsl7kiIQA24deh_3OgRhGCdoJGipY1mkrtM-DeoQtxNIdQrHsU3gybF-S7co038tb17p1elFXKr21p7_5zcUA_1st0fJgkHMQjNZIEJVf5SWOj6dvd3-rLk-2RtZ1tfEFAZNgqVf4Y-WBsTA5B8Qy27h4J_g&sai=AMfl-YQv6H1IkgDieRVwBjst3nM_WONrsl-qIkdHC_14dtLvG_VoHH8a1B8nrSqgo0fWGhAiW63mKrfM4cS9ZPTuOPoa1a4qfBCx3I_HN3umf7iXqra9H5cqlutkqU7kIL-F&sig=Cg0ArKJSzKbUZb6_WixiEAE&urlfix=1&adurl=
Requested by
Host: webmaila.mybluelight.com
URL: http://webmaila.mybluelight.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:31:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 06 May 2021 22:31:52 GMT
connatix.player.dc.js
cds.connatix.com/p/116015/ Frame D9A3
Redirect Chain
  • https://cd.connatix.com/connatix.player.js
  • https://cds.connatix.com/p/116015/connatix.player.dc.js
1016 KB
221 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/116015/connatix.player.dc.js
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e2c32e5f25f6c2c7f79bf963ede635d2d1d420d58f23413c68a419e3de9db05d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
content-encoding
br
last-modified
Thu, 06 May 2021 08:40:54 GMT
age
48313
etag
"64821b0aa7d291840f63698092c9f7fd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=31557600
accept-ranges
bytes
content-length
226126

Redirect headers

location
https://cds.connatix.com/p/116015/connatix.player.dc.js
date
Thu, 06 May 2021 22:31:52 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
age
0
accept-ranges
bytes
content-length
0
retry-after
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AC03 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8a504a4dd65ff18b978b7bfb1d43a60dc8b17c09ed5429ff54decfa45a52d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620214045155586"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36073
x-xss-protection
0
expires
Thu, 06 May 2021 22:31:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4BD5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUzpGVE5orornFs91JDhBr248ay2iaTmp5EARccko1apVauX8mf83PgBxNRSmNrNgtJMS9iPhhJuICk1avliN3OpQuX2TL3MjXFENh0Lp9fMT5hjbpDrsuqtGnlmRxYrB6s5QulZhyILc4MMnWdS-BpOPwjoFxjIjeHk48omCR03j44i_4z-dWCFrEwe7SZ6dKJNvSq_qb1qjswP38i0tJfGVV7BYe6px0HociHc6aZ4C6b5Z7fA126fLyf9Nue2vclwCGNVXQb_CGSClZgIJjHq-rgOwdRCEYfldkFQfizN6CBhjAPmY7gWU&sai=AMfl-YQ5hLv6qA2ocfiPlxlgJL2EnrCWIz4QoXNVwVoZ2Vr3BsZtBoos8bfQX9FUghwXhWshvtOSqEbnmlJQAvBZwHePzW3xKf134piHWkRv-4UrPhwQlcfhV5KjibYRWIFO&sig=Cg0ArKJSzCi2RpjuLfJOEAE&urlfix=1&adurl=
Requested by
Host: webmaila.mybluelight.com
URL: http://webmaila.mybluelight.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:31:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 06 May 2021 22:31:52 GMT
rciv.js
cdn.tynt.com/ Frame 4BD5 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/rciv.js
Requested by
Host: webmaila.mybluelight.com
URL: http://webmaila.mybluelight.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.88.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e3b9ecf3258afd899081e6cf645e09ae51a031aeac11a0d0f59ea3b5ff8595b

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 21 Aug 2020 18:27:45 GMT
server
cloudflare
age
63477
etag
W/"5f401221-3dbe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
64b5a94acbf10200-ZRH
cf-request-id
09e56822bb000002000d9c6000000001
expires
Sun, 09 May 2021 22:31:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4BD5 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8a504a4dd65ff18b978b7bfb1d43a60dc8b17c09ed5429ff54decfa45a52d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620214045155586"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36073
x-xss-protection
0
expires
Thu, 06 May 2021 22:31:52 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30b250c89aa882cdf15a274e8e754f9b1f8106191180cfa81cd3c0d005f4cca7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620214051398855"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28014
x-xss-protection
0
expires
Thu, 06 May 2021 22:31:52 GMT
truncated
/ Frame 6690 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d17e9013bae788509b25803c0e1d09c13bcd6ee62fbed2c76a1de08ec0c0c3

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A8E4 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e3ea8af93fabac9410d8ef45f25162c360e4f3be26b7cc304dc4000ce3cd733

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3F06 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f7af8a28d0e50d683729a8060c5bc5bfe416b589a68d34c19f19ff31a98b261

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F315 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76f2dfb68489d6baf38601ad7f69d22374b530370bff89ed6ad60faa2890f5b5

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame AC03 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f479d5fcbf0dfe9d2c861288bae3467b3063bde2a767ba2da6ef4de0c14b76c

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame AC03 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNawSiCpvk8TjM1ZwuGGCGfU_OkhTJxflIhAbrxOhK78ePS7dXj7D-6olTBnlQW7ytiDrzPg929RBpe_CLXF5k3e8YJ5kL8mXxfnMc4-xinrop1UX34x5n_eQGY4dPJBMZhJike_PNqiSxQ7bohlt0iKNsnAD9QSKg_0hl6p3bsH_NExK5mkF-bt0k59LVIxGWmcVQ2puPaQrfr8UqBSZ8Mbs1btr2xvh6tjCL5BYNsOvoQjHtYrkVTw_9YNT3wBcf1ghHPzC0v_DNreCqyRcX8wLW6rqUN1FERxBkD1WKBrMDnmGlInUdzD4m&sai=AMfl-YQOVSJMY7O631JMr3U_JSguaN6SdELLDImltyS9ouZ1593NEDWeQ6CnJWxpL1HzF-lUj5_8IU_7pPGOtsOQslnEDWRDZamnA9YTlwngxjtF6DqHB4C0zSW4HhQIQ5Co&sig=Cg0ArKJSzD2AyrX9E_WIEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:31:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 06 May 2021 22:31:52 GMT
truncated
/ Frame 4BD5 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d46049fef836e911d6bc24de9faefb4aaf51904ff500a988926a3af531ad4634

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 179C
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&dcc=t
267 B
951 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
b1612dc8c7b4a366340bfbd1f7dc21759ba0ed8b9912add21238468ce19665b1

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://start.mybluelight.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A2I5133pQUQEjXJpaUSZXQE|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://start.mybluelight.com/

Response headers

Server
Server
Date
Thu, 06 May 2021 22:31:53 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
214
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=A2I5133pQUQEjXJpaUSZXQE; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 22:31:53 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2026 22:31:53 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Thu, 06 May 2021 22:31:53 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&dcc=t
Set-Cookie
ad-id=A2I5133pQUQEjXJpaUSZXQE|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 22:31:53 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
aHvVWMte4r54oMaKlgYj8u.js
sc.tynt.com/script/sc/ Frame 4BD5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.tynt.com/script/sc/aHvVWMte4r54oMaKlgYj8u.js
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.88.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc36ae6b63777193d07a34c3c3e192a3302ce00a8a2e35efc871ddfa1a6d2b55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
233720
status
200 OK
x-xss-protection
1; mode=block
x-request-id
8517dec9-9d99-43dd-8eab-d3e534030215
x-runtime
0.002950
x-content-digest
e8f5abf880d33fa545f079d7f0d1e91589741030
last-modified
Sun, 02 May 2021 14:07:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600, public, s-maxage=172800
cf-request-id
09e568236f00000200d327d000000001
cf-ray
64b5a94bece00200-ZRH
x-rack-cache
fresh
expires
Mon, 03 May 2021 09:34:59 GMT
p
ic.tynt.com/b/ 		35 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=aHvVWMte4r54oMaKlgYj8u&lm=6&ts=1620340312924&dn=RCIV&iso=0&us_privacy=1YNN&r=http%3A%2F%2Fwebmaila.mybluelight.com%2F&t=Bluelight%20-%20My%20Bluelight%20Personalized%20Start%20Page%20-%20Sign%20in
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.187 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip187.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
etag
"4bc8846c-23"
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-type
image/gif
content-length
35
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
traverse-container.js
static.traversedlp.com/v1/container/ Frame F2F9 		319 B
811 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.traversedlp.com/v1/container/traverse-container.js?clientId=0c2d84a5-48e2-4ae2-8c78-5323a5c5b315
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/view/redesign/common/phoenix/blankPhnx.html?v=34955
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-107.fra2.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
9e915db7e7b939baa2f601d36b96b2638ece7d9b703fa1bc1bbe893f36dddc25

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:53 GMT
Via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
Server
nginx/1.18.0
X-Amz-Cf-Pop
FRA2-C2
ETag
W/"13f-RQkPH65uRn4FGaLd8ma7jQ"
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
P3P
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
319
X-Amz-Cf-Id
nmuNcUIS9xiXpIof0ezZ-HB0NIK0j_yI_M6y5c6M7a6B7hw-riDBUA==
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 053E 		416 B
799 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/put.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://start.mybluelight.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://start.mybluelight.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"c0311cf15c21ddda054005e92fad3f9e:1620283315.636908"
last-modified
Thu, 06 May 2021 06:21:11 GMT
server
AkamaiNetStorage
content-length
416
cache-control
max-age=345600
date
Thu, 06 May 2021 22:31:52 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1620340312~rv=27~id=d96af3faf72ca66bf3a8ae94958b3fcb; path=/; Expires=Thu, 06 May 2021 22:31:52 GMT; Secure; SameSite=None
c3RhcnQubXlibHVlbGlnaHQuY29t
tcheck.outbrainimg.com/tcheck/check/ Frame 6690 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/c3RhcnQubXlibHVlbGlnaHQuY29t
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:54 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=43200
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
ca5fbcc523acfed8ba2c5441f93d6d58
Content-Length
16
Expires
Fri, 07 May 2021 10:31:54 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ Frame 6690 		43 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=10.105301076600226
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Sat, 05 Jun 2021 22:31:52 GMT
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame C862 		416 B
798 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/put.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://start.mybluelight.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://start.mybluelight.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"c0311cf15c21ddda054005e92fad3f9e:1620283315.636908"
last-modified
Thu, 06 May 2021 06:21:11 GMT
server
AkamaiNetStorage
content-length
416
cache-control
max-age=345600
date
Thu, 06 May 2021 22:31:52 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1620340312~rv=6~id=95b40a91e9d7359172f6db9bf07acd53; path=/; Expires=Thu, 06 May 2021 22:31:52 GMT; Secure; SameSite=None
c3RhcnQubXlibHVlbGlnaHQuY29t
tcheck.outbrainimg.com/tcheck/check/ Frame A8E4 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/c3RhcnQubXlibHVlbGlnaHQuY29t
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:53 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=43200
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
181a8f9bfc6ab01cf0f7b5d482cf5c5f
Content-Length
16
Expires
Fri, 07 May 2021 10:31:53 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ Frame A8E4 		43 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=6.341431667816484
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Sat, 05 Jun 2021 22:31:52 GMT
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 19CE 		416 B
799 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/put.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://start.mybluelight.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://start.mybluelight.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"c0311cf15c21ddda054005e92fad3f9e:1620283315.636908"
last-modified
Thu, 06 May 2021 06:21:11 GMT
server
AkamaiNetStorage
content-length
416
cache-control
max-age=345600
date
Thu, 06 May 2021 22:31:53 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1620340313~rv=80~id=dce748fe74a35e979b699d5c9e75fb72; path=/; Expires=Thu, 06 May 2021 22:31:53 GMT; Secure; SameSite=None
c3RhcnQubXlibHVlbGlnaHQuY29t
tcheck.outbrainimg.com/tcheck/check/ Frame 3F06 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/c3RhcnQubXlibHVlbGlnaHQuY29t
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:53 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=43162
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
11fe1e2f44427aba114f4109ce9ff00f
Content-Length
16
Expires
Fri, 07 May 2021 10:31:15 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ Frame 3F06 		43 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=2.1142868678985614
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Sat, 05 Jun 2021 22:31:53 GMT
sic.js
cdn-sic.33across.com/1/javascripts/ Frame 4BD5 		404 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-sic.33across.com/1/javascripts/sic.js
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.39.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Love
Resource Hash
1de0329efc2318d33d0465562faa725975a514327d7c5e01b23e45d9501cb494

Request headers

Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 05 Apr 2021 16:50:31 GMT
server
cloudflare
age
242755
x-powered-by
Love
etag
W/"606b3fd7-65149"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
64b5a94cbb002397-ZRH
cf-request-id
09e56823f200002397ceb9c000000001
expires
Thu, 06 May 2021 23:31:53 GMT
connatix.player.css
cds.connatix.com/p/116015/ 		54 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/116015/connatix.player.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f1c022aff023cba27a95c593e440595dfb6f16413a18483866e74a56e2563db5

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
content-encoding
br
last-modified
Thu, 06 May 2021 08:40:54 GMT
age
48313
etag
"fcaa0ea82bb0765612e6ce7eef717e24"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=31557600
accept-ranges
bytes
content-length
8363
test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 053E 		610 B
991 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/test.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
thirdparty=yes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges
bytes
content-type
text/html
etag
"48053d50141031b1511dbd30f9a31288:1620283316.31836"
last-modified
Thu, 06 May 2021 06:21:11 GMT
server
AkamaiNetStorage
content-length
610
cache-control
max-age=345600
date
Thu, 06 May 2021 22:31:53 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1620340313~rv=74~id=24a0b2333cf52bb5f7b887e9eabc16e7; path=/; Expires=Thu, 06 May 2021 22:31:53 GMT; Secure; SameSite=None
test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame C862 		610 B
991 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/test.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
thirdparty=yes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges
bytes
content-type
text/html
etag
"48053d50141031b1511dbd30f9a31288:1620283316.31836"
last-modified
Thu, 06 May 2021 06:21:11 GMT
server
AkamaiNetStorage
content-length
610
cache-control
max-age=345600
date
Thu, 06 May 2021 22:31:53 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1620340313~rv=88~id=0e3a401067600c503d0e774dfdac5f30; path=/; Expires=Thu, 06 May 2021 22:31:53 GMT; Secure; SameSite=None
test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 19CE 		610 B
991 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/test.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
thirdparty=yes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges
bytes
content-type
text/html
etag
"48053d50141031b1511dbd30f9a31288:1620283316.31836"
last-modified
Thu, 06 May 2021 06:21:11 GMT
server
AkamaiNetStorage
content-length
610
cache-control
max-age=345600
date
Thu, 06 May 2021 22:31:53 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1620340313~rv=88~id=0e3a401067600c503d0e774dfdac5f30; path=/; Expires=Thu, 06 May 2021 22:31:53 GMT; Secure; SameSite=None
pls
capi.connatix.com/core/ Frame D9A3 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=116015
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.99.24 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5c3a10c31c4c834647d34f017301ebd19dd29d6ec366169236d7de4e4a596a91

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 06 May 2021 22:31:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://start.mybluelight.com
transfer-encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
view
securepubads.g.doubleclick.net/pcs/ Frame F315 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjZ1_r5e0N1ywoNTAQjbVaCzJumSId7CAfEpG5jhMac0Vo5gPUmMmQZfSo3F6dO-iO_gJMwz4ijRfeUrvePiCmx1aUtiDDVpj44MYStD1-DmvOhDVn9wqiY_GzIW__9KKIMUZPE-FUy2k-p3gO5cnh8uHdMr68Dx-qilsPzs33ZiqSFKAJ-p4BZR102J5nOvuDdurfZw__G4yZip4ejrO-N_8Q9IpYbnp-cqvFTmcVGAQ1uemRREs0VWAq62VbejXFtXDq8JoH6J8UgmpJv94un1tKhBlBR5lSJOdThmB3cLu5Gu0QZ1dGYZSoh5s&sai=AMfl-YTw0DJRvmYv0m9xQq5zCXZ2F7cManPPUwMXyGp8_OOpD9Mx8qn5HGtRlwJFNZuLS9eBWM02cRaSXBqbNVtYxRcUh8A1g8Mwvo7BKH0UaxRZBeXQ96ecIsZVMW42M-sf&sig=Cg0ArKJSzAMfnd1T0tvWEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:31:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 06 May 2021 22:31:53 GMT
css
fonts.googleapis.com/ Frame AD6C 		4 KB
728 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,800
Requested by
Host: yummy.consumable.com
URL: https://yummy.consumable.com/9125/cnsmbl-audio-300x250-slider/widget/unit.js?cb=1620340312686
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89d8b796a471df6e63ffe88be81dfaf656ecbb57a2ac802d604f697c06b20da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 06 May 2021 20:35:56 GMT
server
ESF
date
Thu, 06 May 2021 22:31:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 06 May 2021 22:31:53 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame AD6C 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: yummy.consumable.com
URL: https://yummy.consumable.com/9125/cnsmbl-audio-300x250-slider/widget/unit.js?cb=1620340312686
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a048a9a193caa54661781d13db545442912a1ac76492acb4a4b2e936ef5810b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"864 / 497 of 1000 / last-modified: 1620339289"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21205
x-xss-protection
0
expires
Thu, 06 May 2021 22:31:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6690 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnESk_vU_xUGA1S5uAMXP3X3L4zbb-c5RjUYDK9-ccgj4HUWZvQ0z0IgucHQ2Sxf0iYrMqI5b6gNhpvCHdYkkjH4-NJd_WBdHyMyXrR4_9J0FeOyYpj4iEUcfN8f7jRjjmzM8Rd6KPLpifoLgzd8rzRIRCnPHFC-moVV6SikXofSZbLCRuOA83eMw-KGG1F2YOpZID00MHjlI5YnQlC_ITjQsEOXpIT1Mms7TzBb9VFHVR3yzzIUgUJwTGMVlfDRh6rL0nv6xy3Fm_ZnyQmHzX-v1nToYfXdKIKqDvx1r77ytkQJ8vFANDYMzTky94&sai=AMfl-YTA6Vb8_iezD98-i7NYiD7W0YnhGqMqufWglAjNCkXZSXjGXHYZplmt2k3H3HDwEiBBVO0nqOkGYPnLh8_l8_tonglBs4KhH4dAVzqmdlB-hhqWOcAAtmb3mPmTOPO8&sig=Cg0ArKJSzDJsXKTWt1BKEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:31:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 06 May 2021 22:31:53 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ Frame 6690 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1620340313148&sessionId=045aa84f-ab62-2f09-e2fa-2ba4d5fa9529&url=start.mybluelight.com&cheqSource=1&cheqEvent=0&exitReason=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:53 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
584a6f6079c9f6244a9881b33f4b5aab
Content-Length
4
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 4BD5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZaMv7MrgOPckmkA-iOOeKqMuvemnhqv5OWQcH5QYjeZ91kiZBwSkzfAQ33kVSD-PlMVpKOdVmd2t-pFdZlPf8W8Fm56YS2Z0A5PaDbQiE5cCGdzNy5gYdAIlWY1x5rr5flrxMe2CJrxvGUk_saPQkrAJYFLp56uz__Gnj5NXUtTFZsXTC0Y-CqZxXRzTTEOEvQjSzmPLkZf2fO5MJAmRtULQzNQnwbTjSG2whVmjj6_CUlPg8q0h_g_NxyX4aqW7iqh2Cp2a1b7UQMQWZx8SC9IvHpfv3LrYimWWXJruGpf1zgWBcMkYZcIwV8g&sai=AMfl-YTccKTmviaEva1m0mVoFq0m4KWD0PpomtMkN_esR9TqKhFBJw8N23CGOcl4ApkSZpxHj3-VF0RisCQp4pTjd5IYSqA03E801_9v0wPSjN4f6e7bOMMz_d9zr6TeLx_J&sig=Cg0ArKJSzGi1L2-P5K8lEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:31:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 06 May 2021 22:31:53 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ Frame A8E4 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1620340313177&sessionId=5c0500af-21ff-3c87-183d-329769b48501&url=start.mybluelight.com&cheqSource=1&cheqEvent=0&exitReason=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:53 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
fbafe150a5024fbfadd46e0f77fe3b62
Content-Length
4
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame A8E4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvH7Tpj1oLPUCvZTGiDimX5LmfO9R6bTLuDXFirQbLezVtbZ5L3pF0X01jrbrPsemz5J0bf7yzuNl5MUW4bcp9JhJlBFcGaF6Cet0malvuvEYTswLRG3KYodvRLdyiIEU3CLVQsvibBE6PFOhxcvbm-Gf-BO6b4PXo4nvMf4NWmqVGWxMk_wbrsMmnfz8m9uJw5Y1EqY2UitTuWy1OXY7jCyOyEZuwnJyu1_OzIp6oPjykEmkgAwUCuwRo7KUIXj3ElxdfKwsmm-yvs6LBHGAtyqT1CnfmgJHrAEnUs4NLNbgiHjGuPLL6N7U_F5uh8&sai=AMfl-YQVKDS2cgguLuftSR8rDbzBqM-eosoj56SJXnyaDwT5uFVnZPEWsxCQsaFrGLxuTE-RINVuzH9qZkiQeatTy9cEJV-yg2Vw9kDJgI1lUjKtf0Q7gG5T_xGJ6qT8romk&sig=Cg0ArKJSzPcRHVSlJ678EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:31:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 06 May 2021 22:31:53 GMT
sic.css
cdn-sic.33across.com/1/stylesheets/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-sic.33across.com/1/stylesheets/sic.css
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.39.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Love
Resource Hash
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 05 Apr 2021 16:50:31 GMT
server
cloudflare
age
234460
x-powered-by
Love
etag
W/"606b3fd7-1c90"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3600
cf-ray
64b5a94d7bd72397-ZRH
cf-request-id
09e568247300002397003bd000000001
expires
Thu, 06 May 2021 23:31:53 GMT
ast.js
acdn.adnxs.com/ast/ Frame 75A1 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ast/ast.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
30654defc778040ccd8fae70f843909f7949b50f367edf1feab456f7d5e52b77

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:53 GMT
Content-Encoding
gzip
Age
20374
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
31011
X-Served-By
cache-lga21963-LGA, cache-fra19154-FRA
Access-Control-Allow-Origin
*
Last-Modified
Mon, 03 May 2021 16:50:57 GMT
Server
nginx/1.13.10
X-Timer
S1620340313.213901,VS0,VE0
ETag
W/"609029f1-15d37"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Tue, 04 May 2021 16:52:15 GMT
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
1, 20571
apstag.js
c.amazon-adsystem.com/aax2/ Frame 06D7 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 04:56:33 GMT
content-encoding
gzip
server
Server
age
63319
etag
8975e8311e479cf7d71d71133ee2dff8
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
RvFob.r3TH_ft5dtWL2SCNMCpiQphReE
x-amz-cf-id
iakkmh8nL7NlAjOlFW5sz33ebzvNqC1Ru2v8tU3f_ejIX8iXAy6lhg==
authorize
sic.33across.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sic.33across.com/authorize?usPrivacy=1YNN&version=3.16.0&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&product=inview&userId=&sessionId=&publisherURL=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&referrerURL=http%3A%2F%2Fwebmaila.mybluelight.com%2F&publisherId=aHvVWMte4r54oMaKlgYj8u&publisher=start.netzero.net&maxTouchPoints=0&navigatorPropsCount=57&viewportWidth=1600&viewportHeight=1200&screenWidth=1600&screenHeight=1200&screenAvailHeight=1200&devicePixelRatio=1&scrollX=0&scrollY=0&pageVisibility=visible&pageWidth=1600&pageHeight=2742&_=1620340313190&callback=_tynt_jp.aelk7q2q9
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-110.static.steadfastdns.net
Software
/ Love
Resource Hash
621c104d4e3f1de7d5244e3c8fd4509d59716d2dd53b8fe8306a074edaa0bdbe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-powered-by
Love
etag
W/"6b0-NgZ3G6+1zUOA+mKYBYELdVVCCsA"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
access-control-allow-origin
*
access-control-allow-credentials
true
content-type
text/javascript; charset=utf-8
access-control-allow-headers
X-Requested-With, Authorization
view
securepubads.g.doubleclick.net/pcs/ Frame 3F06 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZwMeKfg0EwEGNWTpBkhTLXxLDI3vlnrV2yJbhpb3cQpqeERXvztojJqdBDZZH0KHyZnkiqRliiRDYZuH8DnYpIQp-E68Aa5elN5mHD2El-MGemCVK8KTzBOmPvWcBCm_-ulglNUpmLIm34kC1ySTiBnYBo84uFZQOyaAHCrRGbyJYLU9Ol3oDnOXqMq6zNI-xm6FYa66lL_tqk1UWlbabqvj6eGjw6lcb9leigHx2sV3OgzmalhSiLKx041y-YIu7PsXmSzr7DSLrUo6Ca1J54iIgt1_v_-S5yN01UNnnxaOdg7HSYguy7--_jQ_I&sai=AMfl-YQPldfNTKqjRL-DUSxZlm3VAP9K018Ab229dRk9x791WLj7fJSh_9XeM9jU4758zmh5Xn031Qj13xH5fEU8fbvY3C41mqKDHu-mjGi7_XSZfQMscL4NjlOpyhhf1ofZ&sig=Cg0ArKJSzG5Jgb-ZeigYEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:31:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 06 May 2021 22:31:53 GMT
wrap.js
clarium.global.ssl.fastly.net/gpt/a/ Frame AD6C 		139 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e15a93834f6ff26c0d7f39445fbd3220ddcb5643e6fcc78df0cd9ce4953c52e2

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:53 GMT
Via
1.1 varnish
Server
nginx
Age
145
X-Served-By
cache-hhn4064-HHN
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/javascript;charset=UTF-8
Content-Encoding
gzip
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Connection
keep-alive
Accept-Ranges
bytes
X-Timer
S1620340313.285090,VS0,VE0
Content-Length
41282
X-Cache-Hits
37
iframe.js
yummy.consumable.com/9125/cnsmbl-audio-300x250-slider/widget/ Frame AD6C 		228 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yummy.consumable.com/9125/cnsmbl-audio-300x250-slider/widget/iframe.js?cb=1620340313196
Requested by
Host: yummy.consumable.com
URL: https://yummy.consumable.com/9125/cnsmbl-audio-300x250-slider/widget/unit.js?cb=1620340312686
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db823713172af39a01c2a7c3dc3d5bea1d41acf9b5f001ce28420293e548a331

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:54 GMT
content-encoding
gzip
last-modified
Thu, 31 Oct 2019 02:10:59 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
etag
W/"e356d709f994afe12b193ca6c0c12a26"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront)
x-amz-cf-id
uTuYKQbe4IFgnOaptsOIXGH4-wLRBRfvMmZHhqb0rjVEehu1NANSOA==
dwce_cheq_events
log.outbrainimg.com/loggerServices/ Frame 3F06 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1620340313202&sessionId=cea386a8-5533-8c0d-a6c8-2f0583598fd7&url=start.mybluelight.com&cheqSource=1&cheqEvent=0&exitReason=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:53 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
39f1f7445df1fb6e38268db11cf01354
Content-Length
4
Expires
0
pubads_impl_2021050501.js
securepubads.g.doubleclick.net/gpt/ Frame AD6C 		303 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061006
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
9cd58fce5ff7afd625c8e887719242e31afdc0bbfd418eb34d1eb8c9789b84a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 05 May 2021 08:38:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109323
x-xss-protection
0
expires
Thu, 06 May 2021 22:31:53 GMT
v2
de.tynt.com/deb/ 		4 B
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=aHvVWMte4r54oMaKlgYj8u&dn=RCIV&cc=1&r=http%3A%2F%2Fwebmaila.mybluelight.com%2F&us_privacy=1YNN
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.190 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip190.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:52 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
4
expires
Sat, 26 Jul 1997 05:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 06D7 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
1
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via
1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
AMS1-C1
content-type
application/javascript
x-amz-cf-id
3qcoao3N5eFLD5xqgBzp3uPHRXD3HhDHYf2ZMeGGMHbQ2E4_kxFFSg==
get
odb.outbrain.com/utils/ Frame 6690 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=netzero.net&idx=0&rand=28692&key=NANOWDGT01&widgetJSId=GS_5&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=0&py=0&vpd=0&cw=525&settings=true&recs=true&version=2000339&sig=d7lBGNLD&apv=false&osLang=en-US&winW=525&winH=220&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&wdr-natlaz=true
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f4236591748038ce6b9c43827bd8f862c51aa550525d6c5fd2443a0c89234766

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
CHIDC2, MDW, FRA, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip
157.52.75.49
x-cache-hits
0, 0
x-traceid
b95028b462e130cedba5ed2d6a8f20da
content-encoding
gzip
content-length
10514
x-served-by
cache-mdw17349-MDW, cache-fra19135-FRA
x-timer
S1620340313.340075,VS0,VE320
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
get
odb.outbrain.com/utils/ Frame A8E4 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=netzero.net&idx=0&rand=16233&key=NANOWDGT01&widgetJSId=GS_5&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=0&py=0&vpd=0&cw=525&settings=true&recs=true&version=2000339&sig=zevWedd1&apv=false&osLang=en-US&winW=525&winH=220&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&wdr-natlaz=true
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
91881ad7d4097fba9b028ed7a8802f47fafc80481b7672edfa33ad5977c3bf3b

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
CHIDC2, MDW, FRA, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip
157.52.75.32
x-cache-hits
0, 0
x-traceid
e62422cb5aef10a73a6c4ba9a0e1cea2
content-encoding
gzip
content-length
10474
x-served-by
cache-mdw17332-MDW, cache-fra19135-FRA
x-timer
S1620340313.340157,VS0,VE321
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame B90E 		2 KB
983 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
33447b1fc76cec3cba308358ce3b18ba6d20cc051429123d085aedeff6d6ef1e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A2I5133pQUQEjXJpaUSZXQE; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&dcc=t

Response headers

Server
Server
Date
Thu, 06 May 2021 22:31:53 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
622
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
get
odb.outbrain.com/utils/ Frame 3F06 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=netzero.net&idx=0&rand=89291&key=NANOWDGT01&widgetJSId=GS_5&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=0&py=0&vpd=0&cw=525&settings=true&recs=true&version=2000339&sig=NvX0yTQz&apv=false&osLang=en-US&winW=525&winH=220&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&wdr-natlaz=true
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e7d9862600738e86e113c8b52c9b52cefe413cdc8d7178c48acd3c5cce9ca4f6

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
CHIDC2, MDW, FRA, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip
157.52.75.77
x-cache-hits
0, 0
x-traceid
6f83bee91a28cf5de8bf81d1c56aaab3
content-encoding
gzip
content-length
10548
x-served-by
cache-mdw17377-MDW, cache-fra19135-FRA
x-timer
S1620340313.340066,VS0,VE364
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
v2
de.tynt.com/deb/ 		4 B
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&id=aHvVWMte4r54oMaKlgYj8u&dn=RCIV&cc=1&r=http%3A%2F%2Fwebmaila.mybluelight.com%2F&us_privacy=1YNN
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.190 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip190.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer
https://start.mybluelight.com/start/sp.do?cf=EOW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
4
expires
Sat, 26 Jul 1997 05:00:00 GMT
um
cs.emxdgt.com/ Frame B90E 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:32:00 GMT
content-length
0
content-type
text/html
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame F433 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4515efa506e7eef88a2a03193a1d8524618b56886d9929ccf3029b7685688a89

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YJRuWPBednFrO4SxEmtV.QAA; CMDD=AALURQE*; CMST=YJRuWGCUblgB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|241|230|39|218|188|176|88
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1692
Expires
Thu, 06 May 2021 22:31:53 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 06 May 2021 22:31:53 GMT
Connection
keep-alive
Set-Cookie
CMID=YJRuWPBednFrO4SxEmtV.QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 06 May 2022 22:31:53 GMT CMPS=5205;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 04 Aug 2021 22:31:53 GMT CMPRO=1215;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 04 Aug 2021 22:31:53 GMT CMST=YJRuWGCUblkB;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 07 May 2021 22:31:53 GMT CMRUM3=2760946e590b40&5860946e5905a0&b060946e5905a00&f160946e5905a0&e660946e5927600&2d60946e5905a0&bc60946e5905a00&da60946e5927600;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 06 May 2022 22:31:53 GMT CMDD=AALURQE*;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 07 May 2021 22:31:53 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1086 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=76175
Expires
Fri, 07 May 2021 19:41:29 GMT
Date
Thu, 06 May 2021 22:31:54 GMT
Connection
keep-alive
Vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5225
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-2RJX25Z1l2MbC.LCNtaHCH3AMBq_HaY-&
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-2RJX25Z1l2MbC.LCNtaHCH3AMBq_HaY-&
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A2I5133pQUQEjXJpaUSZXQE; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Thu, 06 May 2021 22:31:54 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Date
Thu, 06 May 2021 22:31:54 GMT
Content-Length
0
Strict-Transport-Security
max-age=31536000
Set-Cookie
IDSYNC=18y4~1xza;Version=1;Domain=.analytics.yahoo.com;Path=/;Max-Age=31622400;Expires=Sat, 07-May-2022 22:31:54 GMT;Secure;SameSite=None A3=d=AQABBFhulGACEJBUHRPjiNybAP5Z_lqqY1AFEgEBAQG_lWCeYAAAAAAA_eMAAA&S=AQAAAhrqIFZWRFdK9joWycLtp10; Expires=Sat, 7 May 2022 04:31:54 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly B=50otab9g98rio&b=3&s=19; Expires=Sat, 7 May 2022 04:31:54 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-2RJX25Z1l2MbC.LCNtaHCH3AMBq_HaY-&
Age
0
Connection
keep-alive
Server
ATS/7.1.2.128
cm
u.openx.net/w/1.0/ Frame 78B0 		628 B
705 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
944caf7dcb1b06f433f1dfca88ef55d52546ca2f99ebf5027890957fb1d325b7

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=6855148b-95e4-493f-9c84-bd1152347927|1620340312
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=6855148b-95e4-493f-9c84-bd1152347927|1620340312; Version=1; Expires=Fri, 06-May-2022 22:31:53 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620340313|gen0vNiygu; Version=1; Expires=Fri, 21-May-2021 22:31:53 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 06 May 2021 22:31:53 GMT
content-type
text/html
content-length
394
content-encoding
gzip
via
1.1 google
alt-svc
clear
current
amazon-tam-match.dotomi.com/match/bounce/ Frame E115 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
amazon-tam-match.dotomi.com
:scheme
https
:path
/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Thu, 06 May 2021 22:31:53 GMT
cache-control
no-cache, private, max-age=0, no-store
expires
0
pragma
no-cache
Cookie set amazon
ap.lijit.com/beacon/ Frame CA55
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
4def9488fbd893619efff7718077c8521d0c9530c9256e8579db40338cafd823

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=75dceddf9fb94857879a4914
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Thu, 06 May 2021 22:31:53 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJyrVrIwUbIyNDMyNDWxtDQ01lGyMEXlm5qh8g0NUPkmxsj8WgCbkRBY;Path=/;Domain=.lijit.com;Expires=Fri, 06-May-2022 22:31:53 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=75dceddf9fb94857879a4914;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 06-May-2022 22:31:53 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap7ams1

Redirect headers

Server
nginx
Date
Thu, 06 May 2021 22:31:53 GMT
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljt_reader=75dceddf9fb94857879a4914;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 06-May-2022 22:31:53 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap7ams1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 78B0 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=e32f57af-20c9-cd32-065c-f76e5e20813a
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:53 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 78B0
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=U4dGBFPSSglIgUhRXdJSVlGBRgBIhRxUUNNTj6S0
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=U4dGBFPSSglIgUhRXdJSVlGBRgBIhRxUUNNTj6S0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:53 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=U4dGBFPSSglIgUhRXdJSVlGBRgBIhRxUUNNTj6S0
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 78B0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4232242844760825305
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4232242844760825305
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:53 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:53 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4232242844760825305
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 78B0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=bbf92bd2-3c63-76c8-c652-75f936134ada&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.69.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:54 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 78B0 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTc5NmY4MTgtZjUxNC0yODZjLWQzYjItMmY0MGZjZjE4NGJh
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 78B0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJdVbsck1h6uv5F7rC_tcYQ&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJdVbsck1h6uv5F7rC_tcYQ&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:53 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJdVbsck1h6uv5F7rC_tcYQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame CA55 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=75dceddf9fb94857879a4914&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:53 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame CA55
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?pid=85&3pid=AABt9E7BKN0AADEs5oZmag&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AABt9E7BKN0AADEs5oZmag&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:56 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AABt9E7BKN0AADEs5oZmag&gdpr=0
Date
Thu, 06 May 2021 22:31:56 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
merge
ce.lijit.com/ Frame CA55
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=1871878969834174420
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=10&3pid=1871878969834174420
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:01 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=1871878969834174420
Date
Thu, 06 May 2021 22:32:00 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame CA55
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=0PFQedCkXHTL914s3qREK9L3UH3L8wop06XP_7iC
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=0PFQedCkXHTL914s3qREK9L3UH3L8wop06XP_7iC
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:53 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=0PFQedCkXHTL914s3qREK9L3UH3L8wop06XP_7iC
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame CA55
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2991395683
  • https://sync.1rx.io/usersync/tradedesk/6f5b57e8-58b1-4c2f-8ab8-4329b8f9ea3d
  • https://sync.targeting.unrulymedia.com/csync/RX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003
  • https://ce.lijit.com/merge?pid=56&3pid=RX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=RX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:00 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=56&3pid=RX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003
date
Thu, 06 May 2021 22:31:59 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX59e2dcb9394c41f9acb5fe82b55d215d003
content-type
text/html
merge
ce.lijit.com/ Frame CA55
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=75dceddf9fb94857879a4914&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:4d160f8d096936575a242b508c31c559
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:4d160f8d096936575a242b508c31c559
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:55 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Thu, 6 May 2021 22:31:55 GMT
server
Aorta/2.4.14-20210304.4cf0ca0
access-control-allow-origin
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
Location
https://ce.lijit.com/merge?pid=84&3pid=c:4d160f8d096936575a242b508c31c559
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
X-Aorta-Region
us-east-1
Connection
keep-alive
X-Aorta-Host
ip-10-42-19-31.ec2.internal
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length
0
dwce_cheq_events
log.outbrainimg.com/loggerServices/ Frame A8E4 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1620340313486&sessionId=5c0500af-21ff-3c87-183d-329769b48501&url=start.mybluelight.com&cheqSource=1&cheqEvent=3&responseTime=521
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:53 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
cc10c926a9600c1d1938ae51ddbc9553
Content-Length
4
Expires
0
action.json
yummy.consumable.com/9125/cnsmbl-audio-300x250-slider/js/ Frame AD6C 		2 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yummy.consumable.com/9125/cnsmbl-audio-300x250-slider/js/action.json?ac=IMPRESSION&fp=&a=%7B%7D&ts=1620340313618&tba=0&et=0&furl=https%3A%2F%2Fapi.deezer.com%2Fplaylist%2F5106688248%2Ftracks%3Flimit%3D100%26output%3Djsonp&dd=0&vi=false&vd=0&sid=52288bc9-433c-4c53-8fb0-49123754cb37&cb=1620340313618&hr=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&hn=start.mybluelight.com&pl=
Requested by
Host: yummy.consumable.com
URL: https://yummy.consumable.com/9125/cnsmbl-audio-300x250-slider/widget/iframe.js?cb=1620340313196
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:56 GMT
via
1.1 8da78542dac6b4328eb443200c30bbff.cloudfront.net (CloudFront)
last-modified
Thu, 31 Oct 2019 02:10:59 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
etag
"d751713988987e9331980363e24189ce"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-max-age
60
x-cache
RefreshHit from cloudfront
accept-ranges
bytes
content-length
2
x-amz-cf-id
yP5h2Pu5KqjQhBDMx6QTmPLC5oJr-vTAcYO2oQwhEU8nyf7XKtUASg==
tracks
api.deezer.com/playlist/5106688248/ Frame AD6C 		0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame AB53 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
a30a4a350b665415cb951d678d4d3d24afbe2dce719abf4e7b97128ba03cfdb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"864 / 693 of 1000 / last-modified: 1620339182"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21221
x-xss-protection
0
expires
Thu, 06 May 2021 22:31:53 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 75A1 		435 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
972335fd3c0870bc4b15685e71260f07d959d779d302a0869145bf446892ea26
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:54 GMT
X-Proxy-Origin
91.132.136.84; 91.132.136.84; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.142:80
AN-X-Request-Uuid
a55bbb8d-cb22-42c1-a4ba-fc6d2a2dd7ee
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://start.mybluelight.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
435
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 75A1 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
3ccf3ad0ae317d94ded082b5053c9a9f2cd2df63960978777a0c27e53e314afd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 06 May 2021 22:31:54 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.132.136.84; 91.132.136.84; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.57:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a861f4b1-8362-4ca6-bc13-a998910d4588
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://start.mybluelight.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 75A1 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
3822b9dbd21db190c087148b8e8ccc9961054a4941c9eb11637c64ece99139d8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 06 May 2021 22:31:54 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.132.136.84; 91.132.136.84; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.228:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
442fa362-406d-42d1-b3fa-5f5aa3ed9956
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://start.mybluelight.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
exchange
ssc.33across.com/api/ 		88 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/exchange
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.248.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
36ccdaf06e49eeb09afa15b1562bbe513dbc7fb4fba5046cea08c9d36e65bff2

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 06 May 2021 22:31:55 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://start.mybluelight.com
access-control-allow-credentials
true
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ Frame 6690 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
last-modified
Wed, 17 Feb 2021 13:51:00 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1613570897.992119"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Sat, 05 Jun 2021 22:31:53 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 6690 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
last-modified
Wed, 17 Feb 2021 13:51:00 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1613570879.822144"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sat, 05 Jun 2021 22:31:53 GMT
l
mcdp-chidc2.outbrain.com/ Frame 6690 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=95f13d527308e62183a5ae6ad6e0861e_10278_1620340313589&tm=786&eT=0&widgetWidth=525&widgetHeight=248&widgetX=0&widgetY=0&tpcs=0&wRV=2000339&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.31 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Thu, 06 May 2021 22:31:55 GMT
content-encoding
gzip
X-TraceId
43a99dbe934d7c5a94d5df33f68b9a57
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
placement_invocation
ob.cheqzone.com/ Frame 6690 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.113.194.12 Münster, Germany, ASN47447 (TTM, DE),
Reverse DNS
edge-481.b-cdn.net
Software
BunnyCDN-DE1-481 /
Resource Hash
4f65c38ed3681b49cf4f86c0e1fcd4143fa78015121b20e69e11c1c422dd0bfa

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
content-encoding
br
cdn-edgestorageid
481
cdn-cachedat
2021-05-06 22:18:35
cdn-pullzone
62714
cheq_headers_order
Content-Type Cache-Control Expires Etag Date Connection Content-Length
server
BunnyCDN-DE1-481
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
2642aeaf-0ebf-4c43-9f87-c153981605b2
cache-control
public, max-age=43200
cdn-requestid
55e273ac0076d94f86eac1b66017a083
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 10E1 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5fdaa349d7c6604c4b5215c9335cf142c3d4e5c43b737b20876d5e82bb3f6a04

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/widgetOBUserSync/obUserSync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://start.mybluelight.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://start.mybluelight.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"70a03e43d4fe8839cb5d3b8f73ba3af6:1620222995.351847"
last-modified
Wed, 05 May 2021 13:56:24 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=86400
expires
Fri, 07 May 2021 22:31:53 GMT
date
Thu, 06 May 2021 22:31:53 GMT
content-length
5464
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1620340313~rv=5~id=677c77fa6b4b928da8417d9cfd7735da; path=/; Expires=Thu, 06 May 2021 22:31:53 GMT; Secure; SameSite=None
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ Frame A8E4 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
last-modified
Wed, 17 Feb 2021 13:51:00 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1613570897.992119"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Sat, 05 Jun 2021 22:31:53 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame A8E4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
last-modified
Wed, 17 Feb 2021 13:51:00 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1613570879.822144"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sat, 05 Jun 2021 22:31:53 GMT
l
mcdp-chidc2.outbrain.com/ Frame A8E4 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=5ce403546d1f3d79034ebb855d354bc8_10278_1620340313585&tm=783&eT=0&widgetWidth=525&widgetHeight=216&widgetX=0&widgetY=0&tpcs=0&wRV=2000339&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.31 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Thu, 06 May 2021 22:31:55 GMT
content-encoding
gzip
X-TraceId
318f6a5f740eef3d9fb2d4d72c76f61b
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
placement_invocation
ob.cheqzone.com/ Frame A8E4 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.113.194.12 Münster, Germany, ASN47447 (TTM, DE),
Reverse DNS
edge-481.b-cdn.net
Software
BunnyCDN-DE1-481 /
Resource Hash
4f65c38ed3681b49cf4f86c0e1fcd4143fa78015121b20e69e11c1c422dd0bfa

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
content-encoding
br
cdn-edgestorageid
481
cdn-cachedat
2021-05-06 22:18:35
cdn-pullzone
62714
cheq_headers_order
Content-Type Cache-Control Expires Etag Date Connection Content-Length
server
BunnyCDN-DE1-481
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
2642aeaf-0ebf-4c43-9f87-c153981605b2
cache-control
public, max-age=43200
cdn-requestid
b94f8de5c70ac4323575983d96b83a02
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 8122 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5fdaa349d7c6604c4b5215c9335cf142c3d4e5c43b737b20876d5e82bb3f6a04

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/widgetOBUserSync/obUserSync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://start.mybluelight.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://start.mybluelight.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"70a03e43d4fe8839cb5d3b8f73ba3af6:1620222995.351847"
last-modified
Wed, 05 May 2021 13:56:24 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=86400
expires
Fri, 07 May 2021 22:31:53 GMT
date
Thu, 06 May 2021 22:31:53 GMT
content-length
5464
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1620340313~rv=37~id=63ab71acaaf35eb21740159dfc566dac; path=/; Expires=Thu, 06 May 2021 22:31:53 GMT; Secure; SameSite=None
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ Frame 3F06 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
last-modified
Wed, 17 Feb 2021 13:51:00 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1613570897.992119"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Sat, 05 Jun 2021 22:31:53 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 3F06 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
last-modified
Wed, 17 Feb 2021 13:51:00 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1613570879.822144"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sat, 05 Jun 2021 22:31:53 GMT
l
mcdp-chidc2.outbrain.com/ Frame 3F06 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=d193576c47c95f2f27dd8c743b13acd7_10278_1620340313631&tm=768&eT=0&widgetWidth=525&widgetHeight=216&widgetX=0&widgetY=0&tpcs=0&wRV=2000339&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.31 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Thu, 06 May 2021 22:31:55 GMT
content-encoding
gzip
X-TraceId
6aeaca1220ff532c66cf413413566f94
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
placement_invocation
ob.cheqzone.com/ Frame 3F06 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.113.194.12 Münster, Germany, ASN47447 (TTM, DE),
Reverse DNS
edge-481.b-cdn.net
Software
BunnyCDN-DE1-481 /
Resource Hash
4f65c38ed3681b49cf4f86c0e1fcd4143fa78015121b20e69e11c1c422dd0bfa

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
content-encoding
br
cdn-edgestorageid
481
cdn-cachedat
2021-05-06 22:18:35
cdn-pullzone
62714
cheq_headers_order
Content-Type Cache-Control Expires Etag Date Connection Content-Length
server
BunnyCDN-DE1-481
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
2642aeaf-0ebf-4c43-9f87-c153981605b2
cache-control
public, max-age=43200
cdn-requestid
feca7f0eff103e5fe3ea1305436dcf42
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame AAAC 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5fdaa349d7c6604c4b5215c9335cf142c3d4e5c43b737b20876d5e82bb3f6a04

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/widgetOBUserSync/obUserSync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://start.mybluelight.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://start.mybluelight.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"70a03e43d4fe8839cb5d3b8f73ba3af6:1620222995.351847"
last-modified
Wed, 05 May 2021 13:56:24 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=86400
expires
Fri, 07 May 2021 22:31:53 GMT
date
Thu, 06 May 2021 22:31:53 GMT
content-length
5464
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1620340313~rv=28~id=8f297fba313e78737cd4f5956a108df4; path=/; Expires=Thu, 06 May 2021 22:31:53 GMT; Secure; SameSite=None
eyJpdSI6ImYxOTNjNzFkYjY0YzdkNzk3NTlhOWIwYjYzNzYwYTY1YTE0YWNmZjM0MWI2Y2FjZWNlM2VkZTE0NWM0YThjMjAiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 6690 		0
0
eyJpdSI6IjZhNDA5MmNlOTc1MjRhYzcyY2NjYTVlNzY5NzI5ZGVkMDE4N2Q2NDg3MzA2MWM4NTYxYjYyMWRmZWRmNDczNzgiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 6690 		0
0
eyJpdSI6IjhhYmVjMTkwODI1NWRiZjAzY2I5NWUyMDkxYzM1NzFkY2Q1NmJhNGE2OTEwZDEzODkyMzFkODlhMjA2NDNkMTMiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 6690 		0
0
eyJpdSI6IjFhODE0YmM4ZGVmNjVjZDFlYzhiN2JiOGE2MjcxOWZjMjRjMGMyZGE0YjYwMDI2ZGM0MDVlZTMxNzkzNTU0MjMiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 6690 		0
0
eyJpdSI6IjZhNDA5MmNlOTc1MjRhYzcyY2NjYTVlNzY5NzI5ZGVkMDE4N2Q2NDg3MzA2MWM4NTYxYjYyMWRmZWRmNDczNzgiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame A8E4 		0
0
eyJpdSI6ImYxOTNjNzFkYjY0YzdkNzk3NTlhOWIwYjYzNzYwYTY1YTE0YWNmZjM0MWI2Y2FjZWNlM2VkZTE0NWM0YThjMjAiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame A8E4 		0
0
eyJpdSI6IjhhYmVjMTkwODI1NWRiZjAzY2I5NWUyMDkxYzM1NzFkY2Q1NmJhNGE2OTEwZDEzODkyMzFkODlhMjA2NDNkMTMiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame A8E4 		0
0
eyJpdSI6ImM1ZGU2YzU5ZGJiMGY2ZDM4ZmQwNGYxNGZjODZkOGYwMTY5YWM5MWVjNjczMDRlMTdlYTZmOWVkOGUyODUyNWEiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame A8E4 		0
0
eyJpdSI6IjZhNDA5MmNlOTc1MjRhYzcyY2NjYTVlNzY5NzI5ZGVkMDE4N2Q2NDg3MzA2MWM4NTYxYjYyMWRmZWRmNDczNzgiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 3F06 		0
0
eyJpdSI6ImM1ZGU2YzU5ZGJiMGY2ZDM4ZmQwNGYxNGZjODZkOGYwMTY5YWM5MWVjNjczMDRlMTdlYTZmOWVkOGUyODUyNWEiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 3F06 		0
0
eyJpdSI6IjhhYmVjMTkwODI1NWRiZjAzY2I5NWUyMDkxYzM1NzFkY2Q1NmJhNGE2OTEwZDEzODkyMzFkODlhMjA2NDNkMTMiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 3F06 		0
0
eyJpdSI6IjZhNmIwMmQ1OTNkY2ZlNmRjNmY2Njc3ZmY4MGQyYWJjZWE3MmVmYWY0ZDJiNzkzZjYwOWY0NzlkMDgxNWI0YTUiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 3F06 		0
0
sr
capi.connatix.com/tr/ Frame D9A3 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sr?v=116015
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.99.24 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 06 May 2021 22:31:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://start.mybluelight.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
a30a4a350b665415cb951d678d4d3d24afbe2dce719abf4e7b97128ba03cfdb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"864 / 740 of 1000 / last-modified: 1620339182"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21221
x-xss-protection
0
expires
Thu, 06 May 2021 22:31:53 GMT
2_media.bin
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c3a73f7d-01b5-48fb-8e9f-dec2b997c4ef/ Frame D9A3 		291 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c3a73f7d-01b5-48fb-8e9f-dec2b997c4ef/2_media.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5318e840176e55b911ac8b7e854b9d597cc41edd46e85b862e0262269ac16bf6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 19:39:13 GMT
age
30544
etag
"8345a3cf2bb4df8aa8174b4fde31655e"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=31557600
accept-ranges
bytes
content-length
255
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame D9A3 		334 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e4b9cd929a11b17e0e60bd59847ed9415873288642b2954a726ade34a75e2eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117174
x-xss-protection
0
expires
Thu, 06 May 2021 22:31:53 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ Frame 3F06 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1620340313825&sessionId=cea386a8-5533-8c0d-a6c8-2f0583598fd7&url=start.mybluelight.com&cheqSource=1&cheqEvent=3&responseTime=838
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:53 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
3ea320c7952cb4bba18e92bf6a005a86
Content-Length
4
Expires
0
pubads_impl_2021042801.js
securepubads.g.doubleclick.net/gpt/ Frame AB53 		300 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 08:37:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108145
x-xss-protection
0
expires
Thu, 06 May 2021 22:31:53 GMT
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ Frame 3F06 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=d193576c47c95f2f27dd8c743b13acd7&pvId=d193576c47c95f2f27dd8c743b13acd7&sid=2422423&pid=10278&idx=0&wId=833&pad=4&org=0&tm=845&eT=3&cnsnt=no_consent&wRV=2000339&pVis=1&lsd=-1&eIdx=0&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:53 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
4f40acab85a2591974b1538d8dc0c6a3
Content-Length
4
Expires
0
crum
dsum-sec.casalemedia.com/ Frame F433
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJRuWPBednFrO4SxEmtV.QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMmqJq8rRMeqIXfelKlS0uE&google_cver=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMmqJq8rRMeqIXfelKlS0uE&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 06 May 2021 22:31:54 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMmqJq8rRMeqIXfelKlS0uE&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame F433 		43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YJRuWPBednFrO4SxEmtV-QAABL8AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:54 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame F433
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJRuWPBednFrO4SxEmtV-QAABL8AAAIB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEA2PNrImugQRqTmq91R0kWM&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEA2PNrImugQRqTmq91R0kWM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 06 May 2021 22:31:54 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEA2PNrImugQRqTmq91R0kWM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame F433 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YJRuWPBednFrO4SxEmtV.QAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.69.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:54 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
demconf.jpg
dpm.demdex.net/ Frame F433
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YJRuWPBednFrO4SxEmtV.QAA%261215
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YJRuWPBednFrO4SxEmtV.QAA%261215
42 B
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YJRuWPBednFrO4SxEmtV.QAA%261215
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.91.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v005-0e1009880.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
RY4LV/m8QEY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v005-0c7d1f46b.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
L7gra76GRHc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YJRuWPBednFrO4SxEmtV.QAA%261215
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
CookieIndex
rtb.adentifi.com/ Frame F433 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.51.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
113
match.deepintent.com/usersync/ Frame F433 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:56 GMT
content-length
0
server
a
rum
dsum-sec.casalemedia.com/ Frame F433
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YJRuWwAAziE1gwA4
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YJRuWwAAziE1gwA4&_test=YJRuWwAAziE1gwA4
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YJRuWwAAziE1gwA4&_test=YJRuWwAAziE1gwA4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 06 May 2021 22:31:55 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1620340315.144193,VS0,VE0
x-served-by
cache-hhn4052-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YJRuWwAAziE1gwA4&_test=YJRuWwAAziE1gwA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame F433 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=YJRuWPBednFrO4SxEmtV-QAABL8AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:53 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/ Frame 10E1 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:18:23 GMT
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
811
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
BLER97bN2RzJhPTAjV7b4Z6oTx8V-D6u3Y0vPSoENCE_n68IQHx30g==
beacon.js
sb.scorecardresearch.com/ Frame 8122 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:18:23 GMT
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
811
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
es9VrryCZpLuiE4E5TbB0aYEgyF_TfIVNOj7FKG_YagX6PMJ7I8BAg==
beacon.js
sb.scorecardresearch.com/ Frame AAAC 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:18:23 GMT
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
811
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
BdyL1kLOPUJJSN--L3GHRyhpMlJRpEkFNI0ubdI5wB9XbJidaPZHeg==
show_pla
obs.cheqzone.com/ Frame 6690 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=735022782041018729852921401575107428959199767817027153167825086011&nc=0&tsf=0&tsfmi=&pv=0&cb=1620340313995&ref=http%3A%2F%2Fwebmaila.mybluelight.com%2F&pit=1&hl=2&op=0&fs=525x220&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=2826626440&at=&bid=e30%3D&di=W1siZWYiLDU0MTFdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFstMSwiLSJdLFstMiwiMTAs%0D%0AWEh4ZzFqMHpFbEFRd0oxUUVja3Z6b3ZiY0FJWlNFRWpBaEpJUVFCd2dsOUY0Q0JBZ1FXZ2lkMExI%0D%0AQkJlT0dqYnZYM3FZeU02Lyt2enZTN0dvWEd3aC8rYk1samJUeWFvN09QZiJdLFstMywiW10iXSxb%0D%0ALTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCJpbkRhcElGXCIsXCJpbkdwdElG%0D%0AXCIsXCJkaWNuZlwiLFwidmlld1JlcVwiLFwidnVcIixcIl9fZ29vZ2xlX2xpZGFyX1wiLFwib3Nk%0D%0AbGZtXCIsXCJfX2dvb2dsZV9saWRhcl9hZGJsb2Nrc19jb3VudF9cIixcIl9fZ29vZ2xlX2xpZGFy%0D%0AX3JhZGZfXCIsXCJPQlJcIixcIk9CX3JlbGVhc2VWZXJcIixcIk9CUiRcIixcIk9CX1BST1hZXCIs%0D%0AXCJvdXRicmFpblwiLFwib3V0YnJhaW5fcmF0ZXJcIixcIl9fY3RjZ182NTM0OV8wX2V4ZWNcIl0s%0D%0AXCJuXCI6W10sXCJkXCI6W119Il0sWy03LCItIl0sWy04LCItIl0sWy05LCItIl0sWy0xMCwiLSJd%0D%0ALFstMTEsIntcInRcIjpcIlwiLFwibVwiOltdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0x%0D%0ANCwie1wib1wiOjAuNzYxOTA0NzYxOTA0NzYxOX0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcs%0D%0AIjE2Il0sWy0xOCwiWzAsMCwwLDFdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIs%0D%0AMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsNTI1LDIyMCwwLDAsMCwwLFwiLVwiLFwiLVwi%0D%0AXSJdLFstMjAsIjEzNjY3NDU0MzguMTYyMDM0MDMxMCJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIs%0D%0AXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjoz%0D%0AOTYwMDAwMCxcInVqaHNcIjozMTIwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlsw%0D%0ALDkuNSwwLFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVTIl0sWy0yOSwie1widlwiOlsyLDIsMiwy%0D%0ALDAsMCwwLDIsMCwyLDAsMiwwLDAsMiwyLDIsMiwwXX0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMx%0D%0ALCJ0cnVlIl0sWy0zMiwiMiJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE2MjAzNDAzMTM5%0D%0AMTIsLTJdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItIl0sWy0zOCwiYywtMSwt%0D%0AMSwtMTYyMDM0MDMxMjY3MSwwLDAsMCwwLDAsMTYyMDM0MDMxMjY3MSwwLDIsMTM3Ljg5NSwxMzcu%0D%0AODk1LDEyNDEsMTI0MSJdLFstMzksIltcIjIwMDMwMTA3XCIsMCxcIkdlY2tvXCIsXCJOZXRzY2Fw%0D%0AZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwwXSJdLFstNDAsIjMz%0D%0AIl0sWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAwMDAwMDAwMDAx%0D%0AMTEwMTEwMCJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1LCI2MjAsMCwwLDAsMCwwLDc2MiwwLDY0OCww%0D%0ALDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0s%0D%0AWy00NywiRXVyb3BlL0Jlcmxpbixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5%0D%0ALCItIl0sWyJibmNoIiwxMTddXQ%3D%3D&tsfu=&fst=1600x1200&dep=1&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A8%2C%22w%22%3A525%2C%22h%22%3A248%7D%2C%7B%22w%22%3A525%2C%22h%22%3A220%7D%2C%7B%22x%22%3A468%2C%22y%22%3A2382%2C%22w%22%3A525%2C%22h%22%3A220%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=Ro0v9ngWUc&sdd=%7B%7D&pto=1326&ao=https%3A%2F%2Fstart.mybluelight.com&aol=1
Requested by
Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
72cd1c0961c5e83168f998c70150c39d60a5113be957be004cad03ada6539fee

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:54 GMT
content-encoding
gzip
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Set-Cookie Content-Type Cache-Control Pragma Expires Content-Length Content-Encoding Date Connection
content-length
1439
expires
Fri, 01 Jan 1990 00:00:00 GMT
g
capi.connatix.com/rtb/ Frame D9A3 		860 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=116015
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.99.24 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c8dd6eab03b23e069d9086f9a17f8bd6f53f373fe18278ac9a60b88dd8af9a25

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 06 May 2021 22:31:54 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://start.mybluelight.com
transfer-encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
1_th.jpg
img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c3a73f7d-01b5-48fb-8e9f-dec2b997c4ef/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c3a73f7d-01b5-48fb-8e9f-dec2b997c4ef/1_th.jpg?crop=450:253,smart&width=450&height=253&format=jpeg&quality=60&fit=crop
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
296e700243c64d5219a26e409e45646f0ec82eee4e87c83c973b5c8ff2ec29cd

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:54 GMT
age
36599
etag
"dOWuvYl2aTeVXhFufYH8dUcU9yz1I08wF9ajOEJtVdw"
access-control-max-age
86400
fastly-io-info
ifsz=82539 idim=2560x1440 ifmt=jpeg ofsz=9018 odim=450x253 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
9018
show_pla
obs.cheqzone.com/ Frame A8E4 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=140265101032515292126005421106692397075221808912168814202881595002&nc=0&tsf=0&tsfmi=&pv=0&cb=1620340314065&ref=http%3A%2F%2Fwebmaila.mybluelight.com%2F&pit=1&hl=2&op=0&fs=525x220&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=2826626440&at=&bid=e30%3D&di=W1siZWYiLDIzMzZdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFstMSwiLSJdLFstMiwiMyxY%0D%0ASHhnMWowekVsQVF3SjFRRWNrdnpvdmJjQUlaU0VFakFoSklRUUJ3Z2w5RjRDQkFnUVdnaWQwTEhC%0D%0AQmVPR2pidlgzcVl5TTYvK3Z6dlM3R29YR3doLytiTWxqYlR5YW83T1BmIl0sWy0zLCJbXSJdLFst%0D%0ANCwiLSJdLFstNSwiLSJdLFstNiwie1wid1wiOltcIjBcIixcImluRGFwSUZcIixcImluR3B0SUZc%0D%0AIixcImRpY25mXCIsXCJ2aWV3UmVxXCIsXCJ2dVwiLFwiX19nb29nbGVfbGlkYXJfXCIsXCJvc2Rs%0D%0AZm1cIixcIl9fZ29vZ2xlX2xpZGFyX2FkYmxvY2tzX2NvdW50X1wiLFwiX19nb29nbGVfbGlkYXJf%0D%0AcmFkZl9cIixcIk9CUlwiLFwiT0JfcmVsZWFzZVZlclwiLFwiT0JSJFwiLFwiT0JfUFJPWFlcIixc%0D%0AIm91dGJyYWluXCIsXCJvdXRicmFpbl9yYXRlclwiLFwiX19jdGNnXzY1MzQ5XzBfZXhlY1wiXSxc%0D%0AIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIi0iXSxbLTEwLCItIl0s%0D%0AWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W119Il0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE0%0D%0ALCJ7XCJvXCI6MC43MzY4NDIxMDUyNjMxNTc5fSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywi%0D%0AMTYiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwx%0D%0ANjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCw1MjUsMjIwLDAsMCwwLDAsXCItXCIsXCItXCJd%0D%0AIl0sWy0yMCwiMTM2Njc0NTQzOC4xNjIwMzQwMzEwIl0sWy0yMSwiLSJdLFstMjIsIltcIm5cIixc%0D%0AIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjM5%0D%0ANjAwMDAwLFwidWpoc1wiOjMxMjAwMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAs%0D%0AOS41LDAsXCI0Z1wiLG51bGxdIl0sWy0yOCwiZW4tVVMiXSxbLTI5LCJ7XCJ2XCI6WzIsMiwyLDIs%0D%0AMCwwLDAsMiwwLDIsMCwyLDAsMCwyLDIsMiwyLDBdfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEs%0D%0AInRydWUiXSxbLTMyLCIyIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTYyMDM0MDMxNDA1%0D%0ANSwtMl0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstMzcsIi0iXSxbLTM4LCJjLC0xLC0x%0D%0ALC0xNjIwMzQwMzEyNjc2LDAsMCwwLDAsMCwxNjIwMzQwMzEyNjc2LDAsMiwxMzIuOTQsMTMyLjk0%0D%0ALDEzNzksMTM3OSJdLFstMzksIltcIjIwMDMwMTA3XCIsMCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwi%0D%0ALFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwwXSJdLFstNDAsIjMzIl0s%0D%0AWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAwMDAwMDAwMDAxMTEw%0D%0AMTEwMCJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1LCI2MjAsMCwwLDAsMCwwLDc2MiwwLDY0OCwwLDAs%0D%0AMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0sWy00%0D%0ANywiRXVyb3BlL0Jlcmxpbixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCIt%0D%0AIl0sWyJibmNoIiwyOF1d&tsfu=&fst=1600x1200&dep=1&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A8%2C%22w%22%3A525%2C%22h%22%3A216%7D%2C%7B%22w%22%3A525%2C%22h%22%3A220%7D%2C%7B%22x%22%3A468%2C%22y%22%3A1747%2C%22w%22%3A525%2C%22h%22%3A220%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=BNFvaWiLJH&sdd=%7B%7D&pto=1390&ao=https%3A%2F%2Fstart.mybluelight.com&aol=1
Requested by
Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
f237dbce70a08310ddb180c0d0ea077e07d6b9efd19d9c990aa174be0a569343

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:54 GMT
content-encoding
gzip
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Set-Cookie Content-Type Cache-Control Pragma Expires Content-Length Content-Encoding Date Connection
content-length
1449
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_pla
obs.cheqzone.com/ Frame 3F06 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=032766100231291680212629411958619400558710280581158913526187525875&nc=0&tsf=0&tsfmi=&pv=0&cb=1620340314110&ref=http%3A%2F%2Fwebmaila.mybluelight.com%2F&pit=1&hl=2&op=0&fs=525x220&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=2826626440&at=&bid=e30%3D&di=W1siZWYiLDU1MjFdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFstMSwiLSJdLFstMiwiMixY%0D%0ASHhnMWowekVsQVF3SjFRRWNrdnpvdmJjQUlaU0VFakFoSklRUUJ3Z2w5RjRDQkFnUVdnaWQwTEhC%0D%0AQmVPR2pidlgzcVl5TTYvK3Z6dlM3R29YR3doLytiTWxqYlR5YW83T1BmIl0sWy0zLCJbXSJdLFst%0D%0ANCwiLSJdLFstNSwiLSJdLFstNiwie1wid1wiOltcIjBcIixcImluRGFwSUZcIixcImluR3B0SUZc%0D%0AIixcImRpY25mXCIsXCJ2aWV3UmVxXCIsXCJ2dVwiLFwiX19nb29nbGVfbGlkYXJfXCIsXCJvc2Rs%0D%0AZm1cIixcIl9fZ29vZ2xlX2xpZGFyX2FkYmxvY2tzX2NvdW50X1wiLFwiX19nb29nbGVfbGlkYXJf%0D%0AcmFkZl9cIixcIk9CUlwiLFwiT0JfcmVsZWFzZVZlclwiLFwiT0JSJFwiLFwiT0JfUFJPWFlcIixc%0D%0AIm91dGJyYWluXCIsXCJvdXRicmFpbl9yYXRlclwiLFwiX19jdGNnXzY1MzQ5XzBfZXhlY1wiXSxc%0D%0AIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIi0iXSxbLTEwLCItIl0s%0D%0AWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W119Il0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE0%0D%0ALCJ7XCJvXCI6MC43MzY4NDIxMDUyNjMxNTc5fSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywi%0D%0AMTYiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwx%0D%0ANjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCw1MjUsMjIwLDAsMCwwLDAsXCItXCIsXCItXCJd%0D%0AIl0sWy0yMCwiMTM2Njc0NTQzOC4xNjIwMzQwMzEwIl0sWy0yMSwiLSJdLFstMjIsIltcIm5cIixc%0D%0AIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjM5%0D%0ANjAwMDAwLFwidWpoc1wiOjMxMjAwMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAs%0D%0AOS41LDAsXCI0Z1wiLG51bGxdIl0sWy0yOCwiZW4tVVMiXSxbLTI5LCJ7XCJ2XCI6WzIsMiwyLDIs%0D%0AMCwwLDAsMiwwLDIsMCwyLDAsMCwyLDIsMiwyLDBdfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEs%0D%0AInRydWUiXSxbLTMyLCIyIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTYyMDM0MDMxNDEw%0D%0AMywtMl0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstMzcsIi0iXSxbLTM4LCJjLC0xLC0x%0D%0ALC0xNjIwMzQwMzEyNjgwLDAsMCwwLDAsMCwxNjIwMzQwMzEyNjgwLDAsMywxMjkuMzU1LDEyOS4z%0D%0ANTUsMTQyMywxNDI0Il0sWy0zOSwiW1wiMjAwMzAxMDdcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBl%0D%0AXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzMi%0D%0AXSxbLTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMDEx%0D%0AMTAxMTAwIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIjYyMCwwLDAsMCwwLDAsNzYyLDAsNjQ4LDAs%0D%0AMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxb%0D%0ALTQ3LCJFdXJvcGUvQmVybGluLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDks%0D%0AIi0iXSxbImJuY2giLDIyXV0%3D&tsfu=&fst=1600x1200&dep=1&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A8%2C%22w%22%3A525%2C%22h%22%3A216%7D%2C%7B%22w%22%3A525%2C%22h%22%3A220%7D%2C%7B%22x%22%3A468%2C%22y%22%3A1112%2C%22w%22%3A525%2C%22h%22%3A220%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=ub632rx5O7&sdd=%7B%7D&pto=1431&ao=https%3A%2F%2Fstart.mybluelight.com&aol=1
Requested by
Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
909701f338c95b37e912e5a5c7b87d7ea9c253b893a464352c8fbaba236e4f92

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:54 GMT
content-encoding
gzip
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Set-Cookie Content-Type Cache-Control Pragma Expires Content-Length Content-Encoding Date Connection
content-length
1446
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.454.1_en.html
imasdk.googleapis.com/js/core/ Frame 91FF 		570 KB
186 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.454.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ff75b07b679b038da08955f58b2c32940a82005f22d4f7138259dfe9fe80635
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.454.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://start.mybluelight.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://start.mybluelight.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
190798
date
Thu, 06 May 2021 01:40:41 GMT
expires
Fri, 06 May 2022 01:40:41 GMT
last-modified
Thu, 06 May 2021 01:32:23 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
75073
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame D9A3 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Thu, 06 May 2021 22:31:54 GMT
bridge3.454.1_en.html
imasdk.googleapis.com/js/core/ Frame 7C0E 		570 KB
186 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.454.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ff75b07b679b038da08955f58b2c32940a82005f22d4f7138259dfe9fe80635
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.454.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://start.mybluelight.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://start.mybluelight.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
190798
date
Thu, 06 May 2021 01:40:41 GMT
expires
Fri, 06 May 2022 01:40:41 GMT
last-modified
Thu, 06 May 2021 01:32:23 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
75073
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.454.1_en.html
imasdk.googleapis.com/js/core/ Frame 8CE8 		570 KB
186 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.454.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ff75b07b679b038da08955f58b2c32940a82005f22d4f7138259dfe9fe80635
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.454.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://start.mybluelight.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://start.mybluelight.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
190798
date
Thu, 06 May 2021 01:40:41 GMT
expires
Fri, 06 May 2022 01:40:41 GMT
last-modified
Thu, 06 May 2021 01:32:23 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
75073
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame D9A3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
b2
sb.scorecardresearch.com/ Frame 10E1
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=10278&cs_ucfr=1&ns__t=1620340314162&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2Fo...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=10278&cs_ucfr=1&ns__t=1620340314162&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2F...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=10278&cs_ucfr=1&ns__t=1620340314162&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D10278%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DCH&c9=https%3A%2F%2Fstart.mybluelight.com%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:54 GMT
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
I3lkVpBNlK65Oo07VAM6245TuhGqbY8PFag3PEYFzU_SKKLzx0GcwQ==

Redirect headers

date
Thu, 06 May 2021 22:31:54 GMT
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=10278&cs_ucfr=1&ns__t=1620340314162&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D10278%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DCH&c9=https%3A%2F%2Fstart.mybluelight.com%2F
content-length
447
x-amz-cf-id
G3kn7ol5iWB49Ff4lESNODESNlIuPv8c1t2RB-fVZrfpC1osq-Rwzg==
b2
sb.scorecardresearch.com/ Frame 8122
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=10278&cs_ucfr=1&ns__t=1620340314162&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2Fo...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=10278&cs_ucfr=1&ns__t=1620340314162&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2F...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=10278&cs_ucfr=1&ns__t=1620340314162&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D10278%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DCH&c9=https%3A%2F%2Fstart.mybluelight.com%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:54 GMT
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
vZJPp5fwsLBbf0fWCUCgt1xcKBzkEEgHc5e9AQSbllSlCcLGvkaZXQ==

Redirect headers

date
Thu, 06 May 2021 22:31:54 GMT
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=10278&cs_ucfr=1&ns__t=1620340314162&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D10278%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DCH&c9=https%3A%2F%2Fstart.mybluelight.com%2F
content-length
447
x-amz-cf-id
-ibvfuqbByYjaMcVfTTt6Kua7h2MrST1UPbfvEl68VFMr1Z9jr-ewA==
b2
sb.scorecardresearch.com/ Frame AAAC
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=10278&cs_ucfr=1&ns__t=1620340314163&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2Fo...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=10278&cs_ucfr=1&ns__t=1620340314163&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2F...
64 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=10278&cs_ucfr=1&ns__t=1620340314163&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D10278%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DCH&c9=https%3A%2F%2Fstart.mybluelight.com%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:54 GMT
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
JgvbXJ9Z_regYNapa0ii-44omZSXeOQJiUy6CeCYK0ntvFLtK4lrEg==

Redirect headers

date
Thu, 06 May 2021 22:31:54 GMT
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=10278&cs_ucfr=1&ns__t=1620340314163&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D10278%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DCH&c9=https%3A%2F%2Fstart.mybluelight.com%2F
content-length
447
x-amz-cf-id
_YDp21SYVpoaS5mwxlFm9OMKtpPm-IbkFiuy-u0L94ixzDB00am2_A==
playlist.m3u8
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c3a73f7d-01b5-48fb-8e9f-dec2b997c4ef/ Frame D9A3 		309 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c3a73f7d-01b5-48fb-8e9f-dec2b997c4ef/playlist.m3u8
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:54 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 19:39:12 GMT
age
34132
etag
"8a966507b13615ecdc1330a4bc9dcfe1"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=31557600
accept-ranges
bytes
content-length
164
dwce_cheq_events
log.outbrainimg.com/loggerServices/ Frame 6690 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1620340314200&sessionId=045aa84f-ab62-2f09-e2fa-2ba4d5fa9529&url=start.mybluelight.com&cheqSource=1&cheqEvent=3&responseTime=1254
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:54 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
281e1b5267d4c8e2be9a2fc948ac39d3
Content-Length
4
Expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 4BD5 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYKnS5pOLlsBBNxB2SJ0bnpDg9aO65pjAjRCQ_8_sQ6okndcXWlFE72sWVh5PBESDMHTaOwt0gROguRo7-s0lcIg8XfrXag7Hwkjtyh20&sig=Cg0ArKJSzKtttAvpH3KqEAE&id=lidar2&mcvt=1005&p=1179,1308,1180,1309&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20210505&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3467785237&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1620340312705&dlt=0&rpt=300&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 026E 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:14:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
1049
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Thu, 06 May 2021 23:14:25 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 148D 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:14:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
1049
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Thu, 06 May 2021 23:14:25 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3FDB 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:14:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
1049
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Thu, 06 May 2021 23:14:25 GMT
0.m3u8
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c3a73f7d-01b5-48fb-8e9f-dec2b997c4ef/ Frame D9A3 		720 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c3a73f7d-01b5-48fb-8e9f-dec2b997c4ef/0.m3u8
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
57f11b2992a94d65f5b588f416b1af3161954bc2503941c09ec42c26de4e9d19

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:54 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 19:39:11 GMT
age
34131
etag
"d264400a9ddc3476c84fdafd0d4c8014"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=31557600
accept-ranges
bytes
content-length
278
spacer.gif
static.uolcontent.com/images/ 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.uolcontent.com/images/spacer.gif?msg=AS%3AE%3Aappnexus%20bidding%20errors%3A%20Top2%20jsonp%20script%20loading%20failed%3A%20timeout%2CBottom2%20jsonp%20script%20loading%20failed%3A%20timeout%2CTop1%20jsonp%20script%20loading%20failed%3A%20timeout%2CBottomRight%20jsonp%20script%20loading%20failed%3A%20timeout&command=ADLOG&count=1620340314287
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
content.dca.untd.com
Software
lighttpd /
Resource Hash
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:54 GMT
last-modified
Wed, 04 Jan 2017 07:38:14 GMT
server
lighttpd
etag
"4030218971"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
43
expires
Sat, 05 Jun 2021 22:31:54 GMT
spacer.gif
static.uolcontent.com/images/ 		43 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.uolcontent.com/images/spacer.gif?msg=AS%3AI%3Abids%3DTop2%3A12345%7C0%3B46202%7C0%3B46224%7C0%3B46737%7C0%3B46700%7C0%3B46764%7C0%3B46250%7C0%3B46152%7C0%3B46357%7C0%3B46470%7C0%3B46234%7C0%2CBottom2%3A12345%7C0%3B46200%7C0%3B46222%7C0%3B46735%7C0%3B46698%7C0%3B46762%7C0%3B46248%7C0%3B46154%7C0%3B46358%7C0%3B46473%7C0%3B46232%7C0%2CTop1%3A12345%7C0%3B46199%7C0%3B46221%7C0%3B46734%7C0.01%3B46697%7C0%3B46761%7C0%3B46247%7C0%3B46151%7C0%3B46355%7C0%3B46474%7C0%3B46238%7C0%2CBottomRight%3A12345%7C0%3B46201%7C0%3B46223%7C0%3B46736%7C0.02%3B46699%7C0%3B46763%7C0%3B46249%7C0%3B46153%7C0%3B46356%7C0%3B46472%7C0%3B46233%7C0%2CLeft%3A12345%7C0%3B46272%7C0%3B46279%7C0%3B46738%7C0%3B46701%7C0%3B46765%7C0%3B46359%7C0%3B46471%7C0%3B46281%7C0%26tt%3D2024%7Ca9v2%3A562%7Cadtech%3A282%7Cindex%3A185%7Crubicon%3A356%7Cpubmatic%3A277%7Copenx%3A282%7Cappnexus%3A2021%7Cbreal%3A283%7Ccriteo%3A366%7Cconversant%3A68%7Csovrn%3A282%26du%3D0%26site%3Duolstart%26pn%3Ddesk%2Fhome%26fl%3D1%26ar%3D0&command=ADLOG&count=1620340314288
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
content.dca.untd.com
Software
lighttpd /
Resource Hash
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:54 GMT
last-modified
Wed, 04 Jan 2017 07:38:14 GMT
server
lighttpd
etag
"4030218971"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
43
expires
Sat, 05 Jun 2021 22:31:54 GMT
spacer.gif
static.uolcontent.com/images/ 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.uolcontent.com/images/spacer.gif?msg=AS%3AI%3AbidsWon%3DTop1%3A46734%7Crubicon%7C0.01%2CBottomRight%3A46736%7Crubicon%7C0.02%26site%3Duolstart&command=ADLOG&count=1620340314288
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.136.44.49 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
content.dca.untd.com
Software
lighttpd /
Resource Hash
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:54 GMT
last-modified
Wed, 04 Jan 2017 07:38:14 GMT
server
lighttpd
access-control-allow-origin
*
etag
"4030218971"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
nncoection
close
cache-control
max-age=2592000
accept-ranges
bytes
content-length
43
expires
Sat, 05 Jun 2021 22:31:54 GMT
integrator.js
adservice.google.ch/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=start.mybluelight.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=start.mybluelight.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		124 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3830630729570559&correlator=2296549680476338&output=ldjh&impl=fifs&eid=31060899%2C676982996&vrg=2021042801&ptt=17&us_privacy=1YNN&sc=1&sfv=1-0-38&ecs=20210506&iu_parts=21228205%2CLBT_TOP_ISP_ATF%2CLBL_BTM_ISP_BTF%2CMRT_TOP_ISP_ATF%2CMRL_BTM_ISP_BTF%2CSKY_LFT_ISP_ATF&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%2C728x90%2C300x250%2C300x250%2C160x600%7C120x600&prev_scp=UOL_POS%3DTop2%26uolpagename%3Ddesk%252Fhome%26uoldialup%3Dfalse%26uolbrand%3DBL%26uolrotate%3Dfalse%7CUOL_POS%3DBottom2%26uolpagename%3Ddesk%252Fhome%26uoldialup%3Dfalse%26uolbrand%3DBL%26uolrotate%3Dfalse%7CUOL_POS%3DTop1%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D0661e00e-a2d1-4f70-a05e-1eb096066c7b%26uolpagename%3Ddesk%252Fhome%26uoldialup%3Dfalse%26uolbrand%3DBL%26uolrotate%3Dfalse%7CUOL_POS%3DBottomRight%26hb_pb_rubicon%3D0.02%26hb_adid_rubicon%3D09a8aab4-91fd-4b07-84fa-48aa77847d64%26uolpagename%3Ddesk%252Fhome%26uoldialup%3Dfalse%26uolbrand%3DBL%26uolrotate%3Dfalse%7CUOL_POS%3DLeft%26uolpagename%3Ddesk%252Fhome%26uoldialup%3Dfalse%26uolbrand%3DBL%26uolrotate%3Dfalse&cookie=ID%3Ddcacad81cb47a00e-22be7f260ac800f8%3AT%3D1620340312%3AS%3DALNI_Mao0tGnAPiTDaRDUIKwU6Rpt9orLQ&bc=31&abxe=1&lmt=1620340314&dt=1620340314309&dlt=1620340309298&idt=3169&frm=20&biw=1600&bih=1200&oid=3&adxs=582%2C582%2C1010%2C1010%2C290&adys=10%2C1093%2C241%2C496%2C241&adks=3493789625%2C3106991557%2C58431305%2C2184520972%2C3176455463&ucis=7%7C8%7C9%7Ca%7Cb&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&ref=http%3A%2F%2Fwebmaila.mybluelight.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1%7C728x-1%7C300x250%7C300x250%7C160x600&msz=728x-1%7C728x-1%7C300x250%7C300x250%7C160x600&psts=AGkb-H-xpgY__jfpgwC_cItkauLtWn-9aQzetNeU9SWjQMw9LVs-MO3_UQIvv55DLa4soU0GtTrh6VebCt0A%2CAGkb-H8nn0iGPWFfgyZyCla26C9QiQE-Aiu3u1I8W2B0VvbGKnDbkIgVfa8VjC_Gts25ugGKW5e7PIg6s5Hm%2CAGkb-H8YrX_wz9BgjnJrKU1mQiQvQdw2a8S_KlmdTAgo-Pv2csE5mDcPmp5QzFnwQN6NDACULv9taPhcYp3P%2CAGkb-H9ndVGXYOuKBw4aNs0Cl-6hj9FaECsmb4QzyniJUy6utp9ELgpAlk2kX4zRwqiHbi4Yai4KTD60Y2jf%2CAGkb-H9cInPZ040DpM2MXwod8moVYAbnOC0lCf0FXP6aSLhns2ruGpFaJD8FxarmpInbg_PFMmQeGjkA5btk%2CAGkb-H89y4TEOJHEWXIvwSgk5j0dLY07o-hZfv0sGhhjxW_ZnV2Vomzmvp1cOhyD_5SZ_yjjT6j0eCbvKpIj&ga_vid=1366745438.1620340310&ga_sid=1620340313&ga_hid=104796195&ga_fc=false&fws=512%2C512%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
711e6895c1e81a4ba7a3ea582360a538c178a49be8472c5119f50345ea597ea7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38146
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://start.mybluelight.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c3a73f7d-01b5-48fb-8e9f-dec2b997c4ef/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c3a73f7d-01b5-48fb-8e9f-dec2b997c4ef/0.mp4
Protocol
H2
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://start.mybluelight.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

retry-after
0
access-control-allow-methods
*
access-control-allow-headers
range
accept-ranges
bytes
date
Thu, 06 May 2021 22:31:54 GMT
access-control-max-age
86400
cache-control
max-age=31557600
access-control-allow-origin
*
content-length
0
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c3a73f7d-01b5-48fb-8e9f-dec2b997c4ef/ Frame D9A3 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c3a73f7d-01b5-48fb-8e9f-dec2b997c4ef/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d565ea94d0c69827276438316106be3fb0291cf2a30211634b99adb27bded566

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-1361

Response headers

date
Thu, 06 May 2021 22:31:54 GMT
last-modified
Thu, 15 Apr 2021 19:39:11 GMT
age
34130
etag
"86fff583a9260d22bf5a0cc18705195c"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1361/5750850
cache-control
max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1362
imp.gif
obs.cheqzone.com/tracker/ Frame 3F06 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e001368eec431ea448b999225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714593d60632fd78afe7dfe1474ab9488bbd39e821da61c45085052aae2d05f91e46042cc95b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c1250616e9656ca0990a63ecc89825d957bd1fad811bc551c8c96dd82a77c3d835d27795d1bca1daeeb01e2cf72cb1b2f92c5732bf823195b340ba40465781090e8dd4c38681eb923bce6a88dee5897bbf2b2d6e872f7ac690911f2383b374fd5bb29718c121fd27151e539765ff439cd0be71f8df78d60ae49fca976895594a7afa501f56745f32c6a16cf954c2cf9732e88f77b196219acca9f87acfe8b411266e8fea4f49d7f7510b4cb4fcec74ae5199f65fefe532b17ca92d9651d208caae3cc10624e5ad8e7b393f601f370d5c16b6fc8f6ad21eaa434e4144e4a61ccd920a788baac3a8ee7ec8ecf8eec3a9bdfb4f532eb812c4f00c2cf01c2045933a03267efc3fed334cdef98223986ad768&cb=1620340314420&cri=ub632rx5O7
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:54 GMT
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Cache-Control Pragma Expires Content-Type Date Connection Content-Length
content-type
image/gif
content-length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
imp.gif
obs.cheqzone.com/tracker/ Frame A8E4 		43 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e001368eec431ea448b999225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714593d60632fd78afe7dfe1474ab9488bbd39e821da61c45085052aae2d05f91e46042cc95b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c1250616e9656ca0990a63ecc89825d957bd1fad811bc551c8c96dd82a77c3d835d2779281e8a58ee7e11b7ba326e3b2fc2f543dba866797b714e7414752d50f098185c38681eb923bce6a88deb3db29b47c7a6482792dc6c2c74e7c84e822ad05b0c319c727af7a181f57c864ff439cd0be71f8df78d60ae49fca976895594a7afa501f56745f32c6a16cf954c2cf9732e88f77b196219acca9f87acfe8b411266e8fea4f49d7f7510b4cb4fcec74ae5199f65fefe532b17ca92d9651d208caae3cc10624e5ad8e7b393f601f370d5c16b6fc8f6ad21eaa434e4144e4a61ccd920a788baac3a8ee7ec8ecf8eec3a9bdfb4f532eb812c4f00c2cf01c2045933a03267efc3fed334cdef98223986ad768&cb=1620340314424&cri=BNFvaWiLJH
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:54 GMT
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Cache-Control Pragma Expires Content-Type Date Connection Content-Length
content-type
image/gif
content-length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 91FF 		156 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F8566&description_url=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1939125785558531&cust_params=domains%3Dstart.mybluelight.com&sdkv=h.3.454.1&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=8463076&sdk_apis=2%2C8&sid=ADE6255D-ED65-44F8-A56C-FE0F5030D415&url=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&ref=https%3A%2F%2Fstart.mybluelight.com%2F&dt=1620340314430&cookie=ID%3Ddcacad81cb47a00e-22be7f260ac800f8%3AT%3D1620340312%3AS%3DALNI_Mao0tGnAPiTDaRDUIKwU6Rpt9orLQ&scor=769418916167619&ged=ve4_td1_er585.506.737.806_vi0.0.1200.1600_vp100_eb24168
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.454.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
imp.gif
obs.cheqzone.com/tracker/ Frame 6690 		43 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e001368eec431ea448b999225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714593d60632fd78afe7dfe1474ab9488bbd39e821da61c45085052aae2d05f91e46042cc95b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c1250616e9656ca0990a63ecc89825d957bd1fad811bc551c8c96dd82a77c3d835d27798d5befb8ebbb61079a37abfeaf82e5530bc826192e042e6434e53d10c0ed6d6c38681eb923bce6a88dee3dc79e82f2e6ed17878cf92971a7c84ba22ad5ae79449c22df92c434c079c32ff439cd0be71f8df78d60ae49fca976895594a7afa501f56745f32c6a16cf954c2cf9732e88f77b196219acca9f87acfe8b411266e8fea4f49d7f7510b4cb4fcec74ae5199f65fefe532b17ca92d9651d208caae3cc10624e5ad8e7b393f601f370d5c16b6fc8f6ad21eaa434e4144e4a61ccd920a788baac3a8ee7ec8ecf8eec3a9bdfb4f532eb812c4f00c2cf01c2045933a03267efc3fed334cdef98223986ad768&cb=1620340314440&cri=Ro0v9ngWUc
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:54 GMT
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Cache-Control Pragma Expires Content-Type Date Connection Content-Length
content-type
image/gif
content-length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c3a73f7d-01b5-48fb-8e9f-dec2b997c4ef/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c3a73f7d-01b5-48fb-8e9f-dec2b997c4ef/0.mp4
Protocol
H2
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://start.mybluelight.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

retry-after
0
access-control-allow-methods
*
access-control-allow-headers
range
accept-ranges
bytes
date
Thu, 06 May 2021 22:31:54 GMT
access-control-max-age
86400
cache-control
max-age=31557600
access-control-allow-origin
*
content-length
0
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c3a73f7d-01b5-48fb-8e9f-dec2b997c4ef/ Frame D9A3 		571 KB
571 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c3a73f7d-01b5-48fb-8e9f-dec2b997c4ef/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fe4cf4be31252f80b04b22bbddb86819cc2f18998e059fd11597f431807b708d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=1362-585642

Response headers

date
Thu, 06 May 2021 22:31:54 GMT
last-modified
Thu, 15 Apr 2021 19:39:11 GMT
age
34130
etag
"86fff583a9260d22bf5a0cc18705195c"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 1362-585642/5750850
cache-control
max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
584281
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7D18 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=89906
Expires
Fri, 07 May 2021 23:30:20 GMT
Date
Thu, 06 May 2021 22:31:54 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 7D18 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=18223223&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6e42eb7f22d641ef8a61e4eb669df3370ecd74dc0c9c4865841f57037c508659

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:55 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c3a73f7d-01b5-48fb-8e9f-dec2b997c4ef/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c3a73f7d-01b5-48fb-8e9f-dec2b997c4ef/0.mp4
Protocol
H2
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://start.mybluelight.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

retry-after
0
access-control-allow-methods
*
access-control-allow-headers
range
accept-ranges
bytes
date
Thu, 06 May 2021 22:31:54 GMT
access-control-max-age
86400
cache-control
max-age=31557600
access-control-allow-origin
*
content-length
0
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c3a73f7d-01b5-48fb-8e9f-dec2b997c4ef/ Frame D9A3 		544 KB
545 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c3a73f7d-01b5-48fb-8e9f-dec2b997c4ef/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bb5ff41b830d18a69aa2fad2570ff9c34130430d3d8d7e183567c253e22aae8d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=585643-1142840

Response headers

date
Thu, 06 May 2021 22:31:54 GMT
last-modified
Thu, 15 Apr 2021 19:39:11 GMT
age
34131
etag
"86fff583a9260d22bf5a0cc18705195c"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 585643-1142840/5750850
cache-control
max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
557198
mq
capi.connatix.com/tr/ Frame D9A3 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/mq?v=116015
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.99.24 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 06 May 2021 22:31:54 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://start.mybluelight.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
ps
capi.connatix.com/tr/ Frame D9A3 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ps?v=116015
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.99.24 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 06 May 2021 22:31:54 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://start.mybluelight.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
integrator.js
adservice.google.com/adsid/ Frame D9A3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 7C0E 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F6148&description_url=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2705146031565401&cust_params=domains%3Dstart.mybluelight.com&sdkv=h.3.454.1&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=1477365757&sdk_apis=2%2C8&sid=D57FBAC7-BC6F-468C-8C16-547786FAACC3&eid=44732023&url=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&ref=https%3A%2F%2Fstart.mybluelight.com%2F&dlt=1620340312691&idt=1686&dt=1620340314743&cookie=ID%3Ddcacad81cb47a00e-22be7f260ac800f8%3AT%3D1620340312%3AS%3DALNI_Mao0tGnAPiTDaRDUIKwU6Rpt9orLQ&scor=3245569127998139&ged=ve4_td2_tt1_pd2_la2000_er585.506.737.806_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.454.1_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
g
capi.connatix.com/rtb/ Frame D9A3 		2 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=116015
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.99.24 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ffdbea2a5a9959ea5f9809139a0178c725fa9474a88f1cfe10f702bdb35c3cc0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 06 May 2021 22:31:54 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://start.mybluelight.com
transfer-encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
integrator.js
adservice.google.com/adsid/ Frame D9A3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
container.html
dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E105 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://start.mybluelight.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://start.mybluelight.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 06 May 2021 22:31:52 GMT
expires
Fri, 06 May 2022 22:31:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FEE4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://start.mybluelight.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://start.mybluelight.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 06 May 2021 22:31:52 GMT
expires
Fri, 06 May 2022 22:31:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DEB2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://start.mybluelight.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://start.mybluelight.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 06 May 2021 22:31:52 GMT
expires
Fri, 06 May 2022 22:31:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2674 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://start.mybluelight.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://start.mybluelight.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 06 May 2021 22:31:52 GMT
expires
Fri, 06 May 2022 22:31:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame 5959 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
129694
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Wed, 05 May 2021 10:30:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 May 2022 10:30:20 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 5959 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
392396
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Sun, 02 May 2021 09:31:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 May 2022 09:31:58 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 5959 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
392396
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Sun, 02 May 2021 09:31:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 May 2022 09:31:58 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 5959 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
392396
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Sun, 02 May 2021 09:31:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 May 2022 09:31:58 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 5959 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
392396
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Sun, 02 May 2021 09:31:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 May 2022 09:31:58 GMT
css
fonts.googleapis.com/ Frame 5959 		6 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 06 May 2021 21:42:23 GMT
server
ESF
date
Thu, 06 May 2021 22:31:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 06 May 2021 22:31:54 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/9949255321741820077/ Frame 5959 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9949255321741820077/2076313506083323656
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e89e112dabd3964ab457435f97cc6f90d4f93dd0eb2f3d519f783a538370d590
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 07:26:46 GMT
x-content-type-options
nosniff
age
313508
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26020
x-xss-protection
0
last-modified
Fri, 30 Apr 2021 15:25:39 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 May 2022 07:26:46 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/462894021858575030/ Frame 5959 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/462894021858575030/downsize_200k_v1?w=100&h=100
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c33abaf9f5aa6a3183ce6f7c76cfb0820e2cdc1098c7845dec0214fbd2342e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:58:20 GMT
x-content-type-options
nosniff
age
110014
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1436
x-xss-protection
0
last-modified
Tue, 16 Oct 2018 13:41:55 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 May 2022 15:58:20 GMT
truncated
/ Frame 5959 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 5959 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fcfa6aee5d982d83a5f5cdec3c3a0783b23b45cd665658935d2cea33317aef67

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5959 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
28500
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 07 May 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5959 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
889
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 07 May 2021 22:17:05 GMT
l
www.google.com/ads/measurement/ Frame 5959 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRCe5YLd4hNH8CxqhUy8B_bTD2Qh-__PyNS2i3xr54upNqHFiJ8hFpFmiE7qHHjmU-ykL-Jnd-X7xCtDMLWp_Dp-goekA
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 5959 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ct1BNWm6UYMORF9abgQe3_L2ABYzfmMti1enI3NcN7JHiuZUREAEgrbGrIWD1lc6B4ASgAbnZwfwDyAEJqQKZ6G7ZRneyPuACAKgDAcgDCqoE9QFP0NIjrmCJoag2RVutZMzKuyuDdl57gUsXFz91kLU5hsLwUJMutYDjd9lW4FAu9GeSdsz0faDQmoNYtKWUsCwLerxEPfC9ttvLz5OOG9KIuGfqPm4v_lHN7PY23s7AL95mH17--nDIGsDVBOlPJJNLp75vRiOnpFB-WlUBfrfRj-wFv70I9DKUnLP2RyRIqb-Kul6rGOiGcKlg5sa2-O0mWy7IYYM2FqpoHEjb_lYZy-LxJ6fIezoolcxlVE4xVwL-dscjyLwbEQTn9C0RsnyhmR3fDsIG4sBlT08v8FXIFFsl96LrLmqZ8GPxLH4pp-w0oWy4Z8AEyavRlvwB4AQBkgUECAQYAZIFBAgFGASgBi6AB6-mvgOoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ4fcN0ggHCIBhEAEYHYAKA8gLAdgTDdAVAZgWAYAXAbIXGgoYCAASFHB1Yi02MzY1NDQ4NTg3MDAyMzcx&sigh=rJ_s_ciEnvI&template_id=484
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 5959 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://start.mybluelight.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 15:35:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
24986
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Fri, 06 May 2022 15:35:29 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 5959 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://start.mybluelight.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 May 2021 04:23:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
410912
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
expires
Mon, 02 May 2022 04:23:23 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0418 		478 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYuvO3mAEwAQ&v=APEucNUNEm7XAhxVFR8avuGdIZsEI5jkI4eoGfDAcfhlGDE0qYVv0CNu7Clm33umCVuFgpl72qgqtt735Vm-cc3J0H9RUkNB6A
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=COjuwgIQ1_mTogIYuvO3mAEwAQ&v=APEucNUNEm7XAhxVFR8avuGdIZsEI5jkI4eoGfDAcfhlGDE0qYVv0CNu7Clm33umCVuFgpl72qgqtt735Vm-cc3J0H9RUkNB6A
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUm35hAwjlHEOHPM3k_MWXtuOqt8F5LQPehJPyqko9k1TPHXmhZs0GVYbZ6G53I
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 06 May 2021 22:31:55 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 2674 		24 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DN_jdG3BA-2dybQpcrEAw78PhFUhcU21NlrWyAyGcp-NPGqxDC60olAhacGDchp-slbB7wxakqQ4vYNpcjz7IeSssYhoDH_0u8FA50xXNdfuFKajCj0fCjEHLJniQ7or4nCx7XcbpSGcRGBEeQSrH-Sk5uAw&cry=1&dbm_d=AKAmf-BUOZVnj_5i28OlMMua4VrS3q3WDHkYh-DbS7fd-rwZbnBIV7AqEp4ZXyEbquHlJJemHkFpvP-clydFGytwczd9dTsq07CZpOJWWst30gLpoiMVV8K-RXLFL52pSOdSMOqeqK-AMcsY2im_fRDhs63JcftoeHWXmneJiRmjYxHWfrKV1NZWZOhWMcjxAgF1feEkjcxJk1G3nI0Na32ivmI2lZBAAFGbkwbK30a_Yp00nmVSTKnUOupFJdOBgsvzd_AGp8L7x0esQIcxf-cv3No9J1AzEDpWMCNDu75nkoUszB8ilJFzVxxgYA6MXRIplWHF0VcLgDM--7tWUCy22dsDH04IHA4ikGC1fF6ZgPbZI-AKqYa2GP1DeQDCT3Eq5EROO3g3C7sTdNphBHavswOo7H2-SMDiOkEHcj_Atfb-VYq4VJXoZPYjgE-uuMq0bMj0fzr5TtdaAUShAzv5xcpeqmDDL9w613ywa2ZqIQVeNaLWXZFbZZrX7KOhTEPiL3iVPf-fsdSQwg9ehRb0iI_Waau_iQtpo_Yidt_XBzEdKQzLWI4Q22L_meUrEXEKpP671HaRwkCIAD-6HWrKN9pQulAfY0XtKmWMs9elaStyQ8Ubus5u_UvB6vIsBQfvbGECLhKagT_GRKK1BPtskWTSDq4k5GlwSOEpb9P3QtCU8HOSHTR8NibGH7Yv_IEIgJMpAdo1A_kfMoR0AuUcIsgG195HBE-F1wf5HgIE_8j36FauhE8pa9K91moHrsjoyp6vjkaOt0kMh5MeHD4kC8q4MmEaEj4-J4jRXxhHuvG5wxMrbwq_8Vj-0fFvpXMmQX0uY209o6jk2JvoJOMvAA0rqqCt0l6FMcXZFmYmnt1dpkZoXuxEjEXYpsmTlImbQBMiGyvgHXRsyqq-0mSHOj53rfIzkGXI_myGZKGMJWJD8_hiBfwnZi2ELVfW2c4qxsfIbgb61yh70G4uiDp2-tm-qb6O3FRoRMmrc8Qk8L0_U1fydYMwSy_xTM4bxpYMh9g9vU5uhBnafAraQICpp6YOzihmxabfNBGmfW_PV1aTFaf9G0DEwzCtQaMx6TofphA-2_wT9WUi4FCC8NJcjdCPGKJYJZ29qFZjgDqI1UQdYU7jkNs1lGNzC6bZmBMWsx322IXKZvCIDRyKJC5Ztr6kysBnkRMRaXPnBIfzHcPzZBgZ4QBtQ9Y_nt3lNVxf34VU_qoUvzYeoTB9zdv3zFDhJCSjtF4wqEWYGCq3sMyOU4sEHM0rG3dWx-dLQCL6Fluok2vgXoUSd0uplJpPeGsPyUXoujLb74ZprAZfqNwfQYeqRokbfSOoxQzVqe-aEWgso2iFKDe352oRDOCsQ4bBCBqXGuAIMfzq0tF9_rqOjLVKi-_PTWNRR3ctP-gISb4lmsc9uBgvRolDaYJm4vRn3mmN_cBmPOglNBdvJw_cWQsQjWUiRhK8SH_2ANJT3d-xKoORkvq9sTELt_uoM1CJNXQgv9FZfWlT5FzZzvHH8rPtEEVG0Bi7kAzivkxmFlXPX9y0Ap4YNdppCVS0NxTsyKFhAzKNt5Ni23i8s4yCMUkWQ_7g5h4aCMRn-88Dq4YCmmIQy7lHnlTBTxO7vWSEq6w_8cJ8cPmfTv-EXC6gH2VkZu3ruuG3fp1sdczdMp8nYbLoLeJ2XBw9ruS_pu9dVqY-uQ9S0-V5_YOGugoOCplpC0iD3tnNFAqxSUQk_LOM6e8U4amdXn5YY7NRW1NHXkQQYuczocV2zqBcGRLbmZzBEIqaBAB1IZBHQBQO5czxVHeiHEaTGWs2hH4MK9crKzSFTlsfrJeCjdMpk5JJ6CXoGfD3TzJT091T7nySeXTU4Whhf7K850W_YSQqeddi6srQwI5kWlL1J6trKvSfAFV3wYw0Fi-miROZAElE-DTgoZIHZ6iiOoo08XzrC7Nj_s_USPX-ZJlhoPeGcCOIy_9U2xJ2VkshYoEGCljDSc_aby15OM3tvOV-94U6q-_yKsLMiOFUPx2WEaL5lM_ZVZdKVPzKBwSR66OpSrvZhAUJ8swaoOYcb76KXeQo8r8ZiAoYr_D6CY2seIozJ9a-EEP41-7uGUPrSVokMYwdcn5UH5lSmdtbJAB6259-R_nUVzUeyMykSrfjnkEQAfw3-Tr8KvQ18UpZzR8Zd6sL3uumsjCv5Gor7eE6rkhZuXGzUi9xtBu2xtunTQlxII9kUIFI2jWbU6mXCQkJVvvFmlP7D1OGTi4W1v1VqX8-_gPDvMGZGlkiGlv2FJlhiMM4yYDxiimooe2ktHoF6W-oJK3jRZelSV4nRpkRWDyknY0bVIiT0MsZwxz_9XHZNj7Khk9RJ5dZHMu6I3kb68UvkIwf9nuRRBJ8USZ830MmIkibWpyeFjAfyk7jJgZCgRNHepRkLBc6PqI5iuYiKC4tdVrwT40RXLI72D6nCrHfjxGaKNBu5DOQHhNSY7dvj80VgbG5SFNWWNTNgYtXZaMtH80xthfklhGbBohirUf95wc6RbQk9GsrmgZwI23UuIOlQM_xDx5z51TJ_plEgKDQFxK8T6EL_zBl7pa98gTI3t_W0-Ir1tbi4O0fueY6xo-jf0CF-4DiIe4HJKNdeMO4EfhUpeAqkMVeGib3PbgK_QOb2_4dXixM_l0Ve32PVutktiYeN7z6FNQ0V_hKZacxxFV5NRSAJbbA1wtHoBB1Goka_pjWkBWtYRKKRTvuVuUgNBflgdj0gWLDATN-46QYp1UyEAuSdksmQZN1_d4zhTNOlg-RcLIYVkvFOSiMfbm-7zSYBxYmsRAXnYRpFDqOA8VjzTn8APqnM_VX4VoCKXVvcJFFV3HmViDbxmJLoz3VxRwhqW-_-A38joZttUunvWVtUUtpMDWSgu5DOaSFtBa-pMGzKzgXCuRQQC7NoIsJ7X6BHMJ_sngLvYTLxfWHWQunujxKAx5NyuQZ8lAZNTqM8KugEPmGxlWeLCvWvcHFIOLkqir30GmOeo9AcLr8N5jiT2z4taMkGGtJqF8oYlwCKp4tM6n8afEKM2njmjPaFzwL0NQDfhtV8to3mGFY6MbFx8s1qxgQRvLeZJAZQl2CiJ-cGqK0_ce1oIZBiilK_jDR11hq3BmIoGD5ZkPurwXGEt3k05iPmjnl3EirEKhufuzzFdQ-HyTIR-rqPXvRmyTxgnq4frAJi6bFvA2HvlcIfkvk6biCT0SuY7B6DU-bI_dtpARlJiBIGonmZRj4j-qEXLhATb4iKU8nTI6-hliFWTj2MvshoyfelvABkpsOZ0jGeYt8l2FSk7JfCmqSxHtYJ34koo0uM1DdUX24omVWdma1bQi9waGzhh5FBXJrpD4fna_YUV9o94VtCbob3Orz7W9Rq6aZrxnJvm2qXR7jaXQ-8kWVvOpZfEMgtUnAji-7fKk3emTQGUT_KHto9OLzrsg-1GTYoVWkFuKC9Hn9zxnDqoM_f7s3Cqw8SbSlxdPBzlduWrQsho2aTQO2IompJaqMTALgTBQ7iNrndosyvlimD91NgqvNvnEWYs5aEqDrRQ&cid=CAASEuRoN3BBSeC1Z9KHhfFStb6WYg&rfl=1%2Chttps%253A%252F%252Fstart.mybluelight.com%252F%240
Requested by
Host: webmaila.mybluelight.com
URL: http://webmaila.mybluelight.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
86f84762dbc511e4c949982921c7a7e649036d9a942392a28881e8dab17e6b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12155
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2674 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CuBQxTGjDIOhUHPkuX1nPkB3HgAPLnkepfKC7HMZgv98P54NNmcic90_07U30MecfIZJ14ryMewajaNmh4O7_xcfJKaHsCOaC_FuY7721-DQ6sVYk
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.js
live-tag.bannersnack.com/iframe/ Frame 2674 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live-tag.bannersnack.com/iframe/embed.js
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b83531b52ab388ca2e41c92b3e5916127ed04b6286cbe1192c802640beeb078a

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 07:24:07 GMT
content-encoding
gzip
last-modified
Fri, 10 Jul 2020 07:39:56 GMT
server
AmazonS3
age
54471
etag
"30f5e3d9a15d04b0cd044a5a807687d1"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
960
x-amz-cf-id
oitP4L6BUBorIOC5_13RTi8wsZDk9TdyAF_Wk9STcfn7lZHC8R2DKA==
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210504/r20110914/client/ Frame 2674 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210504/r20110914/client/window_focus_fy2019.js
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
711
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 20 May 2021 22:20:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2674 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8a504a4dd65ff18b978b7bfb1d43a60dc8b17c09ed5429ff54decfa45a52d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620214045155586"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36073
x-xss-protection
0
expires
Thu, 06 May 2021 22:31:55 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210504/r20110914/client/ Frame 2674 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210504/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 20 May 2021 22:30:29 GMT
l
www.google.com/ads/measurement/ Frame 2674 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRTziB_6O48_aluGsZu0g0-7Eqvm7SBHJRM68kpMOM8kIKHL3pz3fao23dEG7JXVr6KU2sazHH0rU6hd6lv4BVr7zgizA
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame C5F7 		478 B
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYj424mAEwAQ&v=APEucNXEkxezedyxpL90JL5P86PUH4UetfiptlZqLyaPriubkYDqzpHUp_6r_PWh4whWIBN0IsKpmgK6oKgt8AvZnGVtRJMznA
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=COjuwgIQ1_mTogIYj424mAEwAQ&v=APEucNXEkxezedyxpL90JL5P86PUH4UetfiptlZqLyaPriubkYDqzpHUp_6r_PWh4whWIBN0IsKpmgK6oKgt8AvZnGVtRJMznA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUm35hAwjlHEOHPM3k_MWXtuOqt8F5LQPehJPyqko9k1TPHXmhZs0GVYbZ6G53I
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 06 May 2021 22:31:55 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame DEB2 		23 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbbfiYu0c11bwNv3MEHCAyu_dycpGaKDtWUwfW3fnLHeSrJ9VaUS7okmuC9MEDNjSi6Bgot_fNoZ1B6132yGt7it_uI7q7I26QTSz-tkuSdrPTXecwLVWjd5fqdLtliOrzuBc4EVT50R9NGgGATQbYmo2qtA&cry=1&dbm_d=AKAmf-ASHMtg3isH2mZx9Ngs0OovbK1XT_ZNubpGtNkT6KiVf86YylN__R0f8vYy-_q7VUMHgjHfOpf481wgyUPg0gGQFr3XHiGIU_2PF7SY1ipaV_LAhRRiIvrKNtlyApSku5I-XkjR3QAd_hqAZ-boZqIVtAkBk1XPravhC3v1kfwuDQcN99or9TkpHkPH_eFW4FWMsbDZJKfWM0vnVNJYtFoyRyg5Erj7I4eFG7z2rvaHngWu5arkcWjgFNGZ9hF4_m27JGriNKQJi8FHrggwUGMnNi6gMj_7KiS-sOLF2wm7fYpB3SIWpbwZMiZ6TRQb7iVOpOUK7pL_mBFbkKjCi8afxdpTQm8bTYu18mdhg9axOR9E5D_BbYu9Z4ghLxHiFo0cejN_NwYOCyeJXFonnl23DucTkgCwTcKQH10p5NkE5LuYUUDMeTys_muLi21lQXZML9utk0rShunerH4GGQ_9iHwd9MFgnJ1xUi28cf25-62GmlLEAwqEb1qGhaHQMEeI_KBUe2OcnzVf3a56iLhDCMtJx3VeWBF5pKlRUf5k1mJ13YNcY5mdC27DxgWJbZMhT3zogclG83tzQGknRxc7yVsrSYVU73ASv6kClZYEhoo8iN1kp0y-ymMTujnLxtRlxdXYnOvEzLId6Wr7gBgZVtDIcr6m8qrGMvYfoZ2gNDWpZ9_ywR9J0vY-93XBWvUIAlDTbTTFUvAU4WxBjT-FBa1KdqdTsMYbVxq9tiSv5KlG817HvTPawBXh31FgtKKTIBpWJGV622HzxCgmc_tXIyoRH0hygZD9xok2FBWs3L7Oy2SOt18g4m7xUxXxAkkSfxBE4TdcE4ztHef5ngVrXUPJdsorHw7UGqsyvz3Bm75osH8G0V-smJJsz9TOVdNgr-tu3bIfjnuhpXUFbPqPXW-QTQzrz3ztEApu21MLQ0mF283R0uKpib6y2Xa-d5TX48VSwUILGokj40dwvXiFEonAnjz6g37uYdqfVBy4xXz1m3xnWNKAwjUQBT5o9Td8VeAj490syLwltbpbJCzIimwzaueZDvNCzuGRzape5_7nSaxX_XcrDfBGVv0sKYYS9EdUns_bw3H3nGf9vHZn2snTTbpS7CEfyIjofninXUtRoitMqZ0_yAPv_dbzo3eqL7yZPDGnkgDt80LtsyK_Ybgw-pr6DdyIVKJvhYmNj7lzzh5KS59RD2M65SadvkntaA_UwXl8Y-WYMBPBbky2qjqaGwhirVd1I4w0jNWBl50gJjoPlTTWsSthgW1dZHdddGIpVKZmoA1AYgs4FCHzNw-PcalpvNX37Uqp2Ej3fdC_ZmZ1FymzoXdhDLGrfI5TVqhxpWRR1HWiE-0oQIxKCb04PJWFDgJiZNjAePNj_WmTwHbS7V77aHOLhY-b1tkzxgpHZNipoRBAnxLHr8EMo-9fhRH-1QnoyGaN_szrUbTm2f6tbc07Aznl_tuA5i1Zpw1NRNuBguF0JU-LIbXgChnO68haNPdRWgnx3s1MwT0S821KNUTiopnTPhcqug0YQaXBb7NIrrVfUzPa4igul6pXdHRe_-kDRToAnc_dHh0Xki5f-ijDz38VZAefPOFIufcCjvPS-7WBK6UxyOG-PolG2O8EqdlRuekjYEAiF-yUsvKl_s31CeCSNcD_gQp62iAXcwG1NO3wcSsKFPebplxFRici4oC9xkLQlG1Zs9_5TpUhjYqsxYXGx15DCS59Jc4woIHQmBuudIQadb-zzvT7Gon0agSNPbhVAsVkJYF97hxWfKVWahtAeTh299JqQ2Ryp7W7X9OwQsJh0wOWQKIERwfCsB1i0j-fKTwpg-Hy1UGCJrOoZpJOVNTn0Q2JJn60mZe4a-342c2sPGGaVjxSIdb_Cvk0Q54AYP9S3iuqIvOqELGKwuQnSM8awbE6zrY2iY-TRgNMnlsgMxxeFSaldzCJyEoqd8PpSw7z_EaQ92umwK1-QRFMIeMisd6Z0tZ2s1EMnYgK7sdpVwgx4OpxpnA65dmRS78MQ3zjM4e1Mybi7of95ewzOZQm0sYRRCiT7fqPELTEFKzCTcE57cw7DxKJF91rOr7-L6elO87r4LHup09zzjgIY48Ybwu2VtGcoafZr4fEEEAn46BAk2BWHixT9WIdpHFF0o7yx5ga3GykNfTq783Ys76z1gF67TjnaiOip55FO7IsznG2gVJ6xt5XrJMt9DYwldpGnS5Dlu3OXF3wV2Vuw2Ci6yR8SstZuN0kLLLVgpdF9HxGg7YM7ynr2QbQgPHX3bfzOQpSC1fMutQD4AC4HJL0K_Wu7bhmm2uPAnl5EHCW4w8XyXg23fPZ2BQnrytd-LvsyJ7EAjAnMMHVmZNPmKA_o4Y4K2d-OF67GxeC33owuDh8yItuX3pjOGI0xTluFwFNBHMyzKP0ZNz5XHRWmItj83cIGxtkrfy7H9flWmKCHcSh88-a-qiHB_K0ey4VIJlXA9l3HxT0eKvTq9jqpRC9vcBwlIVi8h7f9mykLcokO6dra7O-d_NfUd38V-1pcIfcsIWW_PHGIy0eGbhFUp2rNaLt7yw4uPyADT7vMxM-7fXafCTXts6W1DB7ev61YLR4_dhLhZk4qNPQ2cd0BhwnWNiymOoivrO4wF3rYBwohRwVg3b5OVxHOsPR0dxUhGfnMgkx3XmwAQm7JIj7HyLWAVU7zKT1h_VD1076M0u6xFWQm0xrPhzz-t4ow9v-B84Ty7Rd7WdgzrZAIVoBe0kMdct2GntmGz2eRm_nPvOFtAV5-wn1yyYwLpsYmDTwSJyL7GR6vXEQPGe2PrjfooVNO_QK-1g8JdrZjsHiaHJ1n4AG5X8l_Ux8_3PmJ104rWUXgXMd752AMb81I1-ho-rkT66MBYqGGXq1Tomket9BOB_s9234nIQGUSDrCRB_BJE0WQ9hq95mKYT9E83ObLZDD7c80aC9MJBQ4mUgmb5A_aKotYfzbuY4KSpXym_5393VabFoenPPsbdGqAe4c8tALbwPQpu39tPAYDs8O7O5j-6yjVPxPyUkA2NUlkyIHTdY_ByCmVKYSFCaDxs3jNTJbpTN7mPC_QhSiTTMM-yUiwA8Y0MAKWV2lZkO3Yz83ohS8Zu5iuGqJiAfEo2uSEVdPhz5iXaNddpoCTbUHKjo3KuVZOt8TKhT05XCn972w432gg1LVTB8JNk3KUP8NTrX3XPAFlVW1LmIQsFJzba7chW5V2iVL0AYuFkxB16XNkhgEe2LzX95ukBKM9ucnKglDdcOUK6GrWGOencT1jDE9O1-84LWSstVInFx1QnDp6mhdSl4IS98-ChCJBkcqxKdeR5JQZ1vdiMt2RqQYaCcdrRLFIRvm99LWg3w6pg36UfaDNwSTh-_IZP8qWOtgG35Esw068c43WRulSlDMYjSdinQw0aYGQitnWKxzIum85up8cL3G-IuFd60GySxlMybsl7-rn5oKXqB8tVjvW_dgwnlw1yyNPGhOFfpRuxCbc7VFk-HL2Yg3MbwgPeKU2htWFEjG0W0dobCNn5w1ZSLZKLAGGsAjw&cid=CAASEuRopA5rDjHBkcTzvxbzbkv4dA&rfl=1%2Chttps%253A%252F%252Fstart.mybluelight.com%252F%240
Requested by
Host: webmaila.mybluelight.com
URL: http://webmaila.mybluelight.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
21010503bd5a4dc8a583e1cad55900988baf2078eac48f47f2fc2bd309a8369d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12114
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DEB2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DiUprJ0n6s2rYmMuoX3-lSPPDyFRnt4QKQyE5HAfZB72Twvxvr8fEbz1DqRo4RVZgfp7OreFlSVhTfOZz_Sg7BprJCOMrJCvSX1yH5aprcs4-neKs
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.js
live-tag.bannersnack.com/iframe/ Frame DEB2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live-tag.bannersnack.com/iframe/embed.js
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b83531b52ab388ca2e41c92b3e5916127ed04b6286cbe1192c802640beeb078a

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 07:24:07 GMT
content-encoding
gzip
last-modified
Fri, 10 Jul 2020 07:39:56 GMT
server
AmazonS3
age
54471
etag
"30f5e3d9a15d04b0cd044a5a807687d1"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
960
x-amz-cf-id
sAaCLt9YXAYWyEjEufje5_uZ6wpi-fuhgzzV7bc3SlMLNuxlCVaqJw==
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210504/r20110914/client/ Frame DEB2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210504/r20110914/client/window_focus_fy2019.js
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
711
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 20 May 2021 22:20:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DEB2 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8a504a4dd65ff18b978b7bfb1d43a60dc8b17c09ed5429ff54decfa45a52d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620214045155586"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36073
x-xss-protection
0
expires
Thu, 06 May 2021 22:31:55 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210504/r20110914/client/ Frame DEB2 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210504/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 20 May 2021 22:30:29 GMT
l
www.google.com/ads/measurement/ Frame DEB2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdT0suOfwzvTJ-Ql11RNiFpJrYPYJr722uTmTqlyhfCeFewcZj1kBbVJ5K5osuJ2zZSR4TQZEdb6cLu4tC-xYawbnR1g
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5350 		611 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYwLW3mAEwAQ&v=APEucNVZrugIIKpjez1AJ0KAERRQIwBTERFfoXmTumaLeP7QFXk4FXQE3x3uwsakDLBdrOm_dd-jq5kvoCrr0VWmlzIlTeph_w
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=COjuwgIQ1_mTogIYwLW3mAEwAQ&v=APEucNVZrugIIKpjez1AJ0KAERRQIwBTERFfoXmTumaLeP7QFXk4FXQE3x3uwsakDLBdrOm_dd-jq5kvoCrr0VWmlzIlTeph_w
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUm35hAwjlHEOHPM3k_MWXtuOqt8F5LQPehJPyqko9k1TPHXmhZs0GVYbZ6G53I
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 06 May 2021 22:31:55 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame FEE4 		23 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D9XuN2GFxkXoBDdTvTF-Ig_OvGZtAKuWifgahbueEuzPbs2xzjXOn_iwj2AO64-b7zZ2b8GBtmJEuplZ81q-DWblwCZ1GLXGDKIIoHRFzQDzbkj2IoUQq6yvJkqjGIcra2G6viPAlVLfZyu1KqXx5ZnUs73Q&cry=1&dbm_d=AKAmf-AseQZJ-9QGjknLZ14WyLyYbq40TghuzyUonSp06CdY__TiPsBDWAxZkxDFw5abyGoUnxCQMnQIVJ4yV_dfxGahBljqKmQYRZukYPgdsMOIccLOs5MbfKASovn-vfdtoXDZGxhQJ-f6gwOI79K_asV8KTs-ymlEqRKh0pRndyk6IykrWFy7EpYnskTPFwzTM9j_nWtI70s7Z6bKWBG7fJyoR8g1xZ_BZpleIiITRMP5iBXzp8_z4D9NR_-Km3PRibF9i-OL2uIbMIEDJr0sbrH-xw3YcImzZhy-in1XtMmUtF2Ny63R47BFXnzprdriCT0i1ynVuDEUGAIaZuHg4lxAiGshqTxW0NkDtiSuhteTthBKcFGRBirogxGXgApWufMmmYcWR33Onbt9dx-eLVXwu-XyiPTuIU-ms-X8PWPxmRJEgc0_OJ4jl3I7OuNnNQD5r3CHBWijr-yd2FQA_z_kJS9-lwjlrAZI5oKi0Kx4gxk6lc77kqYwz6djjSfs9KhTh4qyNsefegJxcf2Gt594IwGaqQ3ECD-t9RcmrK0z7kdNQTwF494JEHPF78gdmTzqTqpljIuFOiU83X1gjKnGiD_6U5fwilWLbKEtyP5pq_auMpcoqR_rDMhtPQQ4Q3X801rjhyxbXD_9JS2Jf5WfcHissFsRt11q_cpuqybE3qcYnRPF3RrXcA_xPBuMHbwUvIIg5FcVywiC-iC8WGe7etVt_HPYLAVqjVneL4OOXE3MlAg7P_DY9GdrRvjiXfX7Z60XaO2lZ6UHuOS0noLD59DZRT0ejzXVuaP3F5m32E8A_I72JRGwYZwYEyeXV2qwa369If7gZje0X4HxtqsMBhc76BUqUxSjoqzqxkyaDKwLxZHgU28wotsHLsXpuckX5EIs5TS5lg7Z9t2nFU0-Rw7Md7KntwYP29TYyssVbEjCl8OCLQHSIcNm9hrqOgx9zQRTmDk8DoibMVBne7daNKwh2PvYPV5zlhnlqQYYbPLPrj2m86GrFeT9leSxx3-NB64AfngOg9DcU2A8XQ6ViAs51Sa71fRxaxCgNs7I4e8LaCKgca_mhNYyYHu07TyN_Dmbh8gK54htoyNatO2Ln4xri64ZCNuB-24fXa-BH7tzzyHZ8_g2DOpLM-ldYXzIQ_LnIzFcna5TYGYKpbH7jSr_Ichd1_RNZtmQEMUwABOu6lnXIKZGw6g-sIXu2pNB5J9WtvkhLQIx6idcIUEZl8OOz7OLy2o_YnrIRt7fEd9BVB8IqotS0lVWDuZvPXSOoqO717x1ATm6ncOWwJvBHuGnugsb7b1PEl3jz_7p3yZZmxpWPSGfrG0Px1M1vSydRGNHWtshjg_gHjG3v_ntfVXX6Di45lPDdDqOGv0M1k_uMqAh_SsECdL6XXam2KwdWGmlQT0Hh8w4vrMNj1szR7rLie-br1RZOboa5GUfh7ZKHdgiSuGX5oeNUoxqeUokH_H9UgNEHYhGvNq_JqpspRBencPdhEDML4-ud9Ii3VT77K5keKEshypsK2kUEuSJo7GNlrBVHEsNnKdPgiJ45CMX80cJzdTEG-Ql8qFR9eyw--GLzakb6jDR0Bm_-qNKf6oYb8XwhgQ9gk_3O0B5GaL0sluwbi8-FhIYLw2YBuwr8O3WY29tz3WGQRgSJEs3EOtQmdhLig4zT68lvRMJby6QoFnwzODp0zA1CR-v9X9x7lqmHOsE6k7IULxXjIc_JOgGfIHZLH9eYnSKnkA8_GHyHU6j1q8MAPvRmpoJYj9NwuH9s04cAn7GQ8e_QOC4KF1o7yFSPmu-6reVGFyky3NUKMIWPcWqWvvHkvWSDu63qshlpOvvC8Bonf1650ctUA4S2wWe9grV5K2Y-CaG9AdvvtAbDRHmsGiBcvB3zrsOIicJ8Vz-Jd83jJPFWrdGRSHMi1S1jHqMnmnCqlFx1jWjEbb86kwnMDQo_0j2B5QneTb_-6zDomiBVVWuNShekfaSdN1ah9V7EVbyCwo7-YGlWllZntzXhIUHI8RN5h6LjozRix1LTPe9v6zPGdRe3wvSpQMSINUNQPEMkX_MXjSETDSVb7sZ0J28lpua7FcbaGmAQmrtALJJmqhPMFnb-DbOS-9Q14MLxXfoqgyRm8e6vtixsW6_qj2ApfSZj1QlJ7pM_kUZRobn_5KP_fywJXlY3jYdK6DEcyLCWuHOV4heWEX4oDUoM8ycT0rywCd7LDRBgoqnAkRhSRe3f4p2oTByylc0TmTWhRisxAxpFOrcfjfvPf8wofsxLMjIk1pHjM-de_bsLfQ6pg9EzETZXzEso3uTc61X2BdaC3AGnAHMNJJubuNEGvg2STEXwxHLgHFAJZZ9KGPbB0IfLU9UIGZjVbJCT_FhHKHpVqkniZ2yfLdVBJk3-wdP2P1flv0EnVPVPZFDl3JrplWK120v25s1vwVtG7E3ZkPCcdTx2jT4My9VrZsNAGv4la4k9sOAr3v1ntqRsRV025iqYojYj3q-gjgQAgXL3LEeUlGtSqqNGb-WOqlG4XYe1KMk1No4OLsRJVzxcBaK4-g-2orEV-K9_3gQpJb0Pw8qE2b20vcAJh195VRAk6GnSzn-nlAWXAJ-O08aakud768Lpqdpqthw0VlIBOCR7uog6FoIW9gOimnwR7LgekIhH9GT3P4Tsrt7qy0TAkhNjpcdsYX9GkUil7T_YZOVAMk6wiyuFUy44I95WouJ3pyk2IwSlp4hXutReuuNE4_VB85tDNaZmNPnP0AsKJVjdSMb88wcRsONAbdnAyxeskt0l0l7AZK7fFILRl4DfFkdIOZaXe-5MVoomkkGkIKM-V5sWD1_CtsIUozmtw-FC-5-B3eMxeAd0txWtCHPQLveKVn-tMZbsLbTR5tGCguYTejVJaMH1CoB3T4WOswC8wzOK3gqtQPhdo8XsPmTW8koKN8TOL4f5jVCEzNlt81v_nxrsUubtSDOGNkJSuPIWnBNL9X_I5n-IcLZ4rnVAvFPFQ8FUHj_PepOyMVbQnuJjKpIDSOljvC7N78GU-eTbwWePRWkxJugNmevvTCxXyyaWxGP1SzS1Zq8fdT6krNYFGLT2cMwgaIDvTpnEDXjJwk-IhKoHjZUeqHMySwek5Ck3iS_GO8L76iuQIDBw944ivPo2NMRNMDNLqEsUBKS8Yk7yPqO_VTjVlJTniH34bSmcyuGuODFauaSTV6JOf-A92D3puR2ogJXsXq2gD8kLxtM2aVQN5Leofn6f8bpzsT1jVPlPjc4oa2yD2aZ7pvHfOBPkqQV6dMP0wuJY-uAzjIAhhYANo4VYfzuG72Xnpa36z9AU5hu4gA7wqaQSoDrHd9hqJw5uxHVOc8SJxskrHyG1Bn3fuup5UAjMj2XIReIFjddj9Vywh3SQ4VnmHFnPryqCIodgl-6dkCQEkyU0Iqj9zjS_VOiLpznSznsQb9ByT3JtGNujn405sXyB0oJZ_rIlT58wD2nQrN1Fkb5Sw0YHnBeR7e2BZkgFuasN7gQq48gM5yX89Pe&cid=CAASEuRoyNDecGgnwBI669VZLQBo2Q&rfl=1%2Chttps%253A%252F%252Fstart.mybluelight.com%252F%240
Requested by
Host: webmaila.mybluelight.com
URL: http://webmaila.mybluelight.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
8ec2aa4cf59bc0c7f0e39c7b2ef1c982f040478c9d3c3cbb9f6bf3e510831c87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12064
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FEE4 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CRPSnNVqZ8pjRd9azKadi4Jf00K1YQzgg3TwAIP1Rh6nOfyWQUBpSRpjHVErYPPf9v9R7MRBk_5Q_xv2IVVM1D5DyXghikmtfJ0h3MYiTYQWpGFY8
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.js
live-tag.bannersnack.com/iframe/ Frame FEE4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live-tag.bannersnack.com/iframe/embed.js
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b83531b52ab388ca2e41c92b3e5916127ed04b6286cbe1192c802640beeb078a

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 07:24:07 GMT
content-encoding
gzip
last-modified
Fri, 10 Jul 2020 07:39:56 GMT
server
AmazonS3
age
54471
etag
"30f5e3d9a15d04b0cd044a5a807687d1"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
960
x-amz-cf-id
77LI-u3H2CzMoa90ua4D1TGYP8v0u-8LvRSOv9tppsbFwY8psctsMA==
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210504/r20110914/client/ Frame FEE4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210504/r20110914/client/window_focus_fy2019.js
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
711
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 20 May 2021 22:20:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FEE4 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8a504a4dd65ff18b978b7bfb1d43a60dc8b17c09ed5429ff54decfa45a52d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620214045155586"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36073
x-xss-protection
0
expires
Thu, 06 May 2021 22:31:55 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210504/r20110914/client/ Frame FEE4 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210504/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 20 May 2021 22:30:29 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3F49 		441 B
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYwLW3mAEwAQ&v=APEucNWM525ftULsOt7yv_MAh1MMOUiB_9oLJ6pct_UnDAexNrQcUIgCat55LPusBif5oSfIGNB4yEb8wz2177wStC9T3gdw0g
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=COjuwgIQ1_mTogIYwLW3mAEwAQ&v=APEucNWM525ftULsOt7yv_MAh1MMOUiB_9oLJ6pct_UnDAexNrQcUIgCat55LPusBif5oSfIGNB4yEb8wz2177wStC9T3gdw0g
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUm35hAwjlHEOHPM3k_MWXtuOqt8F5LQPehJPyqko9k1TPHXmhZs0GVYbZ6G53I
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 06 May 2021 22:31:55 GMT
server
cafe
cache-control
private
content-length
227
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame E105 		23 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CgSFWAk6x3TtlX2WnT9SP6UAjVK600qyUDkHhFAJTrv9ymLY_-GZXC614TZCSRB4whkNZYbwCrZQxFsRydUVLwfNM_sCJbb5F8JGmCezHOv2RMEGoebupCCNpdGOjhH0zlU7kJEb5O6mkB793S2u0YViH6gQ&cry=1&dbm_d=AKAmf-Avfp6TJMnPafg8c8bsjw05pyj7Z1bFjgctb5nYHuPuGnlK5loVFSag5VJYRlpMZPXGjtSVHZHoWY0pSHMiPFE3nPD42uZlHlztz-aMMhQTEvuv1Ij940hdyqLPhApxtZjajXC04DCdtxDY2zzOGHQcVNBtGogIVLGPPTiMONW8Zm86-D7WiuqGAGBx6O07CNaclK19Fx20EA-yphdkNXORw34kwPVU4ZyBeLGBeUpfvDy5kLwb0unJ0RV_xaOOLhyHek-4JcGz9GE2aouTCa922IRKh3bVw5ywaPczoxqxYCv24IcflZSaZDsyg1W_y5FE6O0Vq-dCKXSyjLTxlnXz6PUSHlhNfqDh2L8YdktNi5Qb1ZvR6TzMeEgghfkvqPtrS4lKhYkg15eHI4heHjBYHuXNkGfx7xz_GpPSsdfgw-ax6ZOeFJoEjgY2MCepVq4Fl1I3h9Di6GBdSR-okLlZv7JGx17P43BQDnKuxiafKNM1bAeJHoOD6jvTglQMqh1YNux5VahUtiRy7cuQ-7fzAArtBMuJXDiK415j-0aHI1Nw5kS0V6W785XfRdq35rWTskoVAYngzQXfRY0lWKUdcSkHNgRbdFn5_GrSUCcAMFcUMwJ2aYGem4ntkmEdx0P5g94_Nglp4Yc5WHUsRTgu3YHKZXOdFn38WZY1iTnepVgwfk-qV4dYYmbPvEweUf27EI-8XZffI0ZJJ1J7KpTmMs90iHp6ozT5q0gnlCGQr4m_RDnz8QNJGp0yyMOfAFamw9RmYPjQQPyizjZNiRBMY9Fm8ia0FNBsUYvd0cEIdX23gj1fPs41SIpmpSDpn0XPRlhxrDUr1nxo0uQXB22wKV5fflgawqy8kc-I3pcTW4frFgYXpW40o89Er_HUSLYthPNfEnBwrlDvCOsM37tZAo4NVmRPLIay5L_BZ8VzWSN5xBC3l3RbZ2peHt_ejWze7D5NjFrbQ1FVJ0ovwAv81tdubcwGT7IYEjXfDdTQT5ZIMwvmbkzC2xHGCOrOurRNO0oYtHGdp-QYVV1HVZFSfw2YoObRuV6ruB6oxYzSQGxlMgvehFG9SOXtN61e4C-pem-JiX4w314QZsklms7dyCYROI6X4FyjwMnvLCUuxGCKcDqdg-Fkm0UjaJauRYtF9KNGiNlcCxlpad__Qjc_7pMwVSituG34rTQAXeLqItnVWMWOMe_sALsHRRfZW15xZ-qnYqxGy8VsJCJOHizdOh8aJV1uWvFiD06OLkTIrqBFpJGYs5x9SRnmeef1c_6GrWkNgEDxjgMmjKDBy1uxK1ycG8uxLZa-lRwHOksO7xZLfCrQF-V2xY2P3Ux7zO0Yqo3CfeyKdV3U4iaSEibpcPibECqKQ9xocrQHjoXB6X7-vVF8dLuHL5W1h_Xtl9PDYUsoxvnwtG0GmqaTYoo6cTV7HD6jpHW9UT-ZpCeMlFEJXvZW6zq4_iF7jIn_HXOO8GuprCInQjNEKP3VcVHhoYW24y-mH2wWbn8tfDUnKcMPZc-j34E6_Yh9tNRaauK0IIbnOvPkFmCbBlNOvy6SqoCM3pvymh13D1WJujG0jvdqogTmw0xtW2O3FpBp9KJqP2QStsxuQNqWDsTYwN208Q8qfykm0Sgun8MXVvDkYu51PpmTKiVhQvrElgPFMqoIHtM9FbHas0DLlBrvRjZsJy10cMFmMPcv3LgG-YxZLwtOjFUc1xUvRk-rdaPOHXZCUPZ8cxcoa4JdYmsZHgYXcguVKiTAdP44Sv-BcHqHeoQ9tqKwyGdJmEpUL3NG_ynTzb6WY03coi6P-gfJdkGsocPonlLXb6xNG_wBn5D3Jq95F2KKZB4pCsrtheGyVkUFXUYJN900lZfaNEsbTfgWw592CiZrn2WSqw1uPogNCYjmIKRrukpGrVNoHZQM5tqo8pir6LjjRhlTJdEWEvDkyo8ZjrVt2Jl88i6fJDqyTpZUvjQpU31ZuKRUgKuMl_OWjS_JIRCzhrOAObfgtV-3uA8Dl7xyBEXHs0NGj_0Bn6jh0UKbmfXuwaE3FDGRJODPV3ldWKamEZRLxmvd1hJVNz0XjYQ-Z8SXdzL_cQlEbJarbFOmJKGd3XiT0W_a3IGZuaHHajMMI2-HREL5383adG408t-IDuuEP6-MktrHh-xI96Hk4OLoVeTtvVHb8m4AJdMrL6taMDHdiXjKQ3-j2a1qiixq86xyS4M7VRv4QEVOJ5ZO8xZd3LBq7Ao9osxDgvM8__xeV99JzXT-z4OKIvB18sAOK6GCMAk5e3Ue7VbcbFMO_mLT1oW_aEpCAApFIPogjSCJ8fATkJcUGo7Ej6HLQTBElVrC-OuwlAUmn3OE0YyBOMP3Bi9DwmAuxlHEDzefzOrwhepBDBU6Ml8HDtg7mlTG06NNg29IIB7OiI34JJG7kDhxiRhU-ycCTu0yA3P9BWKUgqCmV-dbwI02zBH0T-VXQTDWfYur-r-Lfn5vmiD_VgMlCzHvLt1Y3DOCwyTbodRefn1noWa6TNU9nshtv2sMLSfzrUfLCvkrqMuD_87NE3qidyqPqMTre-i9H0nqAL6yTtpMMRA8PuyPWVyipMd8hYShd_MgWru_qFSXfqpccYuSC8rHI67aI3VdUK27H9aQ6gF0raifjPx-3tszlQPkTWSRS3sKDTJYr_ljCaBJ__aHk52u1ZmVOXr_BTcueUjCvywUrR5yy6pChE0MAiYHXKSGJnZYSeT5pKmbJf-6J4797qmOM97onvnvYJeANiISrmyDStqlyBTMTWMYdpXXZeN7labOTz-_w85NX8iBRgUPda2rUOfgf9B2v3wxyFDj01uWmV8vevVuK1lYNoE9ZIhCqoo30Vy12bDsjtKDq-DDe-Ynna24QrLyUCRdUKghHE24VVWx07VxL9Ol94upOVjKP52tq-s7pjbDTX7DrDwU_vIn1iAhdJYSTE2yasJkZnzLXyjnGm9Qfqot_FYlBZzl0dvV4QC9tIXy1rt1-UZRzNYAUfSuz7At44NQ-NpHCEuhDWwyZEo4h7ZFk2Vk2tL0HITPzBVxXYcAVNz3UbnM5Yrm-csDcHvuAES6CGsLUgGw7RjuFIxDsvUyJLiT9iJBT1YZvQKP_lEW6rB7U3nNn_iJx9HmZOoekNNkBCwyhZEGpN0pciJr1UFfOYQFYeEJBSwI0dJ2m31luCvgDycElD8As75riuDYe28ptGna9FrtjFf7-UsYZHjouG2xw4HbwzOI_Agm8uL60WUwP0qr9TvneLLmOP4Uw2q1zdGRzZ8t4rV1eDpHsPT_27b5F9U0RNmlqF9hmabEHiEYaAt_Ul673b4NJ6iVgXwgnC2DG-8100fgmy3h3cCQucCJpE1nsJmBKdGhiZEAHPTM0vtycwjJppVTFoFP437UhMEWG8zh5mz1kN9gDbqGttj0fLzFz_W2DBQ5gSMiTtX0iOXekoPtsWI3UBHM7dIdAsYyT059HRYsp2n96A9HYTI_w4lxTKdM8Jt9sq8Umbw&cid=CAASEuRo2B42yRIHYTnql7LZDFeweA&rfl=1%2Chttps%253A%252F%252Fstart.mybluelight.com%252F%240
Requested by
Host: webmaila.mybluelight.com
URL: http://webmaila.mybluelight.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
b0ac6a3c5c74f465fc9821d312afa62b12e87983e4264db699d35311ccbcd601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12091
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E105 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CrktyQOAfJZJfsFCEW0K7BlZKJDvd8ZIsVX9aOyXzanEgBSftotVdEpaNoMWONd4YsaHociER095NjhjcXOUdM_p4xdmPkDm45LoE2hsWNs1OC_q4
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.js
live-tag.bannersnack.com/iframe/ Frame E105 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live-tag.bannersnack.com/iframe/embed.js
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b83531b52ab388ca2e41c92b3e5916127ed04b6286cbe1192c802640beeb078a

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 07:24:07 GMT
content-encoding
gzip
last-modified
Fri, 10 Jul 2020 07:39:56 GMT
server
AmazonS3
age
54471
etag
"30f5e3d9a15d04b0cd044a5a807687d1"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
960
x-amz-cf-id
vabwzfD_vC50LK_6tqhCPf4Pt8sxDhDArrR4UQSL9Z0deRXh0qpRPw==
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210504/r20110914/client/ Frame E105 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210504/r20110914/client/window_focus_fy2019.js
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
711
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 20 May 2021 22:20:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E105 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8a504a4dd65ff18b978b7bfb1d43a60dc8b17c09ed5429ff54decfa45a52d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620214045155586"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36073
x-xss-protection
0
expires
Thu, 06 May 2021 22:31:55 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210504/r20110914/client/ Frame E105 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210504/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 20 May 2021 22:30:29 GMT
l
www.google.com/ads/measurement/ Frame E105 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTKJih9WblY_7syjYesbNsfPKut87DUvhxWXFH52pOPRODOG4DjePCyblr8MdHe19f_cu2xz5CWImQXXkiFAheQyOXP8Q
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
pubads.g.doubleclick.net/gampad/ Frame 8CE8 		80 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F6650&description_url=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2076745160153405&cust_params=domains%3Dstart.mybluelight.com&sdkv=h.3.454.1&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=1611585701&sdk_apis=2%2C8&sid=3963FDBE-492A-4792-A3A5-A3DACA1C5559&eid=21064201&url=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&ref=https%3A%2F%2Fstart.mybluelight.com%2F&dlt=1620340312691&idt=1700&dt=1620340315128&cookie=ID%3Ddcacad81cb47a00e%3AT%3D1620340312%3AS%3DALNI_MafD0o_eaRvaw5Jh-gislxuYWSoVg&scor=2723307807704514&ged=ve4_td2_tt1_pd2_la2000_er585.506.737.806_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.454.1_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
724430b3648c7ae68f5208e22c67a56b632f6299c4c25ad457f8424fb4e911ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14697
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ch/adsid/ Frame AB53 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=start.mybluelight.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame AB53 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=start.mybluelight.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame AB53 		49 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3196673785160430&correlator=2706642310027773&output=ldjh&impl=fif&eid=31060897%2C31060462&vrg=2021042801&ptt=17&sc=1&sfv=1-0-38&ecs=20210506&iu_parts=32867010%2CA_300x600_300x250_160x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C160x600&prev_scp=c%3D10%26r%3D100%26d%3Dstart.netzero.net%26g%3DaHvVWMte4r54oMaKlgYj8u%26gd%3DaHvVWMte4r54oMaKlgYj8u%253Adesktop%26cc%3D0%26pf%3D45%26gm%3D59%26gf%3D33%26ag1%3D10%26ag2%3D9%26ag3%3D71%26ivt%3D11%26iva%3D48%26ivb%3D28%26ivc%3D19%26ivd%3D5%26ive%3D1%26ivp%3D79%26osr%3D81%26pre%3Dapnx%253A45%2Cttx%253A0%26pre_sz%3Dapnx%253A300x600%2Cttx%253A0x0%26tier%3Dapnx%253A2%2Cttx%253A0%26hb%3D1&cookie=ID%3Ddcacad81cb47a00e%3AT%3D1620340312%3AS%3DALNI_MafD0o_eaRvaw5Jh-gislxuYWSoVg&cdm=start.mybluelight.com&bc=31&abxe=1&lmt=1620340315&dt=1620340315145&dlt=1620340313668&idt=446&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=150&oid=3&adxs=8&adys=59&adks=2346308092&ucis=yeuygkpkfazp&ifi=1&ifk=1335519926&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&ref=https%3A%2F%2Fstart.mybluelight.com%2F&top=https%3A%2F%2Fstart.mybluelight.com%2Fstart%2Fsp.do%3Fcf%3DEOW&vis=1&dmc=8&scr_x=0&scr_y=0&psz=284x600&msz=284x600&ga_vid=1366745438.1620340310&ga_sid=1620340315&ga_hid=791978800&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
cf9e1feca5d1df9a85b3647d8f55978c11cf9461cc74a1e505b87bead2645bd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11161
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://start.mybluelight.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a9da6642da90908de4f1cdce1b3b3aae.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AB53 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a9da6642da90908de4f1cdce1b3b3aae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame AB53 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210504/r20110914/ Frame 2674 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210504/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DN_jdG3BA-2dybQpcrEAw78PhFUhcU21NlrWyAyGcp-NPGqxDC60olAhacGDchp-slbB7wxakqQ4vYNpcjz7IeSssYhoDH_0u8FA50xXNdfuFKajCj0fCjEHLJniQ7or4nCx7XcbpSGcRGBEeQSrH-Sk5uAw&cry=1&dbm_d=AKAmf-BUOZVnj_5i28OlMMua4VrS3q3WDHkYh-DbS7fd-rwZbnBIV7AqEp4ZXyEbquHlJJemHkFpvP-clydFGytwczd9dTsq07CZpOJWWst30gLpoiMVV8K-RXLFL52pSOdSMOqeqK-AMcsY2im_fRDhs63JcftoeHWXmneJiRmjYxHWfrKV1NZWZOhWMcjxAgF1feEkjcxJk1G3nI0Na32ivmI2lZBAAFGbkwbK30a_Yp00nmVSTKnUOupFJdOBgsvzd_AGp8L7x0esQIcxf-cv3No9J1AzEDpWMCNDu75nkoUszB8ilJFzVxxgYA6MXRIplWHF0VcLgDM--7tWUCy22dsDH04IHA4ikGC1fF6ZgPbZI-AKqYa2GP1DeQDCT3Eq5EROO3g3C7sTdNphBHavswOo7H2-SMDiOkEHcj_Atfb-VYq4VJXoZPYjgE-uuMq0bMj0fzr5TtdaAUShAzv5xcpeqmDDL9w613ywa2ZqIQVeNaLWXZFbZZrX7KOhTEPiL3iVPf-fsdSQwg9ehRb0iI_Waau_iQtpo_Yidt_XBzEdKQzLWI4Q22L_meUrEXEKpP671HaRwkCIAD-6HWrKN9pQulAfY0XtKmWMs9elaStyQ8Ubus5u_UvB6vIsBQfvbGECLhKagT_GRKK1BPtskWTSDq4k5GlwSOEpb9P3QtCU8HOSHTR8NibGH7Yv_IEIgJMpAdo1A_kfMoR0AuUcIsgG195HBE-F1wf5HgIE_8j36FauhE8pa9K91moHrsjoyp6vjkaOt0kMh5MeHD4kC8q4MmEaEj4-J4jRXxhHuvG5wxMrbwq_8Vj-0fFvpXMmQX0uY209o6jk2JvoJOMvAA0rqqCt0l6FMcXZFmYmnt1dpkZoXuxEjEXYpsmTlImbQBMiGyvgHXRsyqq-0mSHOj53rfIzkGXI_myGZKGMJWJD8_hiBfwnZi2ELVfW2c4qxsfIbgb61yh70G4uiDp2-tm-qb6O3FRoRMmrc8Qk8L0_U1fydYMwSy_xTM4bxpYMh9g9vU5uhBnafAraQICpp6YOzihmxabfNBGmfW_PV1aTFaf9G0DEwzCtQaMx6TofphA-2_wT9WUi4FCC8NJcjdCPGKJYJZ29qFZjgDqI1UQdYU7jkNs1lGNzC6bZmBMWsx322IXKZvCIDRyKJC5Ztr6kysBnkRMRaXPnBIfzHcPzZBgZ4QBtQ9Y_nt3lNVxf34VU_qoUvzYeoTB9zdv3zFDhJCSjtF4wqEWYGCq3sMyOU4sEHM0rG3dWx-dLQCL6Fluok2vgXoUSd0uplJpPeGsPyUXoujLb74ZprAZfqNwfQYeqRokbfSOoxQzVqe-aEWgso2iFKDe352oRDOCsQ4bBCBqXGuAIMfzq0tF9_rqOjLVKi-_PTWNRR3ctP-gISb4lmsc9uBgvRolDaYJm4vRn3mmN_cBmPOglNBdvJw_cWQsQjWUiRhK8SH_2ANJT3d-xKoORkvq9sTELt_uoM1CJNXQgv9FZfWlT5FzZzvHH8rPtEEVG0Bi7kAzivkxmFlXPX9y0Ap4YNdppCVS0NxTsyKFhAzKNt5Ni23i8s4yCMUkWQ_7g5h4aCMRn-88Dq4YCmmIQy7lHnlTBTxO7vWSEq6w_8cJ8cPmfTv-EXC6gH2VkZu3ruuG3fp1sdczdMp8nYbLoLeJ2XBw9ruS_pu9dVqY-uQ9S0-V5_YOGugoOCplpC0iD3tnNFAqxSUQk_LOM6e8U4amdXn5YY7NRW1NHXkQQYuczocV2zqBcGRLbmZzBEIqaBAB1IZBHQBQO5czxVHeiHEaTGWs2hH4MK9crKzSFTlsfrJeCjdMpk5JJ6CXoGfD3TzJT091T7nySeXTU4Whhf7K850W_YSQqeddi6srQwI5kWlL1J6trKvSfAFV3wYw0Fi-miROZAElE-DTgoZIHZ6iiOoo08XzrC7Nj_s_USPX-ZJlhoPeGcCOIy_9U2xJ2VkshYoEGCljDSc_aby15OM3tvOV-94U6q-_yKsLMiOFUPx2WEaL5lM_ZVZdKVPzKBwSR66OpSrvZhAUJ8swaoOYcb76KXeQo8r8ZiAoYr_D6CY2seIozJ9a-EEP41-7uGUPrSVokMYwdcn5UH5lSmdtbJAB6259-R_nUVzUeyMykSrfjnkEQAfw3-Tr8KvQ18UpZzR8Zd6sL3uumsjCv5Gor7eE6rkhZuXGzUi9xtBu2xtunTQlxII9kUIFI2jWbU6mXCQkJVvvFmlP7D1OGTi4W1v1VqX8-_gPDvMGZGlkiGlv2FJlhiMM4yYDxiimooe2ktHoF6W-oJK3jRZelSV4nRpkRWDyknY0bVIiT0MsZwxz_9XHZNj7Khk9RJ5dZHMu6I3kb68UvkIwf9nuRRBJ8USZ830MmIkibWpyeFjAfyk7jJgZCgRNHepRkLBc6PqI5iuYiKC4tdVrwT40RXLI72D6nCrHfjxGaKNBu5DOQHhNSY7dvj80VgbG5SFNWWNTNgYtXZaMtH80xthfklhGbBohirUf95wc6RbQk9GsrmgZwI23UuIOlQM_xDx5z51TJ_plEgKDQFxK8T6EL_zBl7pa98gTI3t_W0-Ir1tbi4O0fueY6xo-jf0CF-4DiIe4HJKNdeMO4EfhUpeAqkMVeGib3PbgK_QOb2_4dXixM_l0Ve32PVutktiYeN7z6FNQ0V_hKZacxxFV5NRSAJbbA1wtHoBB1Goka_pjWkBWtYRKKRTvuVuUgNBflgdj0gWLDATN-46QYp1UyEAuSdksmQZN1_d4zhTNOlg-RcLIYVkvFOSiMfbm-7zSYBxYmsRAXnYRpFDqOA8VjzTn8APqnM_VX4VoCKXVvcJFFV3HmViDbxmJLoz3VxRwhqW-_-A38joZttUunvWVtUUtpMDWSgu5DOaSFtBa-pMGzKzgXCuRQQC7NoIsJ7X6BHMJ_sngLvYTLxfWHWQunujxKAx5NyuQZ8lAZNTqM8KugEPmGxlWeLCvWvcHFIOLkqir30GmOeo9AcLr8N5jiT2z4taMkGGtJqF8oYlwCKp4tM6n8afEKM2njmjPaFzwL0NQDfhtV8to3mGFY6MbFx8s1qxgQRvLeZJAZQl2CiJ-cGqK0_ce1oIZBiilK_jDR11hq3BmIoGD5ZkPurwXGEt3k05iPmjnl3EirEKhufuzzFdQ-HyTIR-rqPXvRmyTxgnq4frAJi6bFvA2HvlcIfkvk6biCT0SuY7B6DU-bI_dtpARlJiBIGonmZRj4j-qEXLhATb4iKU8nTI6-hliFWTj2MvshoyfelvABkpsOZ0jGeYt8l2FSk7JfCmqSxHtYJ34koo0uM1DdUX24omVWdma1bQi9waGzhh5FBXJrpD4fna_YUV9o94VtCbob3Orz7W9Rq6aZrxnJvm2qXR7jaXQ-8kWVvOpZfEMgtUnAji-7fKk3emTQGUT_KHto9OLzrsg-1GTYoVWkFuKC9Hn9zxnDqoM_f7s3Cqw8SbSlxdPBzlduWrQsho2aTQO2IompJaqMTALgTBQ7iNrndosyvlimD91NgqvNvnEWYs5aEqDrRQ&cid=CAASEuRoN3BBSeC1Z9KHhfFStb6WYg&rfl=1%2Chttps%253A%252F%252Fstart.mybluelight.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea4adc7bca7ea4343c5a9c3d146970155a149f41fc70f47cf0977860d76e9d85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:13:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1129
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8627
x-xss-protection
0
server
cafe
etag
16525714399072181746
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 20 May 2021 22:13:06 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2674 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DN_jdG3BA-2dybQpcrEAw78PhFUhcU21NlrWyAyGcp-NPGqxDC60olAhacGDchp-slbB7wxakqQ4vYNpcjz7IeSssYhoDH_0u8FA50xXNdfuFKajCj0fCjEHLJniQ7or4nCx7XcbpSGcRGBEeQSrH-Sk5uAw&cry=1&dbm_d=AKAmf-BUOZVnj_5i28OlMMua4VrS3q3WDHkYh-DbS7fd-rwZbnBIV7AqEp4ZXyEbquHlJJemHkFpvP-clydFGytwczd9dTsq07CZpOJWWst30gLpoiMVV8K-RXLFL52pSOdSMOqeqK-AMcsY2im_fRDhs63JcftoeHWXmneJiRmjYxHWfrKV1NZWZOhWMcjxAgF1feEkjcxJk1G3nI0Na32ivmI2lZBAAFGbkwbK30a_Yp00nmVSTKnUOupFJdOBgsvzd_AGp8L7x0esQIcxf-cv3No9J1AzEDpWMCNDu75nkoUszB8ilJFzVxxgYA6MXRIplWHF0VcLgDM--7tWUCy22dsDH04IHA4ikGC1fF6ZgPbZI-AKqYa2GP1DeQDCT3Eq5EROO3g3C7sTdNphBHavswOo7H2-SMDiOkEHcj_Atfb-VYq4VJXoZPYjgE-uuMq0bMj0fzr5TtdaAUShAzv5xcpeqmDDL9w613ywa2ZqIQVeNaLWXZFbZZrX7KOhTEPiL3iVPf-fsdSQwg9ehRb0iI_Waau_iQtpo_Yidt_XBzEdKQzLWI4Q22L_meUrEXEKpP671HaRwkCIAD-6HWrKN9pQulAfY0XtKmWMs9elaStyQ8Ubus5u_UvB6vIsBQfvbGECLhKagT_GRKK1BPtskWTSDq4k5GlwSOEpb9P3QtCU8HOSHTR8NibGH7Yv_IEIgJMpAdo1A_kfMoR0AuUcIsgG195HBE-F1wf5HgIE_8j36FauhE8pa9K91moHrsjoyp6vjkaOt0kMh5MeHD4kC8q4MmEaEj4-J4jRXxhHuvG5wxMrbwq_8Vj-0fFvpXMmQX0uY209o6jk2JvoJOMvAA0rqqCt0l6FMcXZFmYmnt1dpkZoXuxEjEXYpsmTlImbQBMiGyvgHXRsyqq-0mSHOj53rfIzkGXI_myGZKGMJWJD8_hiBfwnZi2ELVfW2c4qxsfIbgb61yh70G4uiDp2-tm-qb6O3FRoRMmrc8Qk8L0_U1fydYMwSy_xTM4bxpYMh9g9vU5uhBnafAraQICpp6YOzihmxabfNBGmfW_PV1aTFaf9G0DEwzCtQaMx6TofphA-2_wT9WUi4FCC8NJcjdCPGKJYJZ29qFZjgDqI1UQdYU7jkNs1lGNzC6bZmBMWsx322IXKZvCIDRyKJC5Ztr6kysBnkRMRaXPnBIfzHcPzZBgZ4QBtQ9Y_nt3lNVxf34VU_qoUvzYeoTB9zdv3zFDhJCSjtF4wqEWYGCq3sMyOU4sEHM0rG3dWx-dLQCL6Fluok2vgXoUSd0uplJpPeGsPyUXoujLb74ZprAZfqNwfQYeqRokbfSOoxQzVqe-aEWgso2iFKDe352oRDOCsQ4bBCBqXGuAIMfzq0tF9_rqOjLVKi-_PTWNRR3ctP-gISb4lmsc9uBgvRolDaYJm4vRn3mmN_cBmPOglNBdvJw_cWQsQjWUiRhK8SH_2ANJT3d-xKoORkvq9sTELt_uoM1CJNXQgv9FZfWlT5FzZzvHH8rPtEEVG0Bi7kAzivkxmFlXPX9y0Ap4YNdppCVS0NxTsyKFhAzKNt5Ni23i8s4yCMUkWQ_7g5h4aCMRn-88Dq4YCmmIQy7lHnlTBTxO7vWSEq6w_8cJ8cPmfTv-EXC6gH2VkZu3ruuG3fp1sdczdMp8nYbLoLeJ2XBw9ruS_pu9dVqY-uQ9S0-V5_YOGugoOCplpC0iD3tnNFAqxSUQk_LOM6e8U4amdXn5YY7NRW1NHXkQQYuczocV2zqBcGRLbmZzBEIqaBAB1IZBHQBQO5czxVHeiHEaTGWs2hH4MK9crKzSFTlsfrJeCjdMpk5JJ6CXoGfD3TzJT091T7nySeXTU4Whhf7K850W_YSQqeddi6srQwI5kWlL1J6trKvSfAFV3wYw0Fi-miROZAElE-DTgoZIHZ6iiOoo08XzrC7Nj_s_USPX-ZJlhoPeGcCOIy_9U2xJ2VkshYoEGCljDSc_aby15OM3tvOV-94U6q-_yKsLMiOFUPx2WEaL5lM_ZVZdKVPzKBwSR66OpSrvZhAUJ8swaoOYcb76KXeQo8r8ZiAoYr_D6CY2seIozJ9a-EEP41-7uGUPrSVokMYwdcn5UH5lSmdtbJAB6259-R_nUVzUeyMykSrfjnkEQAfw3-Tr8KvQ18UpZzR8Zd6sL3uumsjCv5Gor7eE6rkhZuXGzUi9xtBu2xtunTQlxII9kUIFI2jWbU6mXCQkJVvvFmlP7D1OGTi4W1v1VqX8-_gPDvMGZGlkiGlv2FJlhiMM4yYDxiimooe2ktHoF6W-oJK3jRZelSV4nRpkRWDyknY0bVIiT0MsZwxz_9XHZNj7Khk9RJ5dZHMu6I3kb68UvkIwf9nuRRBJ8USZ830MmIkibWpyeFjAfyk7jJgZCgRNHepRkLBc6PqI5iuYiKC4tdVrwT40RXLI72D6nCrHfjxGaKNBu5DOQHhNSY7dvj80VgbG5SFNWWNTNgYtXZaMtH80xthfklhGbBohirUf95wc6RbQk9GsrmgZwI23UuIOlQM_xDx5z51TJ_plEgKDQFxK8T6EL_zBl7pa98gTI3t_W0-Ir1tbi4O0fueY6xo-jf0CF-4DiIe4HJKNdeMO4EfhUpeAqkMVeGib3PbgK_QOb2_4dXixM_l0Ve32PVutktiYeN7z6FNQ0V_hKZacxxFV5NRSAJbbA1wtHoBB1Goka_pjWkBWtYRKKRTvuVuUgNBflgdj0gWLDATN-46QYp1UyEAuSdksmQZN1_d4zhTNOlg-RcLIYVkvFOSiMfbm-7zSYBxYmsRAXnYRpFDqOA8VjzTn8APqnM_VX4VoCKXVvcJFFV3HmViDbxmJLoz3VxRwhqW-_-A38joZttUunvWVtUUtpMDWSgu5DOaSFtBa-pMGzKzgXCuRQQC7NoIsJ7X6BHMJ_sngLvYTLxfWHWQunujxKAx5NyuQZ8lAZNTqM8KugEPmGxlWeLCvWvcHFIOLkqir30GmOeo9AcLr8N5jiT2z4taMkGGtJqF8oYlwCKp4tM6n8afEKM2njmjPaFzwL0NQDfhtV8to3mGFY6MbFx8s1qxgQRvLeZJAZQl2CiJ-cGqK0_ce1oIZBiilK_jDR11hq3BmIoGD5ZkPurwXGEt3k05iPmjnl3EirEKhufuzzFdQ-HyTIR-rqPXvRmyTxgnq4frAJi6bFvA2HvlcIfkvk6biCT0SuY7B6DU-bI_dtpARlJiBIGonmZRj4j-qEXLhATb4iKU8nTI6-hliFWTj2MvshoyfelvABkpsOZ0jGeYt8l2FSk7JfCmqSxHtYJ34koo0uM1DdUX24omVWdma1bQi9waGzhh5FBXJrpD4fna_YUV9o94VtCbob3Orz7W9Rq6aZrxnJvm2qXR7jaXQ-8kWVvOpZfEMgtUnAji-7fKk3emTQGUT_KHto9OLzrsg-1GTYoVWkFuKC9Hn9zxnDqoM_f7s3Cqw8SbSlxdPBzlduWrQsho2aTQO2IompJaqMTALgTBQ7iNrndosyvlimD91NgqvNvnEWYs5aEqDrRQ&cid=CAASEuRoN3BBSeC1Z9KHhfFStb6WYg&rfl=1%2Chttps%253A%252F%252Fstart.mybluelight.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 08:54:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135472
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 May 2022 08:54:03 GMT
pixel
cm.g.doubleclick.net/ Frame 0418 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYuvO3mAEwAQ&v=APEucNUNEm7XAhxVFR8avuGdIZsEI5jkI4eoGfDAcfhlGDE0qYVv0CNu7Clm33umCVuFgpl72qgqtt735Vm-cc3J0H9RUkNB6A
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0418
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmqJq8rRMeqIXfelKlS0uE&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmqJq8rRMeqIXfelKlS0uE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYuvO3mAEwAQ&v=APEucNUNEm7XAhxVFR8avuGdIZsEI5jkI4eoGfDAcfhlGDE0qYVv0CNu7Clm33umCVuFgpl72qgqtt735Vm-cc3J0H9RUkNB6A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 06 May 2021 22:31:55 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmqJq8rRMeqIXfelKlS0uE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0418
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJRuWPBednFrO4SxEmtV.QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmqJq8rRMeqIXfelKlS0uE&google_cver=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmqJq8rRMeqIXfelKlS0uE&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYuvO3mAEwAQ&v=APEucNUNEm7XAhxVFR8avuGdIZsEI5jkI4eoGfDAcfhlGDE0qYVv0CNu7Clm33umCVuFgpl72qgqtt735Vm-cc3J0H9RUkNB6A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 06 May 2021 22:31:55 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmqJq8rRMeqIXfelKlS0uE&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C5F7 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYj424mAEwAQ&v=APEucNXEkxezedyxpL90JL5P86PUH4UetfiptlZqLyaPriubkYDqzpHUp_6r_PWh4whWIBN0IsKpmgK6oKgt8AvZnGVtRJMznA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C5F7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmqJq8rRMeqIXfelKlS0uE&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmqJq8rRMeqIXfelKlS0uE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYj424mAEwAQ&v=APEucNXEkxezedyxpL90JL5P86PUH4UetfiptlZqLyaPriubkYDqzpHUp_6r_PWh4whWIBN0IsKpmgK6oKgt8AvZnGVtRJMznA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 06 May 2021 22:31:55 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmqJq8rRMeqIXfelKlS0uE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C5F7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJRuWPBednFrO4SxEmtV.QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmqJq8rRMeqIXfelKlS0uE&google_cver=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmqJq8rRMeqIXfelKlS0uE&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYj424mAEwAQ&v=APEucNXEkxezedyxpL90JL5P86PUH4UetfiptlZqLyaPriubkYDqzpHUp_6r_PWh4whWIBN0IsKpmgK6oKgt8AvZnGVtRJMznA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 06 May 2021 22:31:55 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmqJq8rRMeqIXfelKlS0uE&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5350
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHQyjAGz0LZo1t5l9TNDPWA&google_cver=1
43 B
1022 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEHQyjAGz0LZo1t5l9TNDPWA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYwLW3mAEwAQ&v=APEucNVZrugIIKpjez1AJ0KAERRQIwBTERFfoXmTumaLeP7QFXk4FXQE3x3uwsakDLBdrOm_dd-jq5kvoCrr0VWmlzIlTeph_w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:55 GMT
X-Proxy-Origin
91.132.136.84; 91.132.136.84; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.73:80
AN-X-Request-Uuid
a8d56d6b-c6dc-48d5-aae2-99e0977f8ae2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEHQyjAGz0LZo1t5l9TNDPWA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5350
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAxNjY2MDcxNjgzNTAyMjk0OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAxNjY2MDcxNjgzNTAyMjk0OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYwLW3mAEwAQ&v=APEucNVZrugIIKpjez1AJ0KAERRQIwBTERFfoXmTumaLeP7QFXk4FXQE3x3uwsakDLBdrOm_dd-jq5kvoCrr0VWmlzIlTeph_w
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:55 GMT
X-Proxy-Origin
91.132.136.84; 91.132.136.84; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.236:80
AN-X-Request-Uuid
d3735cd9-6ed0-4db6-ac7b-7beb964c1f05
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAxNjY2MDcxNjgzNTAyMjk0OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5350
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJdVbsck1h6uv5F7rC_tcYQ&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJdVbsck1h6uv5F7rC_tcYQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYwLW3mAEwAQ&v=APEucNVZrugIIKpjez1AJ0KAERRQIwBTERFfoXmTumaLeP7QFXk4FXQE3x3uwsakDLBdrOm_dd-jq5kvoCrr0VWmlzIlTeph_w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJdVbsck1h6uv5F7rC_tcYQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5350
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTc5NmY4MTgtZjUxNC0yODZjLWQzYjItMmY0MGZjZjE4NGJh
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTc5NmY4MTgtZjUxNC0yODZjLWQzYjItMmY0MGZjZjE4NGJh
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYwLW3mAEwAQ&v=APEucNVZrugIIKpjez1AJ0KAERRQIwBTERFfoXmTumaLeP7QFXk4FXQE3x3uwsakDLBdrOm_dd-jq5kvoCrr0VWmlzIlTeph_w
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 06 May 2021 22:31:55 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTc5NmY4MTgtZjUxNC0yODZjLWQzYjItMmY0MGZjZjE4NGJh
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 3F49
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESELww_5Cj2g5ax0hLQB2_KNM&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESELww_5Cj2g5ax0hLQB2_KNM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYwLW3mAEwAQ&v=APEucNWM525ftULsOt7yv_MAh1MMOUiB_9oLJ6pct_UnDAexNrQcUIgCat55LPusBif5oSfIGNB4yEb8wz2177wStC9T3gdw0g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 06 May 2021 22:31:55 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESELww_5Cj2g5ax0hLQB2_KNM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3F49
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjVmYmIwYjYtNmI3Yi00MTA4LTgxYWEtZjNkM2E3NmQyMzll
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjVmYmIwYjYtNmI3Yi00MTA4LTgxYWEtZjNkM2E3NmQyMzll
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYwLW3mAEwAQ&v=APEucNWM525ftULsOt7yv_MAh1MMOUiB_9oLJ6pct_UnDAexNrQcUIgCat55LPusBif5oSfIGNB4yEb8wz2177wStC9T3gdw0g
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
akka-http/10.2.3
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjVmYmIwYjYtNmI3Yi00MTA4LTgxYWEtZjNkM2E3NmQyMzll
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Thu, 06 May 2021 22:31:55 GMT
sync
partners.tremorhub.com/ Frame 3F49
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEHUYlWBkhTxo9MmkIkVwCPQ&google_cver=1
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEHUYlWBkhTxo9MmkIkVwCPQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYwLW3mAEwAQ&v=APEucNWM525ftULsOt7yv_MAh1MMOUiB_9oLJ6pct_UnDAexNrQcUIgCat55LPusBif5oSfIGNB4yEb8wz2177wStC9T3gdw0g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:b4a0:a8db:4a1b:4b37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:55 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://partners.tremorhub.com/sync?UIGL=CAESEHUYlWBkhTxo9MmkIkVwCPQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/ Frame 87E7 		17 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC76whWm6UYMKRF9abgQe3_L2ABZP5pdBisLmbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_Q4PfwSrMG9f4K9Xnyjj5yBwyBLdMLJoqXoEO4j0_iXLqxa_klistxC7PUCYkb4u4OwEPEFX4Ae22o22C3iqVX2oAghRIpJKEB2SnxBqJmtJ1kisVeDqwdnW9K33NJcJS86FHOwAca-Ixl-cDUJFudqrjUm-xMrsAj4Vn6L-s7Jk7ltKdc07rCpa5YJfKeSuCYx3FqzewtLX_pOuAdePhjdAH9Tz7uhcpfky3Y_rYmJE1txVD6LFs9svveZ4iBEzcJ0S4KDL4sK6LAdO2UkVmIzsZie3zJnI0wAaT6sL_GR4QHiebU5SxsYv0qd2-yjUVl-qw8wATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoN3BBSeC1Z9KHhfFStb6WYg%26sig%3DAOD64_1oUPa_UsKVutRCTGKGw-8M1c_oAg%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-B3YA4nc4zIBsipOpoMrPjF-VPjizEERjb77cV_RJfcks1PJ5u5XGzbtprI0of6Dygtq88J-_RGz7MPpDVbtWOxjLZYBgG9po4OHtmDVy4sYY2W_WN7ZU6URBkhuGRrykR6Rp2KopkggJQTQEqLKZCpLKCsUA%26cry%3D1%26dbm_d%3DAKAmf-DPTrGIHTba5yRbZag0-wDK6PzJgwAucHr7KPCU9FD6uJF0-_cAzRrSq1BtMTY6_9BRGmX5S8V9kkXz1nj3v5G-vyBoHoA-XX3EnR_ThAUhzvul69yPiPiqTIa2OqL7yM1P-N89PrRBlDV2l20OKJfqx-ZWxUA_kRtyIsG4Ui8roI4d6HJQe03N4ZO0BTvoqQemuO8aqfMsIZrnSFkvg2eq8A9KfP_3mpMYx6buYnyMRbUa2r3So0kzQ0l_eAgvJA3dwreItfYCmTm0bXM4ChylFgPTC4EleQruf3vxz49lVO6vUtxjV_x2phRM_kITlD8mK1znY320pEauC0aLxM0XhvV4n6cUnv472niiIg4do_yLH3Q8LRqaNOoq0eswm4ECufgz95C5HGB5MDgk-JjqpviQPKh9bztqwB1LzQw1m_F_2nY%26adurl%3D&userId=41947456&networkId=25
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/iframe/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18c517ee8646c295ecee64db1300fbc76648c6e8f39459cd4deace234b26a27f

Request headers

:method
GET
:authority
live-tag.bannersnack.com
:scheme
https
:path
/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC76whWm6UYMKRF9abgQe3_L2ABZP5pdBisLmbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_Q4PfwSrMG9f4K9Xnyjj5yBwyBLdMLJoqXoEO4j0_iXLqxa_klistxC7PUCYkb4u4OwEPEFX4Ae22o22C3iqVX2oAghRIpJKEB2SnxBqJmtJ1kisVeDqwdnW9K33NJcJS86FHOwAca-Ixl-cDUJFudqrjUm-xMrsAj4Vn6L-s7Jk7ltKdc07rCpa5YJfKeSuCYx3FqzewtLX_pOuAdePhjdAH9Tz7uhcpfky3Y_rYmJE1txVD6LFs9svveZ4iBEzcJ0S4KDL4sK6LAdO2UkVmIzsZie3zJnI0wAaT6sL_GR4QHiebU5SxsYv0qd2-yjUVl-qw8wATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoN3BBSeC1Z9KHhfFStb6WYg%26sig%3DAOD64_1oUPa_UsKVutRCTGKGw-8M1c_oAg%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-B3YA4nc4zIBsipOpoMrPjF-VPjizEERjb77cV_RJfcks1PJ5u5XGzbtprI0of6Dygtq88J-_RGz7MPpDVbtWOxjLZYBgG9po4OHtmDVy4sYY2W_WN7ZU6URBkhuGRrykR6Rp2KopkggJQTQEqLKZCpLKCsUA%26cry%3D1%26dbm_d%3DAKAmf-DPTrGIHTba5yRbZag0-wDK6PzJgwAucHr7KPCU9FD6uJF0-_cAzRrSq1BtMTY6_9BRGmX5S8V9kkXz1nj3v5G-vyBoHoA-XX3EnR_ThAUhzvul69yPiPiqTIa2OqL7yM1P-N89PrRBlDV2l20OKJfqx-ZWxUA_kRtyIsG4Ui8roI4d6HJQe03N4ZO0BTvoqQemuO8aqfMsIZrnSFkvg2eq8A9KfP_3mpMYx6buYnyMRbUa2r3So0kzQ0l_eAgvJA3dwreItfYCmTm0bXM4ChylFgPTC4EleQruf3vxz49lVO6vUtxjV_x2phRM_kITlD8mK1znY320pEauC0aLxM0XhvV4n6cUnv472niiIg4do_yLH3Q8LRqaNOoq0eswm4ECufgz95C5HGB5MDgk-JjqpviQPKh9bztqwB1LzQw1m_F_2nY%26adurl%3D&userId=41947456&networkId=25
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/

Response headers

content-type
text/html
content-length
3991
date
Thu, 06 May 2021 22:31:56 GMT
last-modified
Mon, 07 Dec 2020 13:46:18 GMT
etag
"10f138696ec8f9a04fa9968ad3e4d76b"
content-encoding
gzip
accept-ranges
bytes
server
AmazonS3
x-cache
Miss from cloudfront
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
cm5oLiG6lYLbuH3NTYuEiIbXaWAt8rs0rFk_UWCkgy2GjZwZqmz8Bw==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D693 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 06 May 2021 03:14:09 GMT
expires
Fri, 07 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
69466
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 2674 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
548698a86d8383297555d927d88a52db704d64f53deaaac3c6bb6c5ff4a28903

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CC2D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Wed, 05 May 2021 08:58:54 GMT
expires
Thu, 05 May 2022 08:58:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
135181
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210504/r20110914/ Frame DEB2 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210504/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbbfiYu0c11bwNv3MEHCAyu_dycpGaKDtWUwfW3fnLHeSrJ9VaUS7okmuC9MEDNjSi6Bgot_fNoZ1B6132yGt7it_uI7q7I26QTSz-tkuSdrPTXecwLVWjd5fqdLtliOrzuBc4EVT50R9NGgGATQbYmo2qtA&cry=1&dbm_d=AKAmf-ASHMtg3isH2mZx9Ngs0OovbK1XT_ZNubpGtNkT6KiVf86YylN__R0f8vYy-_q7VUMHgjHfOpf481wgyUPg0gGQFr3XHiGIU_2PF7SY1ipaV_LAhRRiIvrKNtlyApSku5I-XkjR3QAd_hqAZ-boZqIVtAkBk1XPravhC3v1kfwuDQcN99or9TkpHkPH_eFW4FWMsbDZJKfWM0vnVNJYtFoyRyg5Erj7I4eFG7z2rvaHngWu5arkcWjgFNGZ9hF4_m27JGriNKQJi8FHrggwUGMnNi6gMj_7KiS-sOLF2wm7fYpB3SIWpbwZMiZ6TRQb7iVOpOUK7pL_mBFbkKjCi8afxdpTQm8bTYu18mdhg9axOR9E5D_BbYu9Z4ghLxHiFo0cejN_NwYOCyeJXFonnl23DucTkgCwTcKQH10p5NkE5LuYUUDMeTys_muLi21lQXZML9utk0rShunerH4GGQ_9iHwd9MFgnJ1xUi28cf25-62GmlLEAwqEb1qGhaHQMEeI_KBUe2OcnzVf3a56iLhDCMtJx3VeWBF5pKlRUf5k1mJ13YNcY5mdC27DxgWJbZMhT3zogclG83tzQGknRxc7yVsrSYVU73ASv6kClZYEhoo8iN1kp0y-ymMTujnLxtRlxdXYnOvEzLId6Wr7gBgZVtDIcr6m8qrGMvYfoZ2gNDWpZ9_ywR9J0vY-93XBWvUIAlDTbTTFUvAU4WxBjT-FBa1KdqdTsMYbVxq9tiSv5KlG817HvTPawBXh31FgtKKTIBpWJGV622HzxCgmc_tXIyoRH0hygZD9xok2FBWs3L7Oy2SOt18g4m7xUxXxAkkSfxBE4TdcE4ztHef5ngVrXUPJdsorHw7UGqsyvz3Bm75osH8G0V-smJJsz9TOVdNgr-tu3bIfjnuhpXUFbPqPXW-QTQzrz3ztEApu21MLQ0mF283R0uKpib6y2Xa-d5TX48VSwUILGokj40dwvXiFEonAnjz6g37uYdqfVBy4xXz1m3xnWNKAwjUQBT5o9Td8VeAj490syLwltbpbJCzIimwzaueZDvNCzuGRzape5_7nSaxX_XcrDfBGVv0sKYYS9EdUns_bw3H3nGf9vHZn2snTTbpS7CEfyIjofninXUtRoitMqZ0_yAPv_dbzo3eqL7yZPDGnkgDt80LtsyK_Ybgw-pr6DdyIVKJvhYmNj7lzzh5KS59RD2M65SadvkntaA_UwXl8Y-WYMBPBbky2qjqaGwhirVd1I4w0jNWBl50gJjoPlTTWsSthgW1dZHdddGIpVKZmoA1AYgs4FCHzNw-PcalpvNX37Uqp2Ej3fdC_ZmZ1FymzoXdhDLGrfI5TVqhxpWRR1HWiE-0oQIxKCb04PJWFDgJiZNjAePNj_WmTwHbS7V77aHOLhY-b1tkzxgpHZNipoRBAnxLHr8EMo-9fhRH-1QnoyGaN_szrUbTm2f6tbc07Aznl_tuA5i1Zpw1NRNuBguF0JU-LIbXgChnO68haNPdRWgnx3s1MwT0S821KNUTiopnTPhcqug0YQaXBb7NIrrVfUzPa4igul6pXdHRe_-kDRToAnc_dHh0Xki5f-ijDz38VZAefPOFIufcCjvPS-7WBK6UxyOG-PolG2O8EqdlRuekjYEAiF-yUsvKl_s31CeCSNcD_gQp62iAXcwG1NO3wcSsKFPebplxFRici4oC9xkLQlG1Zs9_5TpUhjYqsxYXGx15DCS59Jc4woIHQmBuudIQadb-zzvT7Gon0agSNPbhVAsVkJYF97hxWfKVWahtAeTh299JqQ2Ryp7W7X9OwQsJh0wOWQKIERwfCsB1i0j-fKTwpg-Hy1UGCJrOoZpJOVNTn0Q2JJn60mZe4a-342c2sPGGaVjxSIdb_Cvk0Q54AYP9S3iuqIvOqELGKwuQnSM8awbE6zrY2iY-TRgNMnlsgMxxeFSaldzCJyEoqd8PpSw7z_EaQ92umwK1-QRFMIeMisd6Z0tZ2s1EMnYgK7sdpVwgx4OpxpnA65dmRS78MQ3zjM4e1Mybi7of95ewzOZQm0sYRRCiT7fqPELTEFKzCTcE57cw7DxKJF91rOr7-L6elO87r4LHup09zzjgIY48Ybwu2VtGcoafZr4fEEEAn46BAk2BWHixT9WIdpHFF0o7yx5ga3GykNfTq783Ys76z1gF67TjnaiOip55FO7IsznG2gVJ6xt5XrJMt9DYwldpGnS5Dlu3OXF3wV2Vuw2Ci6yR8SstZuN0kLLLVgpdF9HxGg7YM7ynr2QbQgPHX3bfzOQpSC1fMutQD4AC4HJL0K_Wu7bhmm2uPAnl5EHCW4w8XyXg23fPZ2BQnrytd-LvsyJ7EAjAnMMHVmZNPmKA_o4Y4K2d-OF67GxeC33owuDh8yItuX3pjOGI0xTluFwFNBHMyzKP0ZNz5XHRWmItj83cIGxtkrfy7H9flWmKCHcSh88-a-qiHB_K0ey4VIJlXA9l3HxT0eKvTq9jqpRC9vcBwlIVi8h7f9mykLcokO6dra7O-d_NfUd38V-1pcIfcsIWW_PHGIy0eGbhFUp2rNaLt7yw4uPyADT7vMxM-7fXafCTXts6W1DB7ev61YLR4_dhLhZk4qNPQ2cd0BhwnWNiymOoivrO4wF3rYBwohRwVg3b5OVxHOsPR0dxUhGfnMgkx3XmwAQm7JIj7HyLWAVU7zKT1h_VD1076M0u6xFWQm0xrPhzz-t4ow9v-B84Ty7Rd7WdgzrZAIVoBe0kMdct2GntmGz2eRm_nPvOFtAV5-wn1yyYwLpsYmDTwSJyL7GR6vXEQPGe2PrjfooVNO_QK-1g8JdrZjsHiaHJ1n4AG5X8l_Ux8_3PmJ104rWUXgXMd752AMb81I1-ho-rkT66MBYqGGXq1Tomket9BOB_s9234nIQGUSDrCRB_BJE0WQ9hq95mKYT9E83ObLZDD7c80aC9MJBQ4mUgmb5A_aKotYfzbuY4KSpXym_5393VabFoenPPsbdGqAe4c8tALbwPQpu39tPAYDs8O7O5j-6yjVPxPyUkA2NUlkyIHTdY_ByCmVKYSFCaDxs3jNTJbpTN7mPC_QhSiTTMM-yUiwA8Y0MAKWV2lZkO3Yz83ohS8Zu5iuGqJiAfEo2uSEVdPhz5iXaNddpoCTbUHKjo3KuVZOt8TKhT05XCn972w432gg1LVTB8JNk3KUP8NTrX3XPAFlVW1LmIQsFJzba7chW5V2iVL0AYuFkxB16XNkhgEe2LzX95ukBKM9ucnKglDdcOUK6GrWGOencT1jDE9O1-84LWSstVInFx1QnDp6mhdSl4IS98-ChCJBkcqxKdeR5JQZ1vdiMt2RqQYaCcdrRLFIRvm99LWg3w6pg36UfaDNwSTh-_IZP8qWOtgG35Esw068c43WRulSlDMYjSdinQw0aYGQitnWKxzIum85up8cL3G-IuFd60GySxlMybsl7-rn5oKXqB8tVjvW_dgwnlw1yyNPGhOFfpRuxCbc7VFk-HL2Yg3MbwgPeKU2htWFEjG0W0dobCNn5w1ZSLZKLAGGsAjw&cid=CAASEuRopA5rDjHBkcTzvxbzbkv4dA&rfl=1%2Chttps%253A%252F%252Fstart.mybluelight.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea4adc7bca7ea4343c5a9c3d146970155a149f41fc70f47cf0977860d76e9d85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:13:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1129
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8627
x-xss-protection
0
server
cafe
etag
16525714399072181746
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 20 May 2021 22:13:06 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame DEB2 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbbfiYu0c11bwNv3MEHCAyu_dycpGaKDtWUwfW3fnLHeSrJ9VaUS7okmuC9MEDNjSi6Bgot_fNoZ1B6132yGt7it_uI7q7I26QTSz-tkuSdrPTXecwLVWjd5fqdLtliOrzuBc4EVT50R9NGgGATQbYmo2qtA&cry=1&dbm_d=AKAmf-ASHMtg3isH2mZx9Ngs0OovbK1XT_ZNubpGtNkT6KiVf86YylN__R0f8vYy-_q7VUMHgjHfOpf481wgyUPg0gGQFr3XHiGIU_2PF7SY1ipaV_LAhRRiIvrKNtlyApSku5I-XkjR3QAd_hqAZ-boZqIVtAkBk1XPravhC3v1kfwuDQcN99or9TkpHkPH_eFW4FWMsbDZJKfWM0vnVNJYtFoyRyg5Erj7I4eFG7z2rvaHngWu5arkcWjgFNGZ9hF4_m27JGriNKQJi8FHrggwUGMnNi6gMj_7KiS-sOLF2wm7fYpB3SIWpbwZMiZ6TRQb7iVOpOUK7pL_mBFbkKjCi8afxdpTQm8bTYu18mdhg9axOR9E5D_BbYu9Z4ghLxHiFo0cejN_NwYOCyeJXFonnl23DucTkgCwTcKQH10p5NkE5LuYUUDMeTys_muLi21lQXZML9utk0rShunerH4GGQ_9iHwd9MFgnJ1xUi28cf25-62GmlLEAwqEb1qGhaHQMEeI_KBUe2OcnzVf3a56iLhDCMtJx3VeWBF5pKlRUf5k1mJ13YNcY5mdC27DxgWJbZMhT3zogclG83tzQGknRxc7yVsrSYVU73ASv6kClZYEhoo8iN1kp0y-ymMTujnLxtRlxdXYnOvEzLId6Wr7gBgZVtDIcr6m8qrGMvYfoZ2gNDWpZ9_ywR9J0vY-93XBWvUIAlDTbTTFUvAU4WxBjT-FBa1KdqdTsMYbVxq9tiSv5KlG817HvTPawBXh31FgtKKTIBpWJGV622HzxCgmc_tXIyoRH0hygZD9xok2FBWs3L7Oy2SOt18g4m7xUxXxAkkSfxBE4TdcE4ztHef5ngVrXUPJdsorHw7UGqsyvz3Bm75osH8G0V-smJJsz9TOVdNgr-tu3bIfjnuhpXUFbPqPXW-QTQzrz3ztEApu21MLQ0mF283R0uKpib6y2Xa-d5TX48VSwUILGokj40dwvXiFEonAnjz6g37uYdqfVBy4xXz1m3xnWNKAwjUQBT5o9Td8VeAj490syLwltbpbJCzIimwzaueZDvNCzuGRzape5_7nSaxX_XcrDfBGVv0sKYYS9EdUns_bw3H3nGf9vHZn2snTTbpS7CEfyIjofninXUtRoitMqZ0_yAPv_dbzo3eqL7yZPDGnkgDt80LtsyK_Ybgw-pr6DdyIVKJvhYmNj7lzzh5KS59RD2M65SadvkntaA_UwXl8Y-WYMBPBbky2qjqaGwhirVd1I4w0jNWBl50gJjoPlTTWsSthgW1dZHdddGIpVKZmoA1AYgs4FCHzNw-PcalpvNX37Uqp2Ej3fdC_ZmZ1FymzoXdhDLGrfI5TVqhxpWRR1HWiE-0oQIxKCb04PJWFDgJiZNjAePNj_WmTwHbS7V77aHOLhY-b1tkzxgpHZNipoRBAnxLHr8EMo-9fhRH-1QnoyGaN_szrUbTm2f6tbc07Aznl_tuA5i1Zpw1NRNuBguF0JU-LIbXgChnO68haNPdRWgnx3s1MwT0S821KNUTiopnTPhcqug0YQaXBb7NIrrVfUzPa4igul6pXdHRe_-kDRToAnc_dHh0Xki5f-ijDz38VZAefPOFIufcCjvPS-7WBK6UxyOG-PolG2O8EqdlRuekjYEAiF-yUsvKl_s31CeCSNcD_gQp62iAXcwG1NO3wcSsKFPebplxFRici4oC9xkLQlG1Zs9_5TpUhjYqsxYXGx15DCS59Jc4woIHQmBuudIQadb-zzvT7Gon0agSNPbhVAsVkJYF97hxWfKVWahtAeTh299JqQ2Ryp7W7X9OwQsJh0wOWQKIERwfCsB1i0j-fKTwpg-Hy1UGCJrOoZpJOVNTn0Q2JJn60mZe4a-342c2sPGGaVjxSIdb_Cvk0Q54AYP9S3iuqIvOqELGKwuQnSM8awbE6zrY2iY-TRgNMnlsgMxxeFSaldzCJyEoqd8PpSw7z_EaQ92umwK1-QRFMIeMisd6Z0tZ2s1EMnYgK7sdpVwgx4OpxpnA65dmRS78MQ3zjM4e1Mybi7of95ewzOZQm0sYRRCiT7fqPELTEFKzCTcE57cw7DxKJF91rOr7-L6elO87r4LHup09zzjgIY48Ybwu2VtGcoafZr4fEEEAn46BAk2BWHixT9WIdpHFF0o7yx5ga3GykNfTq783Ys76z1gF67TjnaiOip55FO7IsznG2gVJ6xt5XrJMt9DYwldpGnS5Dlu3OXF3wV2Vuw2Ci6yR8SstZuN0kLLLVgpdF9HxGg7YM7ynr2QbQgPHX3bfzOQpSC1fMutQD4AC4HJL0K_Wu7bhmm2uPAnl5EHCW4w8XyXg23fPZ2BQnrytd-LvsyJ7EAjAnMMHVmZNPmKA_o4Y4K2d-OF67GxeC33owuDh8yItuX3pjOGI0xTluFwFNBHMyzKP0ZNz5XHRWmItj83cIGxtkrfy7H9flWmKCHcSh88-a-qiHB_K0ey4VIJlXA9l3HxT0eKvTq9jqpRC9vcBwlIVi8h7f9mykLcokO6dra7O-d_NfUd38V-1pcIfcsIWW_PHGIy0eGbhFUp2rNaLt7yw4uPyADT7vMxM-7fXafCTXts6W1DB7ev61YLR4_dhLhZk4qNPQ2cd0BhwnWNiymOoivrO4wF3rYBwohRwVg3b5OVxHOsPR0dxUhGfnMgkx3XmwAQm7JIj7HyLWAVU7zKT1h_VD1076M0u6xFWQm0xrPhzz-t4ow9v-B84Ty7Rd7WdgzrZAIVoBe0kMdct2GntmGz2eRm_nPvOFtAV5-wn1yyYwLpsYmDTwSJyL7GR6vXEQPGe2PrjfooVNO_QK-1g8JdrZjsHiaHJ1n4AG5X8l_Ux8_3PmJ104rWUXgXMd752AMb81I1-ho-rkT66MBYqGGXq1Tomket9BOB_s9234nIQGUSDrCRB_BJE0WQ9hq95mKYT9E83ObLZDD7c80aC9MJBQ4mUgmb5A_aKotYfzbuY4KSpXym_5393VabFoenPPsbdGqAe4c8tALbwPQpu39tPAYDs8O7O5j-6yjVPxPyUkA2NUlkyIHTdY_ByCmVKYSFCaDxs3jNTJbpTN7mPC_QhSiTTMM-yUiwA8Y0MAKWV2lZkO3Yz83ohS8Zu5iuGqJiAfEo2uSEVdPhz5iXaNddpoCTbUHKjo3KuVZOt8TKhT05XCn972w432gg1LVTB8JNk3KUP8NTrX3XPAFlVW1LmIQsFJzba7chW5V2iVL0AYuFkxB16XNkhgEe2LzX95ukBKM9ucnKglDdcOUK6GrWGOencT1jDE9O1-84LWSstVInFx1QnDp6mhdSl4IS98-ChCJBkcqxKdeR5JQZ1vdiMt2RqQYaCcdrRLFIRvm99LWg3w6pg36UfaDNwSTh-_IZP8qWOtgG35Esw068c43WRulSlDMYjSdinQw0aYGQitnWKxzIum85up8cL3G-IuFd60GySxlMybsl7-rn5oKXqB8tVjvW_dgwnlw1yyNPGhOFfpRuxCbc7VFk-HL2Yg3MbwgPeKU2htWFEjG0W0dobCNn5w1ZSLZKLAGGsAjw&cid=CAASEuRopA5rDjHBkcTzvxbzbkv4dA&rfl=1%2Chttps%253A%252F%252Fstart.mybluelight.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 08:54:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135472
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 May 2022 08:54:03 GMT
usync.html
eus.rubiconproject.com/ Frame 017A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1YNN
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://start.mybluelight.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KODGSARX-1P-HT35; rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhKa2tlDdRUZWfOQpwq4GTUmvoSMPya9WQi+HKKRWt2jyoYTD2eUmnUkmtBwX7pFAFiVc1oEdlOpbhEgInzG7GXfkKU6uTSg==; ses2=; vis2=249838^1; audit=1|SDziDG3X/EiulfpjJ7/Jo9Q7TXX4J0ieDA8BD3aHVXEH+wIHYJ6ZG9Ebe6+nkS4vau3Jh06DKZPAUJ+gL7gixSOvFoGJkvB3G7JtXJVTTK0=; ses15=249838^1; vis15=249838^1; ses9=; vis9=249838^1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://start.mybluelight.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 06 May 2021 22:31:58 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4E74 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: static.uolcontent.com
URL: https://static.uolcontent.com/js_api/as-3.1.6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://start.mybluelight.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://start.mybluelight.com/

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=89905
Expires
Fri, 07 May 2021 23:30:20 GMT
Date
Thu, 06 May 2021 22:31:55 GMT
Connection
keep-alive
Vary
Accept-Encoding
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210504/r20110914/ Frame FEE4 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210504/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D9XuN2GFxkXoBDdTvTF-Ig_OvGZtAKuWifgahbueEuzPbs2xzjXOn_iwj2AO64-b7zZ2b8GBtmJEuplZ81q-DWblwCZ1GLXGDKIIoHRFzQDzbkj2IoUQq6yvJkqjGIcra2G6viPAlVLfZyu1KqXx5ZnUs73Q&cry=1&dbm_d=AKAmf-AseQZJ-9QGjknLZ14WyLyYbq40TghuzyUonSp06CdY__TiPsBDWAxZkxDFw5abyGoUnxCQMnQIVJ4yV_dfxGahBljqKmQYRZukYPgdsMOIccLOs5MbfKASovn-vfdtoXDZGxhQJ-f6gwOI79K_asV8KTs-ymlEqRKh0pRndyk6IykrWFy7EpYnskTPFwzTM9j_nWtI70s7Z6bKWBG7fJyoR8g1xZ_BZpleIiITRMP5iBXzp8_z4D9NR_-Km3PRibF9i-OL2uIbMIEDJr0sbrH-xw3YcImzZhy-in1XtMmUtF2Ny63R47BFXnzprdriCT0i1ynVuDEUGAIaZuHg4lxAiGshqTxW0NkDtiSuhteTthBKcFGRBirogxGXgApWufMmmYcWR33Onbt9dx-eLVXwu-XyiPTuIU-ms-X8PWPxmRJEgc0_OJ4jl3I7OuNnNQD5r3CHBWijr-yd2FQA_z_kJS9-lwjlrAZI5oKi0Kx4gxk6lc77kqYwz6djjSfs9KhTh4qyNsefegJxcf2Gt594IwGaqQ3ECD-t9RcmrK0z7kdNQTwF494JEHPF78gdmTzqTqpljIuFOiU83X1gjKnGiD_6U5fwilWLbKEtyP5pq_auMpcoqR_rDMhtPQQ4Q3X801rjhyxbXD_9JS2Jf5WfcHissFsRt11q_cpuqybE3qcYnRPF3RrXcA_xPBuMHbwUvIIg5FcVywiC-iC8WGe7etVt_HPYLAVqjVneL4OOXE3MlAg7P_DY9GdrRvjiXfX7Z60XaO2lZ6UHuOS0noLD59DZRT0ejzXVuaP3F5m32E8A_I72JRGwYZwYEyeXV2qwa369If7gZje0X4HxtqsMBhc76BUqUxSjoqzqxkyaDKwLxZHgU28wotsHLsXpuckX5EIs5TS5lg7Z9t2nFU0-Rw7Md7KntwYP29TYyssVbEjCl8OCLQHSIcNm9hrqOgx9zQRTmDk8DoibMVBne7daNKwh2PvYPV5zlhnlqQYYbPLPrj2m86GrFeT9leSxx3-NB64AfngOg9DcU2A8XQ6ViAs51Sa71fRxaxCgNs7I4e8LaCKgca_mhNYyYHu07TyN_Dmbh8gK54htoyNatO2Ln4xri64ZCNuB-24fXa-BH7tzzyHZ8_g2DOpLM-ldYXzIQ_LnIzFcna5TYGYKpbH7jSr_Ichd1_RNZtmQEMUwABOu6lnXIKZGw6g-sIXu2pNB5J9WtvkhLQIx6idcIUEZl8OOz7OLy2o_YnrIRt7fEd9BVB8IqotS0lVWDuZvPXSOoqO717x1ATm6ncOWwJvBHuGnugsb7b1PEl3jz_7p3yZZmxpWPSGfrG0Px1M1vSydRGNHWtshjg_gHjG3v_ntfVXX6Di45lPDdDqOGv0M1k_uMqAh_SsECdL6XXam2KwdWGmlQT0Hh8w4vrMNj1szR7rLie-br1RZOboa5GUfh7ZKHdgiSuGX5oeNUoxqeUokH_H9UgNEHYhGvNq_JqpspRBencPdhEDML4-ud9Ii3VT77K5keKEshypsK2kUEuSJo7GNlrBVHEsNnKdPgiJ45CMX80cJzdTEG-Ql8qFR9eyw--GLzakb6jDR0Bm_-qNKf6oYb8XwhgQ9gk_3O0B5GaL0sluwbi8-FhIYLw2YBuwr8O3WY29tz3WGQRgSJEs3EOtQmdhLig4zT68lvRMJby6QoFnwzODp0zA1CR-v9X9x7lqmHOsE6k7IULxXjIc_JOgGfIHZLH9eYnSKnkA8_GHyHU6j1q8MAPvRmpoJYj9NwuH9s04cAn7GQ8e_QOC4KF1o7yFSPmu-6reVGFyky3NUKMIWPcWqWvvHkvWSDu63qshlpOvvC8Bonf1650ctUA4S2wWe9grV5K2Y-CaG9AdvvtAbDRHmsGiBcvB3zrsOIicJ8Vz-Jd83jJPFWrdGRSHMi1S1jHqMnmnCqlFx1jWjEbb86kwnMDQo_0j2B5QneTb_-6zDomiBVVWuNShekfaSdN1ah9V7EVbyCwo7-YGlWllZntzXhIUHI8RN5h6LjozRix1LTPe9v6zPGdRe3wvSpQMSINUNQPEMkX_MXjSETDSVb7sZ0J28lpua7FcbaGmAQmrtALJJmqhPMFnb-DbOS-9Q14MLxXfoqgyRm8e6vtixsW6_qj2ApfSZj1QlJ7pM_kUZRobn_5KP_fywJXlY3jYdK6DEcyLCWuHOV4heWEX4oDUoM8ycT0rywCd7LDRBgoqnAkRhSRe3f4p2oTByylc0TmTWhRisxAxpFOrcfjfvPf8wofsxLMjIk1pHjM-de_bsLfQ6pg9EzETZXzEso3uTc61X2BdaC3AGnAHMNJJubuNEGvg2STEXwxHLgHFAJZZ9KGPbB0IfLU9UIGZjVbJCT_FhHKHpVqkniZ2yfLdVBJk3-wdP2P1flv0EnVPVPZFDl3JrplWK120v25s1vwVtG7E3ZkPCcdTx2jT4My9VrZsNAGv4la4k9sOAr3v1ntqRsRV025iqYojYj3q-gjgQAgXL3LEeUlGtSqqNGb-WOqlG4XYe1KMk1No4OLsRJVzxcBaK4-g-2orEV-K9_3gQpJb0Pw8qE2b20vcAJh195VRAk6GnSzn-nlAWXAJ-O08aakud768Lpqdpqthw0VlIBOCR7uog6FoIW9gOimnwR7LgekIhH9GT3P4Tsrt7qy0TAkhNjpcdsYX9GkUil7T_YZOVAMk6wiyuFUy44I95WouJ3pyk2IwSlp4hXutReuuNE4_VB85tDNaZmNPnP0AsKJVjdSMb88wcRsONAbdnAyxeskt0l0l7AZK7fFILRl4DfFkdIOZaXe-5MVoomkkGkIKM-V5sWD1_CtsIUozmtw-FC-5-B3eMxeAd0txWtCHPQLveKVn-tMZbsLbTR5tGCguYTejVJaMH1CoB3T4WOswC8wzOK3gqtQPhdo8XsPmTW8koKN8TOL4f5jVCEzNlt81v_nxrsUubtSDOGNkJSuPIWnBNL9X_I5n-IcLZ4rnVAvFPFQ8FUHj_PepOyMVbQnuJjKpIDSOljvC7N78GU-eTbwWePRWkxJugNmevvTCxXyyaWxGP1SzS1Zq8fdT6krNYFGLT2cMwgaIDvTpnEDXjJwk-IhKoHjZUeqHMySwek5Ck3iS_GO8L76iuQIDBw944ivPo2NMRNMDNLqEsUBKS8Yk7yPqO_VTjVlJTniH34bSmcyuGuODFauaSTV6JOf-A92D3puR2ogJXsXq2gD8kLxtM2aVQN5Leofn6f8bpzsT1jVPlPjc4oa2yD2aZ7pvHfOBPkqQV6dMP0wuJY-uAzjIAhhYANo4VYfzuG72Xnpa36z9AU5hu4gA7wqaQSoDrHd9hqJw5uxHVOc8SJxskrHyG1Bn3fuup5UAjMj2XIReIFjddj9Vywh3SQ4VnmHFnPryqCIodgl-6dkCQEkyU0Iqj9zjS_VOiLpznSznsQb9ByT3JtGNujn405sXyB0oJZ_rIlT58wD2nQrN1Fkb5Sw0YHnBeR7e2BZkgFuasN7gQq48gM5yX89Pe&cid=CAASEuRoyNDecGgnwBI669VZLQBo2Q&rfl=1%2Chttps%253A%252F%252Fstart.mybluelight.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea4adc7bca7ea4343c5a9c3d146970155a149f41fc70f47cf0977860d76e9d85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:13:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1129
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8627
x-xss-protection
0
server
cafe
etag
16525714399072181746
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 20 May 2021 22:13:06 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FEE4 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D9XuN2GFxkXoBDdTvTF-Ig_OvGZtAKuWifgahbueEuzPbs2xzjXOn_iwj2AO64-b7zZ2b8GBtmJEuplZ81q-DWblwCZ1GLXGDKIIoHRFzQDzbkj2IoUQq6yvJkqjGIcra2G6viPAlVLfZyu1KqXx5ZnUs73Q&cry=1&dbm_d=AKAmf-AseQZJ-9QGjknLZ14WyLyYbq40TghuzyUonSp06CdY__TiPsBDWAxZkxDFw5abyGoUnxCQMnQIVJ4yV_dfxGahBljqKmQYRZukYPgdsMOIccLOs5MbfKASovn-vfdtoXDZGxhQJ-f6gwOI79K_asV8KTs-ymlEqRKh0pRndyk6IykrWFy7EpYnskTPFwzTM9j_nWtI70s7Z6bKWBG7fJyoR8g1xZ_BZpleIiITRMP5iBXzp8_z4D9NR_-Km3PRibF9i-OL2uIbMIEDJr0sbrH-xw3YcImzZhy-in1XtMmUtF2Ny63R47BFXnzprdriCT0i1ynVuDEUGAIaZuHg4lxAiGshqTxW0NkDtiSuhteTthBKcFGRBirogxGXgApWufMmmYcWR33Onbt9dx-eLVXwu-XyiPTuIU-ms-X8PWPxmRJEgc0_OJ4jl3I7OuNnNQD5r3CHBWijr-yd2FQA_z_kJS9-lwjlrAZI5oKi0Kx4gxk6lc77kqYwz6djjSfs9KhTh4qyNsefegJxcf2Gt594IwGaqQ3ECD-t9RcmrK0z7kdNQTwF494JEHPF78gdmTzqTqpljIuFOiU83X1gjKnGiD_6U5fwilWLbKEtyP5pq_auMpcoqR_rDMhtPQQ4Q3X801rjhyxbXD_9JS2Jf5WfcHissFsRt11q_cpuqybE3qcYnRPF3RrXcA_xPBuMHbwUvIIg5FcVywiC-iC8WGe7etVt_HPYLAVqjVneL4OOXE3MlAg7P_DY9GdrRvjiXfX7Z60XaO2lZ6UHuOS0noLD59DZRT0ejzXVuaP3F5m32E8A_I72JRGwYZwYEyeXV2qwa369If7gZje0X4HxtqsMBhc76BUqUxSjoqzqxkyaDKwLxZHgU28wotsHLsXpuckX5EIs5TS5lg7Z9t2nFU0-Rw7Md7KntwYP29TYyssVbEjCl8OCLQHSIcNm9hrqOgx9zQRTmDk8DoibMVBne7daNKwh2PvYPV5zlhnlqQYYbPLPrj2m86GrFeT9leSxx3-NB64AfngOg9DcU2A8XQ6ViAs51Sa71fRxaxCgNs7I4e8LaCKgca_mhNYyYHu07TyN_Dmbh8gK54htoyNatO2Ln4xri64ZCNuB-24fXa-BH7tzzyHZ8_g2DOpLM-ldYXzIQ_LnIzFcna5TYGYKpbH7jSr_Ichd1_RNZtmQEMUwABOu6lnXIKZGw6g-sIXu2pNB5J9WtvkhLQIx6idcIUEZl8OOz7OLy2o_YnrIRt7fEd9BVB8IqotS0lVWDuZvPXSOoqO717x1ATm6ncOWwJvBHuGnugsb7b1PEl3jz_7p3yZZmxpWPSGfrG0Px1M1vSydRGNHWtshjg_gHjG3v_ntfVXX6Di45lPDdDqOGv0M1k_uMqAh_SsECdL6XXam2KwdWGmlQT0Hh8w4vrMNj1szR7rLie-br1RZOboa5GUfh7ZKHdgiSuGX5oeNUoxqeUokH_H9UgNEHYhGvNq_JqpspRBencPdhEDML4-ud9Ii3VT77K5keKEshypsK2kUEuSJo7GNlrBVHEsNnKdPgiJ45CMX80cJzdTEG-Ql8qFR9eyw--GLzakb6jDR0Bm_-qNKf6oYb8XwhgQ9gk_3O0B5GaL0sluwbi8-FhIYLw2YBuwr8O3WY29tz3WGQRgSJEs3EOtQmdhLig4zT68lvRMJby6QoFnwzODp0zA1CR-v9X9x7lqmHOsE6k7IULxXjIc_JOgGfIHZLH9eYnSKnkA8_GHyHU6j1q8MAPvRmpoJYj9NwuH9s04cAn7GQ8e_QOC4KF1o7yFSPmu-6reVGFyky3NUKMIWPcWqWvvHkvWSDu63qshlpOvvC8Bonf1650ctUA4S2wWe9grV5K2Y-CaG9AdvvtAbDRHmsGiBcvB3zrsOIicJ8Vz-Jd83jJPFWrdGRSHMi1S1jHqMnmnCqlFx1jWjEbb86kwnMDQo_0j2B5QneTb_-6zDomiBVVWuNShekfaSdN1ah9V7EVbyCwo7-YGlWllZntzXhIUHI8RN5h6LjozRix1LTPe9v6zPGdRe3wvSpQMSINUNQPEMkX_MXjSETDSVb7sZ0J28lpua7FcbaGmAQmrtALJJmqhPMFnb-DbOS-9Q14MLxXfoqgyRm8e6vtixsW6_qj2ApfSZj1QlJ7pM_kUZRobn_5KP_fywJXlY3jYdK6DEcyLCWuHOV4heWEX4oDUoM8ycT0rywCd7LDRBgoqnAkRhSRe3f4p2oTByylc0TmTWhRisxAxpFOrcfjfvPf8wofsxLMjIk1pHjM-de_bsLfQ6pg9EzETZXzEso3uTc61X2BdaC3AGnAHMNJJubuNEGvg2STEXwxHLgHFAJZZ9KGPbB0IfLU9UIGZjVbJCT_FhHKHpVqkniZ2yfLdVBJk3-wdP2P1flv0EnVPVPZFDl3JrplWK120v25s1vwVtG7E3ZkPCcdTx2jT4My9VrZsNAGv4la4k9sOAr3v1ntqRsRV025iqYojYj3q-gjgQAgXL3LEeUlGtSqqNGb-WOqlG4XYe1KMk1No4OLsRJVzxcBaK4-g-2orEV-K9_3gQpJb0Pw8qE2b20vcAJh195VRAk6GnSzn-nlAWXAJ-O08aakud768Lpqdpqthw0VlIBOCR7uog6FoIW9gOimnwR7LgekIhH9GT3P4Tsrt7qy0TAkhNjpcdsYX9GkUil7T_YZOVAMk6wiyuFUy44I95WouJ3pyk2IwSlp4hXutReuuNE4_VB85tDNaZmNPnP0AsKJVjdSMb88wcRsONAbdnAyxeskt0l0l7AZK7fFILRl4DfFkdIOZaXe-5MVoomkkGkIKM-V5sWD1_CtsIUozmtw-FC-5-B3eMxeAd0txWtCHPQLveKVn-tMZbsLbTR5tGCguYTejVJaMH1CoB3T4WOswC8wzOK3gqtQPhdo8XsPmTW8koKN8TOL4f5jVCEzNlt81v_nxrsUubtSDOGNkJSuPIWnBNL9X_I5n-IcLZ4rnVAvFPFQ8FUHj_PepOyMVbQnuJjKpIDSOljvC7N78GU-eTbwWePRWkxJugNmevvTCxXyyaWxGP1SzS1Zq8fdT6krNYFGLT2cMwgaIDvTpnEDXjJwk-IhKoHjZUeqHMySwek5Ck3iS_GO8L76iuQIDBw944ivPo2NMRNMDNLqEsUBKS8Yk7yPqO_VTjVlJTniH34bSmcyuGuODFauaSTV6JOf-A92D3puR2ogJXsXq2gD8kLxtM2aVQN5Leofn6f8bpzsT1jVPlPjc4oa2yD2aZ7pvHfOBPkqQV6dMP0wuJY-uAzjIAhhYANo4VYfzuG72Xnpa36z9AU5hu4gA7wqaQSoDrHd9hqJw5uxHVOc8SJxskrHyG1Bn3fuup5UAjMj2XIReIFjddj9Vywh3SQ4VnmHFnPryqCIodgl-6dkCQEkyU0Iqj9zjS_VOiLpznSznsQb9ByT3JtGNujn405sXyB0oJZ_rIlT58wD2nQrN1Fkb5Sw0YHnBeR7e2BZkgFuasN7gQq48gM5yX89Pe&cid=CAASEuRoyNDecGgnwBI669VZLQBo2Q&rfl=1%2Chttps%253A%252F%252Fstart.mybluelight.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 08:54:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135472
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 May 2022 08:54:03 GMT
pixel
cm.g.doubleclick.net/ Frame D693
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMJyj7MzyqFrfhhI3Y0-SEo&google_cver=1&google_push=AQvitUK2G0toPXfq6RhdX9u0cUA_ZByyzI5QVWWa9mJwscZiK-9WTk_7_1...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUK2G0toPXfq6RhdX9u0cUA_ZByyzI5QVWWa9mJwscZiK-9WTk_7_1fo_7IelDheCxwEdKKh3163A6z3p0JWQq06SMmZmw&google_hm=L2MXPv8Q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUK2G0toPXfq6RhdX9u0cUA_ZByyzI5QVWWa9mJwscZiK-9WTk_7_1fo_7IelDheCxwEdKKh3163A6z3p0JWQq06SMmZmw&google_hm=L2MXPv8Q3y8AaJyG0ZTfMw
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUK2G0toPXfq6RhdX9u0cUA_ZByyzI5QVWWa9mJwscZiK-9WTk_7_1fo_7IelDheCxwEdKKh3163A6z3p0JWQq06SMmZmw&google_hm=L2MXPv8Q3y8AaJyG0ZTfMw
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D693
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEBFbeyXhXcE0k0ygwhX8nUw&google_cver=1&google_push=AQvitUKm1zF9pC_sftsfwIwPMsQY_OG5ebFWNHmEQzZ64_uAkz13FSw3ZtDWgxBXqIdxV7966ODFdVHSXyf...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AQvitUKm1zF9pC_sftsfwIwPMsQY_OG5ebFWNHmEQzZ64_uAkz13FSw3ZtDWgxBXqIdxV7966ODFdVHSXyf5snMFNCUu9nONL5k
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AQvitUKm1zF9pC_sftsfwIwPMsQY_OG5ebFWNHmEQzZ64_uAkz13FSw3ZtDWgxBXqIdxV7966ODFdVHSXyf5snMFNCUu9nONL5k
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AQvitUKm1zF9pC_sftsfwIwPMsQY_OG5ebFWNHmEQzZ64_uAkz13FSw3ZtDWgxBXqIdxV7966ODFdVHSXyf5snMFNCUu9nONL5k
Date
Thu, 06 May 2021 22:31:58 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame D693
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF6X8Ig1r1SJEjQNA1m-gTY&google_cver=1&google_push=AQvitUIfRj8sKbBpBG8Tvypt4pGpFtaMBGefRG7ptjJpijLEz2NWh-YfK7R7l79nmwKNEccqNaMaRFRT...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIzMjI0Mjg0NDc2MDgyNTMwNQ&google_push=AQvitUIfRj8sKbBpBG8Tvypt4pGpFtaMBGefRG7ptjJpijLEz2NWh-YfK7R7l79nmwKNEccqNaMaRF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIzMjI0Mjg0NDc2MDgyNTMwNQ&google_push=AQvitUIfRj8sKbBpBG8Tvypt4pGpFtaMBGefRG7ptjJpijLEz2NWh-YfK7R7l79nmwKNEccqNaMaRFRTDY4qqN8A_ttx_fkrhtM
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIzMjI0Mjg0NDc2MDgyNTMwNQ&google_push=AQvitUIfRj8sKbBpBG8Tvypt4pGpFtaMBGefRG7ptjJpijLEz2NWh-YfK7R7l79nmwKNEccqNaMaRFRTDY4qqN8A_ttx_fkrhtM
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame D693
Redirect Chain
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEM2CTAjyxc1x-S6m2jTVVAY&google_cver=1&google_push=AQvitUIcX0n7YKjqg1mD_zD6jSnBipC7Xn0brDXeho-qCMgyZqQHIhQHvkPyUTWo2AZ_V...
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AQvitUIcX0n7YKjqg1mD_zD6jSnBipC7Xn0brDXeho-qCMgyZqQHIhQHvkPyUTWo2AZ_Va6vS5qdmREyPqj3DP7dA2tU-LmsaXM&google_hm=QXRhdWJtZWxrNWxYbDBvU1dXX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AQvitUIcX0n7YKjqg1mD_zD6jSnBipC7Xn0brDXeho-qCMgyZqQHIhQHvkPyUTWo2AZ_Va6vS5qdmREyPqj3DP7dA2tU-LmsaXM&google_hm=QXRhdWJtZWxrNWxYbDBvU1dXX1RHNHc=
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AQvitUIcX0n7YKjqg1mD_zD6jSnBipC7Xn0brDXeho-qCMgyZqQHIhQHvkPyUTWo2AZ_Va6vS5qdmREyPqj3DP7dA2tU-LmsaXM&google_hm=QXRhdWJtZWxrNWxYbDBvU1dXX1RHNHc=
Date
Thu, 06 May 2021 22:31:58 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
pixel
cm.g.doubleclick.net/ Frame D693
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEE9sfYnE2PVsE8N53GKM0zk&google_cver=1&google_push=AQvitULJC3CHV9PTTpVpjdXIpMJPJ3hA7c-PJbupLklMJ7coNx9_99ycBsKe3pDleS1SQn0P8-tilu4Kj6k3i...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEE9sfYnE2PVsE8N53GKM0zk&google_push=AQvitULJC3CHV9PTTpVpjdXIpMJPJ3hA7c-PJbupLklMJ7coNx9_99ycBsKe3pDleS1SQn0P8-tilu4Kj6k3i...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AQvitULJC3CHV9PTTpVpjdXIpMJPJ3hA7c-PJbupLklMJ7coNx9_99ycBsKe3pDleS1SQn0P8-tilu4Kj6k3i9KjCIk461QzTA&google_hm=NF8yXzhWQ042bEtnaUctTz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AQvitULJC3CHV9PTTpVpjdXIpMJPJ3hA7c-PJbupLklMJ7coNx9_99ycBsKe3pDleS1SQn0P8-tilu4Kj6k3i9KjCIk461QzTA&google_hm=NF8yXzhWQ042bEtnaUctTzEtREs=
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:58 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AQvitULJC3CHV9PTTpVpjdXIpMJPJ3hA7c-PJbupLklMJ7coNx9_99ycBsKe3pDleS1SQn0P8-tilu4Kj6k3i9KjCIk461QzTA&google_hm=NF8yXzhWQ042bEtnaUctTzEtREs=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
234
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D693
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEG0Z1JNwo2w3xAkVAk6qiqI&google_cver=1&google_push=AQvitUJt-Wf1IX_O_DFz369E6YjY7DWFef9N43OVkodu3ftE-OJo51guz0Y-1wgY2dEh9VBfmnnddbIxHbO8BQXn...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=44601a8f367ae8378395&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUJt-Wf1IX_O_DFz369E6YjY7DWFef9N...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=44601a8f367ae8378395&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUJt-Wf1IX_O_DFz369E6YjY7DWFef9N43OVkodu3ftE-OJo51guz0Y-1wgY2dEh9VBfmnnddbIxHbO8BQXnnpEoqdxNPHY
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 06 May 2021 22:31:58 GMT
via
1.1 4ce5e5162c2d4fc9022ceb290f794ffe.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=44601a8f367ae8378395&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUJt-Wf1IX_O_DFz369E6YjY7DWFef9N43OVkodu3ftE-OJo51guz0Y-1wgY2dEh9VBfmnnddbIxHbO8BQXnnpEoqdxNPHY
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
FxcfKHCKtr9GUAR9lwiBMGzXTPGnUKuGK9Za7kkZYZM9smHk1pbifQ==
pixel
cm.g.doubleclick.net/ Frame D693
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEBYY8hhxWfTCos8mSCxmCjs&google_cver=1&google_push=AQvitUJqyH-sMC5BNndguuIchfEr5z8nGCxlZcAXpZnZqJe8tOQk2AiQYiueuvFVzXFHVAjr0QJFoOBs8lDc0GN5CDF8DFO...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUJqyH-sMC5BNndguuIchfEr5z8nGCxlZcAXpZnZqJe8tOQk2AiQYiueuvFVzXFHVAjr0QJFoOBs8lDc0GN5CDF8DFOb5IE1&google_hm=MjA0MDA4Nzk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUJqyH-sMC5BNndguuIchfEr5z8nGCxlZcAXpZnZqJe8tOQk2AiQYiueuvFVzXFHVAjr0QJFoOBs8lDc0GN5CDF8DFOb5IE1&google_hm=MjA0MDA4NzkxODUxMTE0MzU5Nw==
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUJqyH-sMC5BNndguuIchfEr5z8nGCxlZcAXpZnZqJe8tOQk2AiQYiueuvFVzXFHVAjr0QJFoOBs8lDc0GN5CDF8DFOb5IE1&google_hm=MjA0MDA4NzkxODUxMTE0MzU5Nw==
Date
Thu, 06 May 2021 22:31:55 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
attr
cm.g.doubleclick.net/pixel/ Frame D693 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JcXrZOu2-RaxBODqbjwiXdIfOSjVk0oUsrD87hduUemb0z6RNrIb0P5ZFG6CLWy7WK6pboPg
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210504/r20110914/ Frame E105 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210504/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CgSFWAk6x3TtlX2WnT9SP6UAjVK600qyUDkHhFAJTrv9ymLY_-GZXC614TZCSRB4whkNZYbwCrZQxFsRydUVLwfNM_sCJbb5F8JGmCezHOv2RMEGoebupCCNpdGOjhH0zlU7kJEb5O6mkB793S2u0YViH6gQ&cry=1&dbm_d=AKAmf-Avfp6TJMnPafg8c8bsjw05pyj7Z1bFjgctb5nYHuPuGnlK5loVFSag5VJYRlpMZPXGjtSVHZHoWY0pSHMiPFE3nPD42uZlHlztz-aMMhQTEvuv1Ij940hdyqLPhApxtZjajXC04DCdtxDY2zzOGHQcVNBtGogIVLGPPTiMONW8Zm86-D7WiuqGAGBx6O07CNaclK19Fx20EA-yphdkNXORw34kwPVU4ZyBeLGBeUpfvDy5kLwb0unJ0RV_xaOOLhyHek-4JcGz9GE2aouTCa922IRKh3bVw5ywaPczoxqxYCv24IcflZSaZDsyg1W_y5FE6O0Vq-dCKXSyjLTxlnXz6PUSHlhNfqDh2L8YdktNi5Qb1ZvR6TzMeEgghfkvqPtrS4lKhYkg15eHI4heHjBYHuXNkGfx7xz_GpPSsdfgw-ax6ZOeFJoEjgY2MCepVq4Fl1I3h9Di6GBdSR-okLlZv7JGx17P43BQDnKuxiafKNM1bAeJHoOD6jvTglQMqh1YNux5VahUtiRy7cuQ-7fzAArtBMuJXDiK415j-0aHI1Nw5kS0V6W785XfRdq35rWTskoVAYngzQXfRY0lWKUdcSkHNgRbdFn5_GrSUCcAMFcUMwJ2aYGem4ntkmEdx0P5g94_Nglp4Yc5WHUsRTgu3YHKZXOdFn38WZY1iTnepVgwfk-qV4dYYmbPvEweUf27EI-8XZffI0ZJJ1J7KpTmMs90iHp6ozT5q0gnlCGQr4m_RDnz8QNJGp0yyMOfAFamw9RmYPjQQPyizjZNiRBMY9Fm8ia0FNBsUYvd0cEIdX23gj1fPs41SIpmpSDpn0XPRlhxrDUr1nxo0uQXB22wKV5fflgawqy8kc-I3pcTW4frFgYXpW40o89Er_HUSLYthPNfEnBwrlDvCOsM37tZAo4NVmRPLIay5L_BZ8VzWSN5xBC3l3RbZ2peHt_ejWze7D5NjFrbQ1FVJ0ovwAv81tdubcwGT7IYEjXfDdTQT5ZIMwvmbkzC2xHGCOrOurRNO0oYtHGdp-QYVV1HVZFSfw2YoObRuV6ruB6oxYzSQGxlMgvehFG9SOXtN61e4C-pem-JiX4w314QZsklms7dyCYROI6X4FyjwMnvLCUuxGCKcDqdg-Fkm0UjaJauRYtF9KNGiNlcCxlpad__Qjc_7pMwVSituG34rTQAXeLqItnVWMWOMe_sALsHRRfZW15xZ-qnYqxGy8VsJCJOHizdOh8aJV1uWvFiD06OLkTIrqBFpJGYs5x9SRnmeef1c_6GrWkNgEDxjgMmjKDBy1uxK1ycG8uxLZa-lRwHOksO7xZLfCrQF-V2xY2P3Ux7zO0Yqo3CfeyKdV3U4iaSEibpcPibECqKQ9xocrQHjoXB6X7-vVF8dLuHL5W1h_Xtl9PDYUsoxvnwtG0GmqaTYoo6cTV7HD6jpHW9UT-ZpCeMlFEJXvZW6zq4_iF7jIn_HXOO8GuprCInQjNEKP3VcVHhoYW24y-mH2wWbn8tfDUnKcMPZc-j34E6_Yh9tNRaauK0IIbnOvPkFmCbBlNOvy6SqoCM3pvymh13D1WJujG0jvdqogTmw0xtW2O3FpBp9KJqP2QStsxuQNqWDsTYwN208Q8qfykm0Sgun8MXVvDkYu51PpmTKiVhQvrElgPFMqoIHtM9FbHas0DLlBrvRjZsJy10cMFmMPcv3LgG-YxZLwtOjFUc1xUvRk-rdaPOHXZCUPZ8cxcoa4JdYmsZHgYXcguVKiTAdP44Sv-BcHqHeoQ9tqKwyGdJmEpUL3NG_ynTzb6WY03coi6P-gfJdkGsocPonlLXb6xNG_wBn5D3Jq95F2KKZB4pCsrtheGyVkUFXUYJN900lZfaNEsbTfgWw592CiZrn2WSqw1uPogNCYjmIKRrukpGrVNoHZQM5tqo8pir6LjjRhlTJdEWEvDkyo8ZjrVt2Jl88i6fJDqyTpZUvjQpU31ZuKRUgKuMl_OWjS_JIRCzhrOAObfgtV-3uA8Dl7xyBEXHs0NGj_0Bn6jh0UKbmfXuwaE3FDGRJODPV3ldWKamEZRLxmvd1hJVNz0XjYQ-Z8SXdzL_cQlEbJarbFOmJKGd3XiT0W_a3IGZuaHHajMMI2-HREL5383adG408t-IDuuEP6-MktrHh-xI96Hk4OLoVeTtvVHb8m4AJdMrL6taMDHdiXjKQ3-j2a1qiixq86xyS4M7VRv4QEVOJ5ZO8xZd3LBq7Ao9osxDgvM8__xeV99JzXT-z4OKIvB18sAOK6GCMAk5e3Ue7VbcbFMO_mLT1oW_aEpCAApFIPogjSCJ8fATkJcUGo7Ej6HLQTBElVrC-OuwlAUmn3OE0YyBOMP3Bi9DwmAuxlHEDzefzOrwhepBDBU6Ml8HDtg7mlTG06NNg29IIB7OiI34JJG7kDhxiRhU-ycCTu0yA3P9BWKUgqCmV-dbwI02zBH0T-VXQTDWfYur-r-Lfn5vmiD_VgMlCzHvLt1Y3DOCwyTbodRefn1noWa6TNU9nshtv2sMLSfzrUfLCvkrqMuD_87NE3qidyqPqMTre-i9H0nqAL6yTtpMMRA8PuyPWVyipMd8hYShd_MgWru_qFSXfqpccYuSC8rHI67aI3VdUK27H9aQ6gF0raifjPx-3tszlQPkTWSRS3sKDTJYr_ljCaBJ__aHk52u1ZmVOXr_BTcueUjCvywUrR5yy6pChE0MAiYHXKSGJnZYSeT5pKmbJf-6J4797qmOM97onvnvYJeANiISrmyDStqlyBTMTWMYdpXXZeN7labOTz-_w85NX8iBRgUPda2rUOfgf9B2v3wxyFDj01uWmV8vevVuK1lYNoE9ZIhCqoo30Vy12bDsjtKDq-DDe-Ynna24QrLyUCRdUKghHE24VVWx07VxL9Ol94upOVjKP52tq-s7pjbDTX7DrDwU_vIn1iAhdJYSTE2yasJkZnzLXyjnGm9Qfqot_FYlBZzl0dvV4QC9tIXy1rt1-UZRzNYAUfSuz7At44NQ-NpHCEuhDWwyZEo4h7ZFk2Vk2tL0HITPzBVxXYcAVNz3UbnM5Yrm-csDcHvuAES6CGsLUgGw7RjuFIxDsvUyJLiT9iJBT1YZvQKP_lEW6rB7U3nNn_iJx9HmZOoekNNkBCwyhZEGpN0pciJr1UFfOYQFYeEJBSwI0dJ2m31luCvgDycElD8As75riuDYe28ptGna9FrtjFf7-UsYZHjouG2xw4HbwzOI_Agm8uL60WUwP0qr9TvneLLmOP4Uw2q1zdGRzZ8t4rV1eDpHsPT_27b5F9U0RNmlqF9hmabEHiEYaAt_Ul673b4NJ6iVgXwgnC2DG-8100fgmy3h3cCQucCJpE1nsJmBKdGhiZEAHPTM0vtycwjJppVTFoFP437UhMEWG8zh5mz1kN9gDbqGttj0fLzFz_W2DBQ5gSMiTtX0iOXekoPtsWI3UBHM7dIdAsYyT059HRYsp2n96A9HYTI_w4lxTKdM8Jt9sq8Umbw&cid=CAASEuRo2B42yRIHYTnql7LZDFeweA&rfl=1%2Chttps%253A%252F%252Fstart.mybluelight.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea4adc7bca7ea4343c5a9c3d146970155a149f41fc70f47cf0977860d76e9d85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:13:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1129
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8627
x-xss-protection
0
server
cafe
etag
16525714399072181746
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 20 May 2021 22:13:06 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E105 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CgSFWAk6x3TtlX2WnT9SP6UAjVK600qyUDkHhFAJTrv9ymLY_-GZXC614TZCSRB4whkNZYbwCrZQxFsRydUVLwfNM_sCJbb5F8JGmCezHOv2RMEGoebupCCNpdGOjhH0zlU7kJEb5O6mkB793S2u0YViH6gQ&cry=1&dbm_d=AKAmf-Avfp6TJMnPafg8c8bsjw05pyj7Z1bFjgctb5nYHuPuGnlK5loVFSag5VJYRlpMZPXGjtSVHZHoWY0pSHMiPFE3nPD42uZlHlztz-aMMhQTEvuv1Ij940hdyqLPhApxtZjajXC04DCdtxDY2zzOGHQcVNBtGogIVLGPPTiMONW8Zm86-D7WiuqGAGBx6O07CNaclK19Fx20EA-yphdkNXORw34kwPVU4ZyBeLGBeUpfvDy5kLwb0unJ0RV_xaOOLhyHek-4JcGz9GE2aouTCa922IRKh3bVw5ywaPczoxqxYCv24IcflZSaZDsyg1W_y5FE6O0Vq-dCKXSyjLTxlnXz6PUSHlhNfqDh2L8YdktNi5Qb1ZvR6TzMeEgghfkvqPtrS4lKhYkg15eHI4heHjBYHuXNkGfx7xz_GpPSsdfgw-ax6ZOeFJoEjgY2MCepVq4Fl1I3h9Di6GBdSR-okLlZv7JGx17P43BQDnKuxiafKNM1bAeJHoOD6jvTglQMqh1YNux5VahUtiRy7cuQ-7fzAArtBMuJXDiK415j-0aHI1Nw5kS0V6W785XfRdq35rWTskoVAYngzQXfRY0lWKUdcSkHNgRbdFn5_GrSUCcAMFcUMwJ2aYGem4ntkmEdx0P5g94_Nglp4Yc5WHUsRTgu3YHKZXOdFn38WZY1iTnepVgwfk-qV4dYYmbPvEweUf27EI-8XZffI0ZJJ1J7KpTmMs90iHp6ozT5q0gnlCGQr4m_RDnz8QNJGp0yyMOfAFamw9RmYPjQQPyizjZNiRBMY9Fm8ia0FNBsUYvd0cEIdX23gj1fPs41SIpmpSDpn0XPRlhxrDUr1nxo0uQXB22wKV5fflgawqy8kc-I3pcTW4frFgYXpW40o89Er_HUSLYthPNfEnBwrlDvCOsM37tZAo4NVmRPLIay5L_BZ8VzWSN5xBC3l3RbZ2peHt_ejWze7D5NjFrbQ1FVJ0ovwAv81tdubcwGT7IYEjXfDdTQT5ZIMwvmbkzC2xHGCOrOurRNO0oYtHGdp-QYVV1HVZFSfw2YoObRuV6ruB6oxYzSQGxlMgvehFG9SOXtN61e4C-pem-JiX4w314QZsklms7dyCYROI6X4FyjwMnvLCUuxGCKcDqdg-Fkm0UjaJauRYtF9KNGiNlcCxlpad__Qjc_7pMwVSituG34rTQAXeLqItnVWMWOMe_sALsHRRfZW15xZ-qnYqxGy8VsJCJOHizdOh8aJV1uWvFiD06OLkTIrqBFpJGYs5x9SRnmeef1c_6GrWkNgEDxjgMmjKDBy1uxK1ycG8uxLZa-lRwHOksO7xZLfCrQF-V2xY2P3Ux7zO0Yqo3CfeyKdV3U4iaSEibpcPibECqKQ9xocrQHjoXB6X7-vVF8dLuHL5W1h_Xtl9PDYUsoxvnwtG0GmqaTYoo6cTV7HD6jpHW9UT-ZpCeMlFEJXvZW6zq4_iF7jIn_HXOO8GuprCInQjNEKP3VcVHhoYW24y-mH2wWbn8tfDUnKcMPZc-j34E6_Yh9tNRaauK0IIbnOvPkFmCbBlNOvy6SqoCM3pvymh13D1WJujG0jvdqogTmw0xtW2O3FpBp9KJqP2QStsxuQNqWDsTYwN208Q8qfykm0Sgun8MXVvDkYu51PpmTKiVhQvrElgPFMqoIHtM9FbHas0DLlBrvRjZsJy10cMFmMPcv3LgG-YxZLwtOjFUc1xUvRk-rdaPOHXZCUPZ8cxcoa4JdYmsZHgYXcguVKiTAdP44Sv-BcHqHeoQ9tqKwyGdJmEpUL3NG_ynTzb6WY03coi6P-gfJdkGsocPonlLXb6xNG_wBn5D3Jq95F2KKZB4pCsrtheGyVkUFXUYJN900lZfaNEsbTfgWw592CiZrn2WSqw1uPogNCYjmIKRrukpGrVNoHZQM5tqo8pir6LjjRhlTJdEWEvDkyo8ZjrVt2Jl88i6fJDqyTpZUvjQpU31ZuKRUgKuMl_OWjS_JIRCzhrOAObfgtV-3uA8Dl7xyBEXHs0NGj_0Bn6jh0UKbmfXuwaE3FDGRJODPV3ldWKamEZRLxmvd1hJVNz0XjYQ-Z8SXdzL_cQlEbJarbFOmJKGd3XiT0W_a3IGZuaHHajMMI2-HREL5383adG408t-IDuuEP6-MktrHh-xI96Hk4OLoVeTtvVHb8m4AJdMrL6taMDHdiXjKQ3-j2a1qiixq86xyS4M7VRv4QEVOJ5ZO8xZd3LBq7Ao9osxDgvM8__xeV99JzXT-z4OKIvB18sAOK6GCMAk5e3Ue7VbcbFMO_mLT1oW_aEpCAApFIPogjSCJ8fATkJcUGo7Ej6HLQTBElVrC-OuwlAUmn3OE0YyBOMP3Bi9DwmAuxlHEDzefzOrwhepBDBU6Ml8HDtg7mlTG06NNg29IIB7OiI34JJG7kDhxiRhU-ycCTu0yA3P9BWKUgqCmV-dbwI02zBH0T-VXQTDWfYur-r-Lfn5vmiD_VgMlCzHvLt1Y3DOCwyTbodRefn1noWa6TNU9nshtv2sMLSfzrUfLCvkrqMuD_87NE3qidyqPqMTre-i9H0nqAL6yTtpMMRA8PuyPWVyipMd8hYShd_MgWru_qFSXfqpccYuSC8rHI67aI3VdUK27H9aQ6gF0raifjPx-3tszlQPkTWSRS3sKDTJYr_ljCaBJ__aHk52u1ZmVOXr_BTcueUjCvywUrR5yy6pChE0MAiYHXKSGJnZYSeT5pKmbJf-6J4797qmOM97onvnvYJeANiISrmyDStqlyBTMTWMYdpXXZeN7labOTz-_w85NX8iBRgUPda2rUOfgf9B2v3wxyFDj01uWmV8vevVuK1lYNoE9ZIhCqoo30Vy12bDsjtKDq-DDe-Ynna24QrLyUCRdUKghHE24VVWx07VxL9Ol94upOVjKP52tq-s7pjbDTX7DrDwU_vIn1iAhdJYSTE2yasJkZnzLXyjnGm9Qfqot_FYlBZzl0dvV4QC9tIXy1rt1-UZRzNYAUfSuz7At44NQ-NpHCEuhDWwyZEo4h7ZFk2Vk2tL0HITPzBVxXYcAVNz3UbnM5Yrm-csDcHvuAES6CGsLUgGw7RjuFIxDsvUyJLiT9iJBT1YZvQKP_lEW6rB7U3nNn_iJx9HmZOoekNNkBCwyhZEGpN0pciJr1UFfOYQFYeEJBSwI0dJ2m31luCvgDycElD8As75riuDYe28ptGna9FrtjFf7-UsYZHjouG2xw4HbwzOI_Agm8uL60WUwP0qr9TvneLLmOP4Uw2q1zdGRzZ8t4rV1eDpHsPT_27b5F9U0RNmlqF9hmabEHiEYaAt_Ul673b4NJ6iVgXwgnC2DG-8100fgmy3h3cCQucCJpE1nsJmBKdGhiZEAHPTM0vtycwjJppVTFoFP437UhMEWG8zh5mz1kN9gDbqGttj0fLzFz_W2DBQ5gSMiTtX0iOXekoPtsWI3UBHM7dIdAsYyT059HRYsp2n96A9HYTI_w4lxTKdM8Jt9sq8Umbw&cid=CAASEuRo2B42yRIHYTnql7LZDFeweA&rfl=1%2Chttps%253A%252F%252Fstart.mybluelight.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 08:54:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135472
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 May 2022 08:54:03 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7D3C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Wed, 05 May 2021 08:58:54 GMT
expires
Thu, 05 May 2022 08:58:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
135181
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
juwEKQDXmb_mWiRVknlG87zcbCKCtKTnunSclexXl3A.js
pagead2.googlesyndication.com/bg/ Frame CC2D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/juwEKQDXmb_mWiRVknlG87zcbCKCtKTnunSclexXl3A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8eec042900d799bfe65a2455927946f3bcdc6c2282b4a4e7ba749c95ec579770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 06:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 03 May 2021 10:48:00 GMT
server
sffe
age
56997
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5663
x-xss-protection
0
expires
Fri, 06 May 2022 06:41:58 GMT
index.html
live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/ Frame 3C99 		17 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4H5dWm6UYMGRF9abgQe3_L2ABZP5pdBiqLWbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_QzeWgi_Z0c29mbW2xF3rK9M4De5lrtXP6m1wKTK2rT4MWBth30j6k-Ra4FvVtxa95RU12Hjr4iiYGB64C03aOsYS8tEnJPrhtlCGV3cZY0umwXVV6NFb8Q0MkKJ0Xxcyfg0fmeWsWsAL0CkDxyXgYUz8TVKXqS9Rm0UmCvAuD4-mfCfqmRyPCePME0B3GiC1Q2yPwZycQCw_L1fcJDzJmhLpztez99tm6mvLnQ4U9bgdHUrdaluUtyhsxRnbyIOVjNZwEHJFGtIS6QRTUhRoLbmw2ocU83dS_ozLCUV6ShkJachhHatIqOGuOXfV-liglCMfpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopA5rDjHBkcTzvxbzbkv4dA%26sig%3DAOD64_0jOZYwbX-BHoC2D8tng9K4yhpSiw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-AsKV_G9Qmfi8F1iXMVr2bUQRawsJNef_qPTyfAwfjG6M-JQ1NL50YmLTQIo5RBLKp4hBqhFbFqVVAb8oXwxUxl25sfIuwadSSnXBhZ_ghpVu5rtW0fKwLa7LOMyWRywnOOHIU10DvFy7peMu42W-ixq4pkgA%26cry%3D1%26dbm_d%3DAKAmf-D7ATsnersCdrpAxQVZH74YiN__v6R-LA0yQahIxwmuRUxSCHzFEzA1ajkEe8k-MnNvGGe9DfKWAiPwK7UReKtbM1Dp2lfS_uglSg7440C3qLKmhMDx3v5Naau3vz6c72fn4imoWubwcOR0SKYAdEPQsjbn55j_9QWEBpGd_HMFxo9Qp7n1JI8LkhDgZsyh5aCRGUaBdqcVP92wLZkG3hvKfspPh98Fi78XKnASVdhYKhnIcsLLKSdZYdmAEyJJmP15IwOMxrGoXgKtJL6lOVXLNhGBCu1peur35GeuJy50CpbTVrT03E26u6N62lIScbEhxyFmG1dX8g_soTFCOtcqsY4fGId75gSpTAxTPTEBWC-whPHm3wqKcyd75qgvoOSOAZq2FFhLqLk3h5W6Eu1LmCVH1ZbXTuJJdYt8b5PqtLNflAs%26adurl%3D&userId=41947456&networkId=25
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/iframe/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
943143268deefecc556f378eea4ab1f0a6c576da0d776310d8068b1954b763f7

Request headers

:method
GET
:authority
live-tag.bannersnack.com
:scheme
https
:path
/banners/bxnig8san/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4H5dWm6UYMGRF9abgQe3_L2ABZP5pdBiqLWbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_QzeWgi_Z0c29mbW2xF3rK9M4De5lrtXP6m1wKTK2rT4MWBth30j6k-Ra4FvVtxa95RU12Hjr4iiYGB64C03aOsYS8tEnJPrhtlCGV3cZY0umwXVV6NFb8Q0MkKJ0Xxcyfg0fmeWsWsAL0CkDxyXgYUz8TVKXqS9Rm0UmCvAuD4-mfCfqmRyPCePME0B3GiC1Q2yPwZycQCw_L1fcJDzJmhLpztez99tm6mvLnQ4U9bgdHUrdaluUtyhsxRnbyIOVjNZwEHJFGtIS6QRTUhRoLbmw2ocU83dS_ozLCUV6ShkJachhHatIqOGuOXfV-liglCMfpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopA5rDjHBkcTzvxbzbkv4dA%26sig%3DAOD64_0jOZYwbX-BHoC2D8tng9K4yhpSiw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-AsKV_G9Qmfi8F1iXMVr2bUQRawsJNef_qPTyfAwfjG6M-JQ1NL50YmLTQIo5RBLKp4hBqhFbFqVVAb8oXwxUxl25sfIuwadSSnXBhZ_ghpVu5rtW0fKwLa7LOMyWRywnOOHIU10DvFy7peMu42W-ixq4pkgA%26cry%3D1%26dbm_d%3DAKAmf-D7ATsnersCdrpAxQVZH74YiN__v6R-LA0yQahIxwmuRUxSCHzFEzA1ajkEe8k-MnNvGGe9DfKWAiPwK7UReKtbM1Dp2lfS_uglSg7440C3qLKmhMDx3v5Naau3vz6c72fn4imoWubwcOR0SKYAdEPQsjbn55j_9QWEBpGd_HMFxo9Qp7n1JI8LkhDgZsyh5aCRGUaBdqcVP92wLZkG3hvKfspPh98Fi78XKnASVdhYKhnIcsLLKSdZYdmAEyJJmP15IwOMxrGoXgKtJL6lOVXLNhGBCu1peur35GeuJy50CpbTVrT03E26u6N62lIScbEhxyFmG1dX8g_soTFCOtcqsY4fGId75gSpTAxTPTEBWC-whPHm3wqKcyd75qgvoOSOAZq2FFhLqLk3h5W6Eu1LmCVH1ZbXTuJJdYt8b5PqtLNflAs%26adurl%3D&userId=41947456&networkId=25
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/

Response headers

content-type
text/html
content-length
3995
date
Thu, 06 May 2021 22:31:56 GMT
last-modified
Mon, 07 Dec 2020 14:06:42 GMT
etag
"e7ed9a134ad85e1f64c184dbf7e18040"
content-encoding
gzip
accept-ranges
bytes
server
AmazonS3
x-cache
Miss from cloudfront
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
vt92TmGzxPzFDiZCWsRi0IFtGED4VaYRsTfv47jaLsY7eWoIw3iAkg==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 810B 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 06 May 2021 03:14:09 GMT
expires
Fri, 07 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
69466
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame DEB2 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
befecbb3ee2737f4ce352fabb9721cc083002ddb875ff63fb787113421a41deb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1431 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Wed, 05 May 2021 08:58:54 GMT
expires
Thu, 05 May 2022 08:58:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
135181
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/ Frame 83D0 		17 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsXbcWm6UYMCRF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTxAU_QldOKkl5vj1rePCUIZ_iezJurMotthR6XrWLnMdkI-zAa8YjnRvTaBkSzilXozbaUPYs-3RbpOj9WEky5EV-B3SJGFi--Tnc9pxBe9WO0ADEOudaMFNdULAhJ5g1VCDUKloxUEWrLlyTeEHLHvLsgVqpyIVBaG-Jy3j5Nb8l-r99_lHQw_EW3nZfBRowH5E-cxvoR-82MwmYat1kWWv5dK2AEsSd6SFuE7jEbdGxyl9d3sKrD1ADY-2TdqVH5i_fVauCPxx9is3kKsAL255VAmwLbgA9oULune5si4mEwfecDJ4FGmZXhcRgsstZuZV7ABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyNDecGgnwBI669VZLQBo2Q%26sig%3DAOD64_0g4YmrpUhmcr8mbkX3JY4bbRoDGw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-APxEViDHoqe08WsdpfTvgXbvb_u0978C8NjA6QwEy_RAPb9WEYcAuAYdwsfJkyitWuWLiGXD-Uk1mtpi3ro8f6e6sMmXGtIiJgC77rUN0BQXk5-p5YGMgexlDxTz8vsFasgL-iweklfDW0Zd9PwXXnoT9WKQ%26cry%3D1%26dbm_d%3DAKAmf-CpagjvtdQdr8PnA_oYByU5jiTPyd3rqpH84SDOKLy6B3pWCLa7bK2CB4YN9bS3rdGojCOM878IHVb5CFAyHh25K8NxdiMPtdquI4wQtgJ7fA68pdPVbR4MyhA3JBtyADr0xtDQr3uQOX_MLDCSCyiTMEb1EKNArF7wIVXc3kQmKEL9i49bqX2NPy4smwWITxM5jAUfPsGFqAD_GpNkTLAx5iBupHHJrDrsUEVpkMr2jvgKvUw9LxNZ2kA4XEqV3BUJlgJiI67adlUT_9MZTqrJc0Y0WSTP3oHEglnxQgx80wqj4t9wBbpUPNRcXv5Wj7pZ7BL0Y0D-kXtG6k_8EbnXnBtW5Vze2rSj7IIkSFsAfc9MVs9RN2Uq-Z7891dbJa8TcL4Vc1XWQ5ViMD1rB0gAlxNSWvUBUUnhUf0elMXMtyJ1FqQ%26adurl%3D&userId=41947456&networkId=25
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/iframe/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
118a6ae711bf7dd4fb1ccab36fb393455c65c1731cc2f891c180b29227d176d7

Request headers

:method
GET
:authority
live-tag.bannersnack.com
:scheme
https
:path
/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsXbcWm6UYMCRF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTxAU_QldOKkl5vj1rePCUIZ_iezJurMotthR6XrWLnMdkI-zAa8YjnRvTaBkSzilXozbaUPYs-3RbpOj9WEky5EV-B3SJGFi--Tnc9pxBe9WO0ADEOudaMFNdULAhJ5g1VCDUKloxUEWrLlyTeEHLHvLsgVqpyIVBaG-Jy3j5Nb8l-r99_lHQw_EW3nZfBRowH5E-cxvoR-82MwmYat1kWWv5dK2AEsSd6SFuE7jEbdGxyl9d3sKrD1ADY-2TdqVH5i_fVauCPxx9is3kKsAL255VAmwLbgA9oULune5si4mEwfecDJ4FGmZXhcRgsstZuZV7ABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyNDecGgnwBI669VZLQBo2Q%26sig%3DAOD64_0g4YmrpUhmcr8mbkX3JY4bbRoDGw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-APxEViDHoqe08WsdpfTvgXbvb_u0978C8NjA6QwEy_RAPb9WEYcAuAYdwsfJkyitWuWLiGXD-Uk1mtpi3ro8f6e6sMmXGtIiJgC77rUN0BQXk5-p5YGMgexlDxTz8vsFasgL-iweklfDW0Zd9PwXXnoT9WKQ%26cry%3D1%26dbm_d%3DAKAmf-CpagjvtdQdr8PnA_oYByU5jiTPyd3rqpH84SDOKLy6B3pWCLa7bK2CB4YN9bS3rdGojCOM878IHVb5CFAyHh25K8NxdiMPtdquI4wQtgJ7fA68pdPVbR4MyhA3JBtyADr0xtDQr3uQOX_MLDCSCyiTMEb1EKNArF7wIVXc3kQmKEL9i49bqX2NPy4smwWITxM5jAUfPsGFqAD_GpNkTLAx5iBupHHJrDrsUEVpkMr2jvgKvUw9LxNZ2kA4XEqV3BUJlgJiI67adlUT_9MZTqrJc0Y0WSTP3oHEglnxQgx80wqj4t9wBbpUPNRcXv5Wj7pZ7BL0Y0D-kXtG6k_8EbnXnBtW5Vze2rSj7IIkSFsAfc9MVs9RN2Uq-Z7891dbJa8TcL4Vc1XWQ5ViMD1rB0gAlxNSWvUBUUnhUf0elMXMtyJ1FqQ%26adurl%3D&userId=41947456&networkId=25
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/

Response headers

content-type
text/html
content-length
3957
date
Thu, 06 May 2021 22:31:56 GMT
last-modified
Mon, 07 Dec 2020 14:06:43 GMT
etag
"ef4b17184de1a8fe3cccf985ca7aa092"
content-encoding
gzip
accept-ranges
bytes
server
AmazonS3
x-cache
Miss from cloudfront
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
_hRcMIqY5Yt0h6YZRMO73LTMzh6Y3QPkWXRJDOutkU4CIPwWPSCbMg==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F29F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 06 May 2021 03:14:09 GMT
expires
Fri, 07 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
69466
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame FEE4 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59b3db4b0458583d71e103e1f29b25d7bab634df12a0f31e5f1096a93ef5668a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DB3D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Wed, 05 May 2021 08:58:54 GMT
expires
Thu, 05 May 2022 08:58:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
135181
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/ Frame 65E5 		17 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAa7GWm6UYL-RF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTuAU_Qn26a3csvo5Uwz7SUWZOa9fMu92-0D4LguiZtb-J5TW290vwfSotkzuiDkM_zX2CFAtRfGhVLtwjVIp-sgBo7fScovZbNGTNnOVRRBUfuBh0-PRYhJBY5Lp76dkl4A1Vp09P8RqnQoM1woNTfI-sWRmadNI77W6mhgbF64YJHNSFXNnfQS5l4tGXngsKy_FAiCUKtBm-7zmKST3YNv8gjVQkKgGEc-bq6epJ39eIpw8Rv-Cm_sSc7AbIf84jSrYManqmDEfcrfcPK0pLA13_51VmGafL4B42i4qL8DqcPS4ItSAFa5cwDcH4pb8TABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2B42yRIHYTnql7LZDFeweA%26sig%3DAOD64_1IDDT88AgBX6nkbhKbrF8PUGegbQ%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-BZFOc8VK2sUpmFWlJuWh_ZZfMjJt6r0LICqJEc1neZgi6gVRM90Vp5Q3886sxrX-DlQwTgMGCbCjDpj5e-FfKMJSOKvvxLzXgBT5hT0e_dB_nLqP_1SkcOvPOpX0PsMxEoX0uROT3mkLO_7ZsjXkNeM5dnYQ%26cry%3D1%26dbm_d%3DAKAmf-C45xxJVMle2Y0zXyVO2ObVzdRlv05nLIPEX9neH_lxh36kBdYuQnsocFaze6i-6RZLvPv0sRCTZ30ReOwO0E6oYnWtLDlU6sl4ngbuF6Hkw38AXWx4Cksf73cI9ltIa7rpfgvwsZoN8QTY3W2ngoVt0jwZJEZNnvgRSvuUgar03i83WOyI09RF_3d9w3SMcRWW0jXaN9-jkjoYnesue2JiTnQpgKCsboUbgJaNb10fGrggKDlvScwylh_zdGTx8YWakPcqmy1po13dkEu58CZCHMNtVqbc1ESeNMJJmCQvSHEWMAnA-VI75f2uqeEH-OSDGv7siEAj3px5IKhHTSeYNf02Lbo-fLfQ4qIsPwSb1cFe5hBbnc8QLFpTlpwk0X-mCXi7-WbXxY_A2wQLIR0rw1n2Pb_3ExJs3BhXVKinfraFlaE%26adurl%3D&userId=41947456&networkId=25
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/iframe/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
118a6ae711bf7dd4fb1ccab36fb393455c65c1731cc2f891c180b29227d176d7

Request headers

:method
GET
:authority
live-tag.bannersnack.com
:scheme
https
:path
/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAa7GWm6UYL-RF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTuAU_Qn26a3csvo5Uwz7SUWZOa9fMu92-0D4LguiZtb-J5TW290vwfSotkzuiDkM_zX2CFAtRfGhVLtwjVIp-sgBo7fScovZbNGTNnOVRRBUfuBh0-PRYhJBY5Lp76dkl4A1Vp09P8RqnQoM1woNTfI-sWRmadNI77W6mhgbF64YJHNSFXNnfQS5l4tGXngsKy_FAiCUKtBm-7zmKST3YNv8gjVQkKgGEc-bq6epJ39eIpw8Rv-Cm_sSc7AbIf84jSrYManqmDEfcrfcPK0pLA13_51VmGafL4B42i4qL8DqcPS4ItSAFa5cwDcH4pb8TABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2B42yRIHYTnql7LZDFeweA%26sig%3DAOD64_1IDDT88AgBX6nkbhKbrF8PUGegbQ%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-BZFOc8VK2sUpmFWlJuWh_ZZfMjJt6r0LICqJEc1neZgi6gVRM90Vp5Q3886sxrX-DlQwTgMGCbCjDpj5e-FfKMJSOKvvxLzXgBT5hT0e_dB_nLqP_1SkcOvPOpX0PsMxEoX0uROT3mkLO_7ZsjXkNeM5dnYQ%26cry%3D1%26dbm_d%3DAKAmf-C45xxJVMle2Y0zXyVO2ObVzdRlv05nLIPEX9neH_lxh36kBdYuQnsocFaze6i-6RZLvPv0sRCTZ30ReOwO0E6oYnWtLDlU6sl4ngbuF6Hkw38AXWx4Cksf73cI9ltIa7rpfgvwsZoN8QTY3W2ngoVt0jwZJEZNnvgRSvuUgar03i83WOyI09RF_3d9w3SMcRWW0jXaN9-jkjoYnesue2JiTnQpgKCsboUbgJaNb10fGrggKDlvScwylh_zdGTx8YWakPcqmy1po13dkEu58CZCHMNtVqbc1ESeNMJJmCQvSHEWMAnA-VI75f2uqeEH-OSDGv7siEAj3px5IKhHTSeYNf02Lbo-fLfQ4qIsPwSb1cFe5hBbnc8QLFpTlpwk0X-mCXi7-WbXxY_A2wQLIR0rw1n2Pb_3ExJs3BhXVKinfraFlaE%26adurl%3D&userId=41947456&networkId=25
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/

Response headers

content-type
text/html
content-length
3957
date
Thu, 06 May 2021 22:31:56 GMT
last-modified
Mon, 07 Dec 2020 14:06:43 GMT
etag
"ef4b17184de1a8fe3cccf985ca7aa092"
content-encoding
gzip
accept-ranges
bytes
server
AmazonS3
x-cache
Miss from cloudfront
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
rxqmjThXvstB-W1w2iAhupd47h2cBK-bmavftwtzHGhOZ-fwt1Ja2g==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1D6B 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 06 May 2021 03:14:09 GMT
expires
Fri, 07 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
69466
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame E105 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8271f85ade371e892640ee4a692554c83298cdb194dd358b62b2ba94dbe0a071

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 810B
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEC0DaOqeAtiF7EcIbY97wLw&google_cver=1&google_push=AQvitUIef9NxKmLI-C51ViZo6A6jA8CSH_y6jofV-TvWOZztljBAINOTMGM9fkw50pUoItALaihpK...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitUIef9NxKmLI-C51ViZo6A6jA8CSH_y6jofV-TvWOZztljBAINOTMGM9fkw50pUoItALaihpKN90e1EQ1VWU96wIW19jCmY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitUIef9NxKmLI-C51ViZo6A6jA8CSH_y6jofV-TvWOZztljBAINOTMGM9fkw50pUoItALaihpKN90e1EQ1VWU96wIW19jCmY
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 06 May 2021 22:31:55 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server
Play
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitUIef9NxKmLI-C51ViZo6A6jA8CSH_y6jofV-TvWOZztljBAINOTMGM9fkw50pUoItALaihpKN90e1EQ1VWU96wIW19jCmY
x-li-proto
http/2
x-li-pop
prod-eda6
content-length
0
x-li-uuid
nuwyq+6afBbQx1Hw5CoAAA==
pixel
cm.g.doubleclick.net/ Frame 810B
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBM8Wm-xGmwpDsdpDyCKkKw&google_cver=1&google_push=AQvitUL9ghE7DUMyK5GQ851BxwWKNQ_SWusiMvBh8kjRmRuPz6O7dJdo1hyY9P88p8j9uex1UpUjQ1gMWB...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBM8Wm-xGmwpDsdpDyCKkKw&google_cver=1&google_push=AQvitUL9ghE7DUMyK5GQ851BxwWKNQ_SWusiMvBh8kjRmRuPz6O7dJdo1hyY9P88p8j9uex1UpUjQ1gMWB...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitUL9ghE7DUMyK5GQ851BxwWKNQ_SWusiMvBh8kjRmRuPz6O7dJdo1hyY9P88p8j9uex1UpUjQ1gMWBYKwyZN6HHY4jKaiw&google_hm=MDMwMzAwMDFfNjA5NDZlN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitUL9ghE7DUMyK5GQ851BxwWKNQ_SWusiMvBh8kjRmRuPz6O7dJdo1hyY9P88p8j9uex1UpUjQ1gMWBYKwyZN6HHY4jKaiw&google_hm=MDMwMzAwMDFfNjA5NDZlNWJhMGNlYg%3D%3D
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 06 May 2021 22:31:55 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitUL9ghE7DUMyK5GQ851BxwWKNQ_SWusiMvBh8kjRmRuPz6O7dJdo1hyY9P88p8j9uex1UpUjQ1gMWBYKwyZN6HHY4jKaiw&google_hm=MDMwMzAwMDFfNjA5NDZlNWJhMGNlYg%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
pixel
cm.g.doubleclick.net/ Frame 810B
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEGCWUpvvCsodkO3er16m97s&google_cver=1&google_push=AQvitUKI0o2n7272osiomacsCSOPhhE4YMk9c2h-0fxaHkN1P4HwIwfEwqxMeeyZCjvAjnj7LPssIjk12HyEbDWVZTVMHR4...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGCWUpvvCsodkO3er16m97s&google_cver=1&google_push=AQvitUKI0o2n7272osiomacsCSOPhhE4YMk9c2h-0fxaHkN1P4HwIwfEwqxMeeyZCjvAjnj7LPssIjk12HyEbDWVZTVMH...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUKI0o2n7272osiomacsCSOPhhE4YMk9c2h-0fxaHkN1P4HwIwfEwqxMeeyZCjvAjnj7LPssIjk12HyEbDWVZTVMHR4uiuA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUKI0o2n7272osiomacsCSOPhhE4YMk9c2h-0fxaHkN1P4HwIwfEwqxMeeyZCjvAjnj7LPssIjk12HyEbDWVZTVMHR4uiuA
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUKI0o2n7272osiomacsCSOPhhE4YMk9c2h-0fxaHkN1P4HwIwfEwqxMeeyZCjvAjnj7LPssIjk12HyEbDWVZTVMHR4uiuA
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 810B
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAQvitUJGZr20-WPsxEt0Jm1C9ZOnepZYTe1YepDJc9SFT4NBWDvIH2vV_nNAOXAJWbuviia-K07qcKhAfU...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AQvitUJGZr20-WPsxEt0Jm1C9ZOnepZYTe1YepDJc9SFT4NBWDvIH2vV_nNAOXAJWbuviia-K07qcKhAfUl4LQoQ_5sfwD0_bg&google_hm=1d72639a-28ea-43a4-9c45...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AQvitUJGZr20-WPsxEt0Jm1C9ZOnepZYTe1YepDJc9SFT4NBWDvIH2vV_nNAOXAJWbuviia-K07qcKhAfUl4LQoQ_5sfwD0_bg&google_hm=1d72639a-28ea-43a4-9c45-a45ddcd9c5bf
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:55 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AQvitUJGZr20-WPsxEt0Jm1C9ZOnepZYTe1YepDJc9SFT4NBWDvIH2vV_nNAOXAJWbuviia-K07qcKhAfUl4LQoQ_5sfwD0_bg&google_hm=1d72639a-28ea-43a4-9c45-a45ddcd9c5bf
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 810B
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEF1SVWgMZ44sDJtutDFLVPg&google_cver=1&google_push=AQvitUJ2jhgj8G9ssfLa1I3T1bGwiyI83Z62MtZ1491AB4ThqO2LaGfOOzF7ClEUQFKDEpmzHtHosS...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUJ2jhgj8G9ssfLa1I3T1bGwiyI83Z62MtZ1491AB4ThqO2LaGfOOzF7ClEUQFKDEpmzHtHosSFxrACWfGagAZSe2tuBdA&google_hm=NTkxMDg1NTg0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUJ2jhgj8G9ssfLa1I3T1bGwiyI83Z62MtZ1491AB4ThqO2LaGfOOzF7ClEUQFKDEpmzHtHosSFxrACWfGagAZSe2tuBdA&google_hm=NTkxMDg1NTg0OTc0ODY3MDM3NQ%3D%3D
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUJ2jhgj8G9ssfLa1I3T1bGwiyI83Z62MtZ1491AB4ThqO2LaGfOOzF7ClEUQFKDEpmzHtHosSFxrACWfGagAZSe2tuBdA&google_hm=NTkxMDg1NTg0OTc0ODY3MDM3NQ%3D%3D
date
Thu, 06 May 2021 22:31:58 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 810B
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESECYg2wfmhnGsRI5AK-vEWXU&google_cver=1&google_push=AQvitULqHwCZYRztg_9vC5SAHz8snDCLLDWMS0MxoZm5Cdjye5IilFeNlKKbdAxHonmgbQEFTuYpkKlxsudD4nvTb...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ODA4YTk0NWItNjhkMC00MzgzLWJhOWUtYTRhNGE1YTNjMzZj&google_push=AQvitULqHwCZYRztg_9vC5SAHz8snDCLLDWMS0MxoZm5Cdjye5IilFeNlKKbdAxH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ODA4YTk0NWItNjhkMC00MzgzLWJhOWUtYTRhNGE1YTNjMzZj&google_push=AQvitULqHwCZYRztg_9vC5SAHz8snDCLLDWMS0MxoZm5Cdjye5IilFeNlKKbdAxHonmgbQEFTuYpkKlxsudD4nvTbxn_vJG-R7G9
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ODA4YTk0NWItNjhkMC00MzgzLWJhOWUtYTRhNGE1YTNjMzZj&google_push=AQvitULqHwCZYRztg_9vC5SAHz8snDCLLDWMS0MxoZm5Cdjye5IilFeNlKKbdAxHonmgbQEFTuYpkKlxsudD4nvTbxn_vJG-R7G9
date
Thu, 06 May 2021 22:31:58 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 810B
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEBYY8hhxWfTCos8mSCxmCjs&google_cver=1&google_push=AQvitUJT5NKmsiiT_bzy-Cvn1B7CRjx0w4ffcLF1i8DaZ0tyzZQSJYceCVOvbc_VE0pE9YP_4KAWhQkCAXNRjuQrNjo81jT...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUJT5NKmsiiT_bzy-Cvn1B7CRjx0w4ffcLF1i8DaZ0tyzZQSJYceCVOvbc_VE0pE9YP_4KAWhQkCAXNRjuQrNjo81jTja-s&google_hm=MjA0MDA4Nzkx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUJT5NKmsiiT_bzy-Cvn1B7CRjx0w4ffcLF1i8DaZ0tyzZQSJYceCVOvbc_VE0pE9YP_4KAWhQkCAXNRjuQrNjo81jTja-s&google_hm=MjA0MDA4NzkxODUxMTE0MzU5Nw==
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUJT5NKmsiiT_bzy-Cvn1B7CRjx0w4ffcLF1i8DaZ0tyzZQSJYceCVOvbc_VE0pE9YP_4KAWhQkCAXNRjuQrNjo81jTja-s&google_hm=MjA0MDA4NzkxODUxMTE0MzU5Nw==
Date
Thu, 06 May 2021 22:31:55 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
attr
cm.g.doubleclick.net/pixel/ Frame 810B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LYy-g2HLjU6VxJ_W9HmCZ7vi2OV7fKA0ZNH2-C5xE3g3aGnioCWx_RExAd4U55FuRiI6UAWwo
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
juwEKQDXmb_mWiRVknlG87zcbCKCtKTnunSclexXl3A.js
pagead2.googlesyndication.com/bg/ Frame 7D3C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/juwEKQDXmb_mWiRVknlG87zcbCKCtKTnunSclexXl3A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8eec042900d799bfe65a2455927946f3bcdc6c2282b4a4e7ba749c95ec579770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 06:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 03 May 2021 10:48:00 GMT
server
sffe
age
56997
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5663
x-xss-protection
0
expires
Fri, 06 May 2022 06:41:58 GMT
v1
prebid.digitru.st/id/ Frame AD6C 		0
0
csi
csi.gstatic.com/ Frame 8CE8 		0
331 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kodgsc9g&c=3643636286730&slotId=1821818143365&qqid=COK6m4eOtvACFZqy3godCiAAvw&gqid=W26UYMjSCcSN7gPA_bewDA&fb=ima-html5&sdkv=h.3.454.1&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=AdChoices&icdi=18x18&vmfc=1&vhc=0&wta=1&hghme=1&ghmsh_eids=21064201&met.4=ghmsh_s.kodgsd3x~ghmsh_s.kodgsd3y&ghmsh_mi=22%2C18%2C22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=tASCC0TeQHF1peuk
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.454.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F29F
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMwz4Ad2ZwbRzNYZ51LpNC0&google_cver=1&google_push=AQvitUKpSDyRiH_rM8XQWMyMd8sxwcFR1ZXLso-VYDCXv6hqpGDJefAJ_uTsI2Pffvvol2y08s4m3jM0-sH...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUKpSDyRiH_rM8XQWMyMd8sxwcFR1ZXLso-VYDCXv6hqpGDJefAJ_uTsI2Pffvvol2y08s4m3jM0-sHAaJeQm3EeiLhuJa_K&google_hm=vHLmyHjsQ-CqT0FwIYL8yFQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUKpSDyRiH_rM8XQWMyMd8sxwcFR1ZXLso-VYDCXv6hqpGDJefAJ_uTsI2Pffvvol2y08s4m3jM0-sHAaJeQm3EeiLhuJa_K&google_hm=vHLmyHjsQ-CqT0FwIYL8yFQ
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUKpSDyRiH_rM8XQWMyMd8sxwcFR1ZXLso-VYDCXv6hqpGDJefAJ_uTsI2Pffvvol2y08s4m3jM0-sHAaJeQm3EeiLhuJa_K&google_hm=vHLmyHjsQ-CqT0FwIYL8yFQ
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame F29F 		0
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMKAIk-xCllA_WxphwAJqyw&google_cver=1&google_push=AQvitULN45WvoLpYrq1fYENyjGOCYKGvhHldrfYBX5Js4rQrsnPB__MhxCTFCSQzyF9oJjoK_79kKpFmzyXlXD6yMRADYqBGQUYt
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:57 GMT
via
1.1 google
alt-svc
clear
pixel
cm.g.doubleclick.net/ Frame F29F
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESELSuw8SPRz7ORIOg3YPncc4&google_cver=1&google_push=AQvitUJ3sC7oWwsu1FYhkFVTuv-q65WRnSRUhZBk964xW3cy-onDt_Qo34mKSjDy6BN_usCrdlHXMd4wDYcQWJKtVp2EvQRrP9Ax
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=TkR2VDZ1VEtBUS1BNncxd1htNlVZQQ%3D%3D&google_push=AQvitUJ3sC7oWwsu1FYhkFVTuv-q65WRnSRUhZBk964xW3cy-onDt_Qo34mKSjDy6BN_usCrdlHXMd4wDYcQW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=TkR2VDZ1VEtBUS1BNncxd1htNlVZQQ%3D%3D&google_push=AQvitUJ3sC7oWwsu1FYhkFVTuv-q65WRnSRUhZBk964xW3cy-onDt_Qo34mKSjDy6BN_usCrdlHXMd4wDYcQWJKtVp2EvQRrP9Ax
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=TkR2VDZ1VEtBUS1BNncxd1htNlVZQQ%3D%3D&google_push=AQvitUJ3sC7oWwsu1FYhkFVTuv-q65WRnSRUhZBk964xW3cy-onDt_Qo34mKSjDy6BN_usCrdlHXMd4wDYcQWJKtVp2EvQRrP9Ax
date
Thu, 06 May 2021 22:31:58 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
243
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame F29F
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEGCWUpvvCsodkO3er16m97s&google_cver=1&google_push=AQvitUKFVVA5Iqthk1QF1gjwgqzo53i6RMSFzvZXSNuyAbuWqFJvKLIEnfXW78vLtPgE6m2EdxLeUa8rRnRu0QjtT4LWTE-...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGCWUpvvCsodkO3er16m97s&google_cver=1&google_push=AQvitUKFVVA5Iqthk1QF1gjwgqzo53i6RMSFzvZXSNuyAbuWqFJvKLIEnfXW78vLtPgE6m2EdxLeUa8rRnRu0QjtT4LWT...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUKFVVA5Iqthk1QF1gjwgqzo53i6RMSFzvZXSNuyAbuWqFJvKLIEnfXW78vLtPgE6m2EdxLeUa8rRnRu0QjtT4LWTE-nzkT3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUKFVVA5Iqthk1QF1gjwgqzo53i6RMSFzvZXSNuyAbuWqFJvKLIEnfXW78vLtPgE6m2EdxLeUa8rRnRu0QjtT4LWTE-nzkT3
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUKFVVA5Iqthk1QF1gjwgqzo53i6RMSFzvZXSNuyAbuWqFJvKLIEnfXW78vLtPgE6m2EdxLeUa8rRnRu0QjtT4LWTE-nzkT3
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame F29F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGU_8k2ZRJ_GCo5K6wLP8hU&google_cver=1&google_push=AQvitUKPoqloJauXGq6ZMWCVg8Xv-xRU1dqKNq1vvWSXcJH72Zt4V6ZrL3k0qTm6VApOnCsf0XH...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09ER1NBUlgtMVAtSFQzNQ==&google_push=AQvitUKPoqloJauXGq6ZMWCVg8Xv-xRU1dqKNq1vvWSXcJH72Zt4V6ZrL3k0qTm6VApOnCsf0XHWs9kU478OpPPYyAy7b5F4JDkj
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09ER1NBUlgtMVAtSFQzNQ==&google_push=AQvitUKPoqloJauXGq6ZMWCVg8Xv-xRU1dqKNq1vvWSXcJH72Zt4V6ZrL3k0qTm6VApOnCsf0XHWs9kU478OpPPYyAy7b5F4JDkj
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09ER1NBUlgtMVAtSFQzNQ==&google_push=AQvitUKPoqloJauXGq6ZMWCVg8Xv-xRU1dqKNq1vvWSXcJH72Zt4V6ZrL3k0qTm6VApOnCsf0XHWs9kU478OpPPYyAy7b5F4JDkj
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
pixel
cm.g.doubleclick.net/ Frame F29F
Redirect Chain
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEGoowKIWkiCHEUJq6IzmpxM&google_cver=1&google_push=AQvitUIuFpdaxEUCLJ7u__wuDZoBzC26DfBtjOnWbnLJ9juTh9gEU9CHcrUghg9cFQ9juYiYMFqw1LFsTdTuwa...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=czAwRG5WZDdGWA==&google_push=AQvitUIuFpdaxEUCLJ7u__wuDZoBzC26DfBtjOnWbnLJ9juTh9gEU9CHcrUghg9cFQ9juYiYMFqw1LFsTdTuwag77ZNcE6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=czAwRG5WZDdGWA==&google_push=AQvitUIuFpdaxEUCLJ7u__wuDZoBzC26DfBtjOnWbnLJ9juTh9gEU9CHcrUghg9cFQ9juYiYMFqw1LFsTdTuwag77ZNcE6vPzR0
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=czAwRG5WZDdGWA==&google_push=AQvitUIuFpdaxEUCLJ7u__wuDZoBzC26DfBtjOnWbnLJ9juTh9gEU9CHcrUghg9cFQ9juYiYMFqw1LFsTdTuwag77ZNcE6vPzR0
date
Thu, 06 May 2021 22:31:58 GMT
via
1.1 google
server
CookieSync Powered by Vdopia
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame F29F
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=googlevid&pm=1&google_gid=CAESECHuog64XLYRtOyCGyZ_YlU&google_cver=1&google_push=AQvitUJVvNESFk3HhjWAo1qR3jsQ4MffE3LQCVB6FBJRNct3_j97Z_vRt9suH9fNmKKJOQgh-9Rhq500uABz0HLqG...
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Dc4248c1f-ddb3-4721-87ab-f9366f79baf9%26google_push%3DAQvitUJVvNESFk3HhjWAo1qR3jsQ4...
  • https://tech.rtb.mts.ru/?dsp_uid=c4248c1f-ddb3-4721-87ab-f9366f79baf9&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Dc4248c1f-ddb3-4721-87ab-f9366f79baf9%2...
  • https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=c4248c1f-ddb3-4721-87ab-f9366f79baf9&google_push=AQvitUJVvNESFk3HhjWAo1qR3jsQ4MffE3LQCVB6FBJRNct3_j97Z_vRt9suH9fNmKKJOQgh-9Rhq500uABz0H...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=c4248c1f-ddb3-4721-87ab-f9366f79baf9&google_push=AQvitUJVvNESFk3HhjWAo1qR3jsQ4MffE3LQCVB6FBJRNct3_j97Z_vRt9suH9fNmKKJOQgh-9Rhq500uABz0HLqGnZIEFV6vyaR
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 06 May 2021 22:31:56 GMT
Server
nginx/1.13.12
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=c4248c1f-ddb3-4721-87ab-f9366f79baf9&google_push=AQvitUJVvNESFk3HhjWAo1qR3jsQ4MffE3LQCVB6FBJRNct3_j97Z_vRt9suH9fNmKKJOQgh-9Rhq500uABz0HLqGnZIEFV6vyaR
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
attr
cm.g.doubleclick.net/pixel/ Frame F29F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JehllX2966Dtp9d-wnBPS88COXJKyn-tqmhp8jAx9UGmFZvyWbe8AS97mWdD676-f_BL0pQw
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
juwEKQDXmb_mWiRVknlG87zcbCKCtKTnunSclexXl3A.js
pagead2.googlesyndication.com/bg/ Frame 1431 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/juwEKQDXmb_mWiRVknlG87zcbCKCtKTnunSclexXl3A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8eec042900d799bfe65a2455927946f3bcdc6c2282b4a4e7ba749c95ec579770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 06:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 03 May 2021 10:48:00 GMT
server
sffe
age
56997
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5663
x-xss-protection
0
expires
Fri, 06 May 2022 06:41:58 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 1D6B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESECW7Z4wqyF9nIR8zUe4VcMw&google_cver=1&google_push=AQvitUJPAZF78dxOp1Zg6F7udBzEtAlQVEpK0h9OCcS07DryUGaeEhZsEFzvqeaFfbOgc5f1aoRp1JiQZv6mBdSMFhYie4lxz-4
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDU2NjM1MDg4OTA2NjE1MzI2Nw==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESECW7Z4wqyF9nIR8zUe4VcMw&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESECW7Z4wqyF9nIR8zUe4VcMw&google_cver=1
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESECW7Z4wqyF9nIR8zUe4VcMw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1D6B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBE9_TFYiXlqEtjL4dC52Wg&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBE9_TFYiXlqEtjL4dC52Wg&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a1lBRk82RXcxTEVNeG81&google_gid=CAESEBE9_TFYiXlqEtjL4dC52Wg&google_cver=1&google_push=AQvitUI2VJTEM_n7WAPljM1eBfFf00cRFg0gUJSsKpeUEDF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a1lBRk82RXcxTEVNeG81&google_gid=CAESEBE9_TFYiXlqEtjL4dC52Wg&google_cver=1&google_push=AQvitUI2VJTEM_n7WAPljM1eBfFf00cRFg0gUJSsKpeUEDFBUmzig6fJ_hp9Xfuzd_zgKxyFbESVK-JRjx1Y6YwSdmwx2OESYsQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:06 GMT
Server
PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-04527eea692282deb@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a1lBRk82RXcxTEVNeG81&google_gid=CAESEBE9_TFYiXlqEtjL4dC52Wg&google_cver=1&google_push=AQvitUI2VJTEM_n7WAPljM1eBfFf00cRFg0gUJSsKpeUEDFBUmzig6fJ_hp9Xfuzd_zgKxyFbESVK-JRjx1Y6YwSdmwx2OESYsQ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1D6B
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBM8Wm-xGmwpDsdpDyCKkKw&google_cver=1&google_push=AQvitUKKwgQFyXaM-fc3lYzMIIu_mzVBF_0Gnaorce41P-BbUCrFx_dwivp_4b8X4JkekX__qRrOb-9XrT...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBM8Wm-xGmwpDsdpDyCKkKw&google_cver=1&google_push=AQvitUKKwgQFyXaM-fc3lYzMIIu_mzVBF_0Gnaorce41P-BbUCrFx_dwivp_4b8X4JkekX__qRrOb-9XrT...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitUKKwgQFyXaM-fc3lYzMIIu_mzVBF_0Gnaorce41P-BbUCrFx_dwivp_4b8X4JkekX__qRrOb-9XrTEGtO0Q6nJAMzFxqSU&google_hm=MDMwMzAwMDFfNjA5NDZl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitUKKwgQFyXaM-fc3lYzMIIu_mzVBF_0Gnaorce41P-BbUCrFx_dwivp_4b8X4JkekX__qRrOb-9XrTEGtO0Q6nJAMzFxqSU&google_hm=MDMwMzAwMDFfNjA5NDZlNWJhMGNlYg%3D%3D
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 06 May 2021 22:31:55 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitUKKwgQFyXaM-fc3lYzMIIu_mzVBF_0Gnaorce41P-BbUCrFx_dwivp_4b8X4JkekX__qRrOb-9XrTEGtO0Q6nJAMzFxqSU&google_hm=MDMwMzAwMDFfNjA5NDZlNWJhMGNlYg%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
pixel
cm.g.doubleclick.net/ Frame 1D6B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEMfFMrCPUj4VFGnkULWK32c&google_cver=1&google_push=AQvitUJXpDtM7yHsR1kvol9Jm9c4JhmMjBjfRiYJbGkMV1M4OkGOs8cNH8m5zJPn3rTh-ReuuTytWS9SyiH8F1-...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=tHB46TA1RBN1CogKdmN081uEiFQ&google_push=AQvitUJXpDtM7yHsR1kvol9Jm9c4JhmMjBjfRiYJbGkMV1M4OkGOs8cNH8m5zJPn3rTh-ReuuTytWS9SyiH8F1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=tHB46TA1RBN1CogKdmN081uEiFQ&google_push=AQvitUJXpDtM7yHsR1kvol9Jm9c4JhmMjBjfRiYJbGkMV1M4OkGOs8cNH8m5zJPn3rTh-ReuuTytWS9SyiH8F1-WnL7l_B617Oo
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=tHB46TA1RBN1CogKdmN081uEiFQ&google_push=AQvitUJXpDtM7yHsR1kvol9Jm9c4JhmMjBjfRiYJbGkMV1M4OkGOs8cNH8m5zJPn3rTh-ReuuTytWS9SyiH8F1-WnL7l_B617Oo
Date
Thu, 06 May 2021 22:32:03 GMT
Connection
keep-alive
Content-Length
241
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 1D6B
Redirect Chain
  • https://google-sync.rutarget.ru/sync?google_gid=CAESEENPyAwdtEjmQPd1igrN2u4&google_cver=1&google_push=AQvitUJBW84AHe3kewTZFsDrCMPOnSo8JHsgKVs5TNe73O3t0ETcv9EBjOrmwPX2Zq_F6dRbMzBcqfFSlai9K7BJW3RAoDw...
  • https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=X3FZc1BuS3hfUk9C&google_ula=2046794&google_push=AQvitUJBW84AHe3kewTZFsDrCMPOnSo8JHsgKVs5TNe73O3t0ETcv9EBjOrmwPX2Zq_F6dRbMzBcqfFSla...
170 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=X3FZc1BuS3hfUk9C&google_ula=2046794&google_push=AQvitUJBW84AHe3kewTZFsDrCMPOnSo8JHsgKVs5TNe73O3t0ETcv9EBjOrmwPX2Zq_F6dRbMzBcqfFSlai9K7BJW3RAoDwsQzM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=X3FZc1BuS3hfUk9C&google_ula=2046794&google_push=AQvitUJBW84AHe3kewTZFsDrCMPOnSo8JHsgKVs5TNe73O3t0ETcv9EBjOrmwPX2Zq_F6dRbMzBcqfFSlai9K7BJW3RAoDwsQzM
Date
Thu, 06 May 2021 22:32:11 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
sync
dsp.adkernel.com/ Frame 1D6B 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEHZ8Ar_a5YQooA4Bwq3CFXs&google_cver=1&google_push=AQvitUIr7wPvWxqFzHogHARBd6-N9e5QuJRzFvEqC-jxJK1Ie18YWdIUSYcmVs30YEkzQ8Po37Y7w4kivf9FTF2f_3Ekag866g
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:11 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 1D6B
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEBYY8hhxWfTCos8mSCxmCjs&google_cver=1&google_push=AQvitUKbM8WsbPKSp3JA2SJkEt5ZAm-3iN7A7MOaEq0SV94_OcOScijHEq5BPNQxNu6qPy6_dLmZhnTaaoPFYWDaOCXmEml...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUKbM8WsbPKSp3JA2SJkEt5ZAm-3iN7A7MOaEq0SV94_OcOScijHEq5BPNQxNu6qPy6_dLmZhnTaaoPFYWDaOCXmEmlD1Mc2&google_hm=MjA0MDA4Nzk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUKbM8WsbPKSp3JA2SJkEt5ZAm-3iN7A7MOaEq0SV94_OcOScijHEq5BPNQxNu6qPy6_dLmZhnTaaoPFYWDaOCXmEmlD1Mc2&google_hm=MjA0MDA4NzkxODUxMTE0MzU5Nw==
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUKbM8WsbPKSp3JA2SJkEt5ZAm-3iN7A7MOaEq0SV94_OcOScijHEq5BPNQxNu6qPy6_dLmZhnTaaoPFYWDaOCXmEmlD1Mc2&google_hm=MjA0MDA4NzkxODUxMTE0MzU5Nw==
Date
Thu, 06 May 2021 22:31:55 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
attr
cm.g.doubleclick.net/pixel/ Frame 1D6B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kw9bloYTtI5Y1wN8TKVndUY2wbZMsW89kDFgC120JP9J0b9i2R0TKjkR1fvrgO32TUUYR7qg
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:55 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
juwEKQDXmb_mWiRVknlG87zcbCKCtKTnunSclexXl3A.js
pagead2.googlesyndication.com/bg/ Frame DB3D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/juwEKQDXmb_mWiRVknlG87zcbCKCtKTnunSclexXl3A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8eec042900d799bfe65a2455927946f3bcdc6c2282b4a4e7ba749c95ec579770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 06:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 03 May 2021 10:48:00 GMT
server
sffe
age
56997
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5663
x-xss-protection
0
expires
Fri, 06 May 2022 06:41:58 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame 237D 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
129695
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Wed, 05 May 2021 10:30:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 May 2022 10:30:20 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 237D 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
392397
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Sun, 02 May 2021 09:31:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 May 2022 09:31:58 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 237D 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
392397
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Sun, 02 May 2021 09:31:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 May 2022 09:31:58 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 237D 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
392397
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Sun, 02 May 2021 09:31:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 May 2022 09:31:58 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 237D 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
392397
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Sun, 02 May 2021 09:31:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 May 2022 09:31:58 GMT
css
fonts.googleapis.com/ Frame 237D 		4 KB
617 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 06 May 2021 21:05:03 GMT
server
ESF
date
Thu, 06 May 2021 22:31:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 06 May 2021 22:31:55 GMT
css
fonts.googleapis.com/ Frame 237D 		4 KB
617 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 06 May 2021 21:40:39 GMT
server
ESF
date
Thu, 06 May 2021 22:31:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 06 May 2021 22:31:55 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 237D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
28501
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 07 May 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 237D 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
890
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 07 May 2021 22:17:05 GMT
truncated
/ Frame 237D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d7606a48d4c12cc2d0ef09401ec46db53d8424be1d0805534d7712441dbef20

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
downsize_200k_v1
tpc.googlesyndication.com/simgad/15275529603737827354/ Frame 237D 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15275529603737827354/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIrAIQnQEYASABLQAAAD8wrAI4nQFFAACAPw&rs=AOga4qkgYIGcR9mirWqhO_XWWbzYkn4IkA
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bd6d21ff95b42fa7bb0132bce824ea7dd68f7743c9526b64389b06a172f758a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 22:38:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 05 Jan 2021 08:00:48 GMT
server
sffe
age
85998
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21101
x-xss-protection
0
expires
Thu, 05 May 2022 22:38:37 GMT
40933678460698624
tpc.googlesyndication.com/simgad/ Frame 237D 		1 KB
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/40933678460698624
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 09:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221428
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
728
x-xss-protection
0
last-modified
Thu, 26 Oct 2017 18:18:20 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 May 2022 09:01:27 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 237D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CWferW26UYI--DNLigQffnLGQDKbPpb1izIXa4dsN9OWM3p4OEAEgkuvNImD1lc6B4ASgAfn26cECyAEGqQKZ6G7ZRneyPuACAKgDAcgDCqoElgJP0LP9vlYv9FoWBO5U0Y_TYFo3-EF29fdczltkpO4ofG5E5gGmwaCXZa7vI4uVUtR3hhIZF_vRZblPfEiuvQVayoZoRywiAQAmANBzoVZ-cWDWWcVzKYtkRzF4tmF_h8lhjBRMFeDWPKTseQF1Ub2w7_yfoCFHt_Wap-1aKFSFzAxwKnsAjGhVpKJ97GzBOpW9eQd9Iws-N6ZxG02vaTKyg8botVi7aAEHBDD3TYfhplmHmcW6y54T338pEqnoXsXiG5I-uY5gkSAyr0HzMrWJ48d85Zzrju0ymIz9GJaKSq9MojMqMdT66b1wZVtgjxoCFrmhB80SX9bUn8nLh-Rd-1tbHZVzad_Jd-i0K0IkDbdE7vd7GcAExdadh7UD4AQBkgUECAQYAZIFBAgFGASgBjeAB--Ilr4BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEI7EONIIBwiAYRABGB3yCBthZHgtc3Vic3luLTcwMDkwNDgwNjI4NTY2NDeACgPICwHYEw2IFAHQFQGAFwGyFxoKGAgAEhRwdWItOTU1NzA4OTUxMDQwNTQyMg&sigh=1Qwbv7ndiXE&template_id=492
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ Frame 237D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTHQLXm2SsSDg9qcMC5o8YlLnS6konsjjHkNgNKcJ4nO723E9DOROEYHyC9t7Oql40j9IEyUxkWflfVVlSg_jtnxCjNZw
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame AB53 		10 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51e693464802def15c11c473adf9e56ad2d9e48ae0080f01970967a79f96d5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7575
x-xss-protection
0
ao
capi.connatix.com/tr/ Frame D9A3 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ao?v=116015
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.99.24 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 06 May 2021 22:31:55 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://start.mybluelight.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 237D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://start.mybluelight.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:43:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
74903
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Fri, 06 May 2022 01:43:32 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 237D 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://start.mybluelight.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 00:12:11 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
253184
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
expires
Wed, 04 May 2022 00:12:11 GMT
gm_help_outline_white_24dp.png
fonts.gstatic.com/s/i/googlematerialicons/help_outline/v6/white-24dp/1x/ Frame 8CE8 		412 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fonts.gstatic.com/s/i/googlematerialicons/help_outline/v6/white-24dp/1x/gm_help_outline_white_24dp.png
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a628979bbae350718233d3a7bca320732305a1b56187a2d61ef43510de5c4825
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 21:49:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 2020 06:06:13 GMT
server
sffe
age
261725
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
412
x-xss-protection
0
expires
Tue, 03 May 2022 21:49:50 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 8CE8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CtziRW26UYKKhC5rl-gaKwID4C9yNmcVix8nkvuINsJAfEAEg0pbmOGD1lc6B4ASgAe3xtdoDyAEFqQKZ6G7ZRneyPuACAKgDAZgEAKoEpwJP0PWFkLZ4hiSwvcK_AJ1VX32oyRHEdxiXNuk1MLcOWxs4PzS4ozhvIyWL6t6BtrdftOklDopYZDCvT7FcQA0Wd4KXmnreni2Qw4N_e81LxGcIYiNo9OUSJW7ZbfSAgmGKVuhq8xDv8_fKRNd7eRKvOGR1rMUHgFvyVs5XtP6qwZptV7Uh_bORRIIbjljswOz30AWCu8D4W9JaoIzclJ5qxFu04FE6-izj2A7394DeS53ABMC3YCFQxOQSNVFV9SZ-buL9rxq0oY1inCDwjCCnRsUuUjbmCXnGeI3S5vXxnFgPOj2dVDf1ywD06o-x9tJHEhiQwEky7XhZx7v4UXCD96xAF1BhHwTxXWSF3TTlOBQtb5TpN4CYdAoCyczjN0pzLjex9reYwATG-_KHuwPgBAGgBlSAB7C58SmoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIIBwiAYRABGB3yCBthZHgtc3Vic3luLTY1MDg1NzM4NTQwOTg2ODaaCaQBaHR0cHM6Ly93d3cuaW50ZXJkaXNjb3VudC5jaC9kZS9tb2JpbHRlbGVmb24tdGFibGV0LXdlYXJhYmxlcy9tb2JpbHRlbGVmb24vbW9iaWx0ZWxlZm9uZS0tYzQxMTAwMC9zYW1zdW5nLWdhbGF4eS1hNTEtNi01LTEyOC1nYi00OC1tcC1wcmlzbS1jcnVzaC1ibGFjay0tcDAwMDIxMDk5OTKxCYAwQivRJz32gAoDyAsB0AsO4AsBuAwB2BMN0BUB4hYCCAGAFwE&sigh=ZsJ7fRQbZmA&label=show_ad&acvw=&sdkv=h.3.454.1&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3MzExNDk0NDcxMTIMNTE4MDU1MjUxOTcwQNwCUh0QDyUAAJhBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 8CE8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CC0EzW26UYKKhC5rl-gaKwID4C9yNmcVix8nkvuINsJAfEAEg0pbmOGD1lc6B4ASgAe3xtdoDyAEFqQKZ6G7ZRneyPuACAKgDAZgEAKoEpAJP0PWFkLZ4hiSwvcK_AJ1VX32oyRHEdxiXNuk1MLcOWxs4PzS4ozhvIyWL6t6BtrdftOklDopYZDCvT7FcQA0Wd4KXmnreni2Qw4N_e81LxGcIYiNo9OUSJW7ZbfSAgmGKVuhq8xDv8_fKRNd7eRKvOGR1rMUHgFvyVs5XtP6qwZptV7Uh_bORRIIbjljswOz30AWCu8D4W9JaoIzclJ5qxFu04FE6-izj2A7394DeS53ABMC3YCFQxOQSNVFV9SZ-buL9rxq0oY1inCDwjCCnRsUuUjbmCXnGeI3S5vXxnFgPOj2dVDf1ywD06o-x9tJHEhiQwEky7XhZx7v4UXCD96xAF1BhHwTxXWSF3WzkggAlTQrnpSB-4Sn9XKgcpT-AlHypwATG-_KHuwPgBAGgBlSAB7C58SmoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG9gHAfIHBBDM7iioCAHSCAcIgGEQARgd8ggbYWR4LXN1YnN5bi02NTA4NTczODU0MDk4Njg2gAoDyAsBwhMGGO3xtdoD2BMN0BUB4hYCCAGAFwGyFxoKGAgAEhRwdWItMTkyOTYxNTY5NDM3MzEwMw&sigh=AVWUV-dKnyc&cmd=Ch1jYS12aWRlby1wdWItMTkyOTYxNTY5NDM3MzEwMxAAGAI&vt=10&sdkv=h.3.454.1&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3MzExNDk0NDcxMTIMNTE4MDU1MjUxOTcwQNwCUh0QDyUAAJhBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
hqdefault.jpg
i.ytimg.com/vi/vrSkrZv08sk/ Frame 8CE8 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/vrSkrZv08sk/hqdefault.jpg
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1e4d181fe3c347b68134636dd500d294e60dbe66357a83bfa32c78a957cd34d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 20:39:11 GMT
x-content-type-options
nosniff
server
sffe
age
6764
etag
"1619532933"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14771
x-xss-protection
0
expires
Thu, 06 May 2021 22:39:11 GMT
truncated
/ Frame 8CE8 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AB53 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 06 May 2021 22:31:55 GMT
csi
csi.gstatic.com/ Frame D9A3 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kodgsc2t&c=3643636286730&slotId=1821818143365&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8CE8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.454.1&e=21064201&id=ima_html5&c=3607165506182372&domain=start.mybluelight.com
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 237D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Thu, 06 May 2021 22:31:55 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
5f1168f467fe453203bf5e94251e266a.js
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/ Frame 87E7 		83 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC76whWm6UYMKRF9abgQe3_L2ABZP5pdBisLmbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_Q4PfwSrMG9f4K9Xnyjj5yBwyBLdMLJoqXoEO4j0_iXLqxa_klistxC7PUCYkb4u4OwEPEFX4Ae22o22C3iqVX2oAghRIpJKEB2SnxBqJmtJ1kisVeDqwdnW9K33NJcJS86FHOwAca-Ixl-cDUJFudqrjUm-xMrsAj4Vn6L-s7Jk7ltKdc07rCpa5YJfKeSuCYx3FqzewtLX_pOuAdePhjdAH9Tz7uhcpfky3Y_rYmJE1txVD6LFs9svveZ4iBEzcJ0S4KDL4sK6LAdO2UkVmIzsZie3zJnI0wAaT6sL_GR4QHiebU5SxsYv0qd2-yjUVl-qw8wATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoN3BBSeC1Z9KHhfFStb6WYg%26sig%3DAOD64_1oUPa_UsKVutRCTGKGw-8M1c_oAg%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-B3YA4nc4zIBsipOpoMrPjF-VPjizEERjb77cV_RJfcks1PJ5u5XGzbtprI0of6Dygtq88J-_RGz7MPpDVbtWOxjLZYBgG9po4OHtmDVy4sYY2W_WN7ZU6URBkhuGRrykR6Rp2KopkggJQTQEqLKZCpLKCsUA%26cry%3D1%26dbm_d%3DAKAmf-DPTrGIHTba5yRbZag0-wDK6PzJgwAucHr7KPCU9FD6uJF0-_cAzRrSq1BtMTY6_9BRGmX5S8V9kkXz1nj3v5G-vyBoHoA-XX3EnR_ThAUhzvul69yPiPiqTIa2OqL7yM1P-N89PrRBlDV2l20OKJfqx-ZWxUA_kRtyIsG4Ui8roI4d6HJQe03N4ZO0BTvoqQemuO8aqfMsIZrnSFkvg2eq8A9KfP_3mpMYx6buYnyMRbUa2r3So0kzQ0l_eAgvJA3dwreItfYCmTm0bXM4ChylFgPTC4EleQruf3vxz49lVO6vUtxjV_x2phRM_kITlD8mK1znY320pEauC0aLxM0XhvV4n6cUnv472niiIg4do_yLH3Q8LRqaNOoq0eswm4ECufgz95C5HGB5MDgk-JjqpviQPKh9bztqwB1LzQw1m_F_2nY%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70deb9da89eb540d2fa684a9306a1bbceb600fb6e4d83bb348b8d4387fb53efa

Request headers

Referer
https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC76whWm6UYMKRF9abgQe3_L2ABZP5pdBisLmbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_Q4PfwSrMG9f4K9Xnyjj5yBwyBLdMLJoqXoEO4j0_iXLqxa_klistxC7PUCYkb4u4OwEPEFX4Ae22o22C3iqVX2oAghRIpJKEB2SnxBqJmtJ1kisVeDqwdnW9K33NJcJS86FHOwAca-Ixl-cDUJFudqrjUm-xMrsAj4Vn6L-s7Jk7ltKdc07rCpa5YJfKeSuCYx3FqzewtLX_pOuAdePhjdAH9Tz7uhcpfky3Y_rYmJE1txVD6LFs9svveZ4iBEzcJ0S4KDL4sK6LAdO2UkVmIzsZie3zJnI0wAaT6sL_GR4QHiebU5SxsYv0qd2-yjUVl-qw8wATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoN3BBSeC1Z9KHhfFStb6WYg%26sig%3DAOD64_1oUPa_UsKVutRCTGKGw-8M1c_oAg%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-B3YA4nc4zIBsipOpoMrPjF-VPjizEERjb77cV_RJfcks1PJ5u5XGzbtprI0of6Dygtq88J-_RGz7MPpDVbtWOxjLZYBgG9po4OHtmDVy4sYY2W_WN7ZU6URBkhuGRrykR6Rp2KopkggJQTQEqLKZCpLKCsUA%26cry%3D1%26dbm_d%3DAKAmf-DPTrGIHTba5yRbZag0-wDK6PzJgwAucHr7KPCU9FD6uJF0-_cAzRrSq1BtMTY6_9BRGmX5S8V9kkXz1nj3v5G-vyBoHoA-XX3EnR_ThAUhzvul69yPiPiqTIa2OqL7yM1P-N89PrRBlDV2l20OKJfqx-ZWxUA_kRtyIsG4Ui8roI4d6HJQe03N4ZO0BTvoqQemuO8aqfMsIZrnSFkvg2eq8A9KfP_3mpMYx6buYnyMRbUa2r3So0kzQ0l_eAgvJA3dwreItfYCmTm0bXM4ChylFgPTC4EleQruf3vxz49lVO6vUtxjV_x2phRM_kITlD8mK1znY320pEauC0aLxM0XhvV4n6cUnv472niiIg4do_yLH3Q8LRqaNOoq0eswm4ECufgz95C5HGB5MDgk-JjqpviQPKh9bztqwB1LzQw1m_F_2nY%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 13:25:46 GMT
content-encoding
gzip
last-modified
Mon, 07 Dec 2020 13:46:18 GMT
server
AmazonS3
age
32770
etag
"e9337589164f70d1d2400c1fcce0b739"
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
21968
x-amz-cf-id
TzZRTjpp00ojTH1SUJG7zwpetVMYflrkNIAyVLLe6WuypOKfJEVJ2A==
videoplayback
r2---sn-4g5ednld.googlevideo.com/
Redirect Chain
  • https://r1---sn-1gieen7e.googlevideo.com/videoplayback?expire=1620369115&ei=W26UYOyIF8bBgQfJzoG4Bw&ip=91.132.136.84&id=beb4a4ad9bf4f2c9&itag=22&source=youtube&requiressl=yes&mh=M0&mm=31&mn=sn-1giee...
  • https://r2---sn-4g5ednld.googlevideo.com/videoplayback?expire=1620369115&ei=W26UYOyIF8bBgQfJzoG4Bw&ip=91.132.136.84&id=beb4a4ad9bf4f2c9&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier...
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5ednld.googlevideo.com/videoplayback?expire=1620369115&ei=W26UYOyIF8bBgQfJzoG4Bw&ip=91.132.136.84&id=beb4a4ad9bf4f2c9&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=19.086&lmt=1619700667255134&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAOFuWkhM6B00HgFYaBlYLbV8VImvrf6hjlqoSpkKSGnxAiEA-XVWV_n8hCGZyHzVcjjlPG5_wqD8ls2b0bpVglUTj5M=&cpn=tASCC0TeQHF1peuk&redirect_counter=1&rm=sn-1gies7e&req_id=a145b8df4e0136e2&cms_redirect=yes&ipbypass=yes&mh=M0&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednld&ms=au&mt=1620339894&mv=m&mvi=2&pl=50&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPL_xptUb2TLvos6D5xjKxPAQgGPgSz3EBwNJjV4Non5AiBFG1G-kmvXcwV2b0Dxd37t5UiX2MhLcTjediz5bsJnxg%3D%3D
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:5d::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
2e78ffdd3c17b33f4c5393f6dc5a7871f975325c75b9c9aa9e1f965dd33dbd25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:56 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 29 Apr 2021 12:51:07 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-1449987/1449988
Cache-Control
private, max-age=28499
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1449988
Expires
Thu, 06 May 2021 22:31:56 GMT

Redirect headers

Date
Thu, 06 May 2021 22:31:56 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/html
Location
https://r2---sn-4g5ednld.googlevideo.com/videoplayback?expire=1620369115&ei=W26UYOyIF8bBgQfJzoG4Bw&ip=91.132.136.84&id=beb4a4ad9bf4f2c9&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=19.086&lmt=1619700667255134&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAOFuWkhM6B00HgFYaBlYLbV8VImvrf6hjlqoSpkKSGnxAiEA-XVWV_n8hCGZyHzVcjjlPG5_wqD8ls2b0bpVglUTj5M=&cpn=tASCC0TeQHF1peuk&redirect_counter=1&rm=sn-1gies7e&req_id=a145b8df4e0136e2&cms_redirect=yes&ipbypass=yes&mh=M0&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednld&ms=au&mt=1620339894&mv=m&mvi=2&pl=50&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPL_xptUb2TLvos6D5xjKxPAQgGPgSz3EBwNJjV4Non5AiBFG1G-kmvXcwV2b0Dxd37t5UiX2MhLcTjediz5bsJnxg%3D%3D
Cache-Control
private, max-age=900
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
Expires
Thu, 06 May 2021 22:31:56 GMT
sv
capi.connatix.com/tr/ Frame D9A3 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sv?v=116015
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.99.24 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 06 May 2021 22:31:55 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://start.mybluelight.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
downsize_200k_v1
tpc.googlesyndication.com/simgad/15275529603737827354/ Frame 237D 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15275529603737827354/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIrAIQnQEYASABLQAAAD8wrAI4nQFFAACAPw&rs=AOga4qkgYIGcR9mirWqhO_XWWbzYkn4IkA
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bd6d21ff95b42fa7bb0132bce824ea7dd68f7743c9526b64389b06a172f758a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 22:38:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 05 Jan 2021 08:00:48 GMT
server
sffe
age
85998
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21101
x-xss-protection
0
expires
Thu, 05 May 2022 22:38:37 GMT
40933678460698624
tpc.googlesyndication.com/simgad/ Frame 237D 		1 KB
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/40933678460698624
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 09:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221428
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
728
x-xss-protection
0
last-modified
Thu, 26 Oct 2017 18:18:20 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 May 2022 09:01:27 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 237D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
28501
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 07 May 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 237D 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
890
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 07 May 2021 22:17:05 GMT
5f1168f467fe453203bf5e94251e266a.js
live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/ Frame 3C99 		83 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4H5dWm6UYMGRF9abgQe3_L2ABZP5pdBiqLWbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_QzeWgi_Z0c29mbW2xF3rK9M4De5lrtXP6m1wKTK2rT4MWBth30j6k-Ra4FvVtxa95RU12Hjr4iiYGB64C03aOsYS8tEnJPrhtlCGV3cZY0umwXVV6NFb8Q0MkKJ0Xxcyfg0fmeWsWsAL0CkDxyXgYUz8TVKXqS9Rm0UmCvAuD4-mfCfqmRyPCePME0B3GiC1Q2yPwZycQCw_L1fcJDzJmhLpztez99tm6mvLnQ4U9bgdHUrdaluUtyhsxRnbyIOVjNZwEHJFGtIS6QRTUhRoLbmw2ocU83dS_ozLCUV6ShkJachhHatIqOGuOXfV-liglCMfpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopA5rDjHBkcTzvxbzbkv4dA%26sig%3DAOD64_0jOZYwbX-BHoC2D8tng9K4yhpSiw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-AsKV_G9Qmfi8F1iXMVr2bUQRawsJNef_qPTyfAwfjG6M-JQ1NL50YmLTQIo5RBLKp4hBqhFbFqVVAb8oXwxUxl25sfIuwadSSnXBhZ_ghpVu5rtW0fKwLa7LOMyWRywnOOHIU10DvFy7peMu42W-ixq4pkgA%26cry%3D1%26dbm_d%3DAKAmf-D7ATsnersCdrpAxQVZH74YiN__v6R-LA0yQahIxwmuRUxSCHzFEzA1ajkEe8k-MnNvGGe9DfKWAiPwK7UReKtbM1Dp2lfS_uglSg7440C3qLKmhMDx3v5Naau3vz6c72fn4imoWubwcOR0SKYAdEPQsjbn55j_9QWEBpGd_HMFxo9Qp7n1JI8LkhDgZsyh5aCRGUaBdqcVP92wLZkG3hvKfspPh98Fi78XKnASVdhYKhnIcsLLKSdZYdmAEyJJmP15IwOMxrGoXgKtJL6lOVXLNhGBCu1peur35GeuJy50CpbTVrT03E26u6N62lIScbEhxyFmG1dX8g_soTFCOtcqsY4fGId75gSpTAxTPTEBWC-whPHm3wqKcyd75qgvoOSOAZq2FFhLqLk3h5W6Eu1LmCVH1ZbXTuJJdYt8b5PqtLNflAs%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70deb9da89eb540d2fa684a9306a1bbceb600fb6e4d83bb348b8d4387fb53efa

Request headers

Referer
https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4H5dWm6UYMGRF9abgQe3_L2ABZP5pdBiqLWbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_QzeWgi_Z0c29mbW2xF3rK9M4De5lrtXP6m1wKTK2rT4MWBth30j6k-Ra4FvVtxa95RU12Hjr4iiYGB64C03aOsYS8tEnJPrhtlCGV3cZY0umwXVV6NFb8Q0MkKJ0Xxcyfg0fmeWsWsAL0CkDxyXgYUz8TVKXqS9Rm0UmCvAuD4-mfCfqmRyPCePME0B3GiC1Q2yPwZycQCw_L1fcJDzJmhLpztez99tm6mvLnQ4U9bgdHUrdaluUtyhsxRnbyIOVjNZwEHJFGtIS6QRTUhRoLbmw2ocU83dS_ozLCUV6ShkJachhHatIqOGuOXfV-liglCMfpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopA5rDjHBkcTzvxbzbkv4dA%26sig%3DAOD64_0jOZYwbX-BHoC2D8tng9K4yhpSiw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-AsKV_G9Qmfi8F1iXMVr2bUQRawsJNef_qPTyfAwfjG6M-JQ1NL50YmLTQIo5RBLKp4hBqhFbFqVVAb8oXwxUxl25sfIuwadSSnXBhZ_ghpVu5rtW0fKwLa7LOMyWRywnOOHIU10DvFy7peMu42W-ixq4pkgA%26cry%3D1%26dbm_d%3DAKAmf-D7ATsnersCdrpAxQVZH74YiN__v6R-LA0yQahIxwmuRUxSCHzFEzA1ajkEe8k-MnNvGGe9DfKWAiPwK7UReKtbM1Dp2lfS_uglSg7440C3qLKmhMDx3v5Naau3vz6c72fn4imoWubwcOR0SKYAdEPQsjbn55j_9QWEBpGd_HMFxo9Qp7n1JI8LkhDgZsyh5aCRGUaBdqcVP92wLZkG3hvKfspPh98Fi78XKnASVdhYKhnIcsLLKSdZYdmAEyJJmP15IwOMxrGoXgKtJL6lOVXLNhGBCu1peur35GeuJy50CpbTVrT03E26u6N62lIScbEhxyFmG1dX8g_soTFCOtcqsY4fGId75gSpTAxTPTEBWC-whPHm3wqKcyd75qgvoOSOAZq2FFhLqLk3h5W6Eu1LmCVH1ZbXTuJJdYt8b5PqtLNflAs%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 13:25:45 GMT
content-encoding
gzip
last-modified
Mon, 07 Dec 2020 14:06:42 GMT
server
AmazonS3
age
32771
etag
"e9337589164f70d1d2400c1fcce0b739"
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
21968
x-amz-cf-id
R4Z3ADyk0Yawg-9BrLrYXwYSU06swm4tx4HTUC45MCuY_BWvH5Jjlw==
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 1711 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://start.mybluelight.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://start.mybluelight.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 06 May 2021 18:55:17 GMT
expires
Fri, 06 May 2022 18:55:17 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
12998
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
5f1168f467fe453203bf5e94251e266a.js
live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/ Frame 83D0 		83 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsXbcWm6UYMCRF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTxAU_QldOKkl5vj1rePCUIZ_iezJurMotthR6XrWLnMdkI-zAa8YjnRvTaBkSzilXozbaUPYs-3RbpOj9WEky5EV-B3SJGFi--Tnc9pxBe9WO0ADEOudaMFNdULAhJ5g1VCDUKloxUEWrLlyTeEHLHvLsgVqpyIVBaG-Jy3j5Nb8l-r99_lHQw_EW3nZfBRowH5E-cxvoR-82MwmYat1kWWv5dK2AEsSd6SFuE7jEbdGxyl9d3sKrD1ADY-2TdqVH5i_fVauCPxx9is3kKsAL255VAmwLbgA9oULune5si4mEwfecDJ4FGmZXhcRgsstZuZV7ABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyNDecGgnwBI669VZLQBo2Q%26sig%3DAOD64_0g4YmrpUhmcr8mbkX3JY4bbRoDGw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-APxEViDHoqe08WsdpfTvgXbvb_u0978C8NjA6QwEy_RAPb9WEYcAuAYdwsfJkyitWuWLiGXD-Uk1mtpi3ro8f6e6sMmXGtIiJgC77rUN0BQXk5-p5YGMgexlDxTz8vsFasgL-iweklfDW0Zd9PwXXnoT9WKQ%26cry%3D1%26dbm_d%3DAKAmf-CpagjvtdQdr8PnA_oYByU5jiTPyd3rqpH84SDOKLy6B3pWCLa7bK2CB4YN9bS3rdGojCOM878IHVb5CFAyHh25K8NxdiMPtdquI4wQtgJ7fA68pdPVbR4MyhA3JBtyADr0xtDQr3uQOX_MLDCSCyiTMEb1EKNArF7wIVXc3kQmKEL9i49bqX2NPy4smwWITxM5jAUfPsGFqAD_GpNkTLAx5iBupHHJrDrsUEVpkMr2jvgKvUw9LxNZ2kA4XEqV3BUJlgJiI67adlUT_9MZTqrJc0Y0WSTP3oHEglnxQgx80wqj4t9wBbpUPNRcXv5Wj7pZ7BL0Y0D-kXtG6k_8EbnXnBtW5Vze2rSj7IIkSFsAfc9MVs9RN2Uq-Z7891dbJa8TcL4Vc1XWQ5ViMD1rB0gAlxNSWvUBUUnhUf0elMXMtyJ1FqQ%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70deb9da89eb540d2fa684a9306a1bbceb600fb6e4d83bb348b8d4387fb53efa

Request headers

Referer
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsXbcWm6UYMCRF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTxAU_QldOKkl5vj1rePCUIZ_iezJurMotthR6XrWLnMdkI-zAa8YjnRvTaBkSzilXozbaUPYs-3RbpOj9WEky5EV-B3SJGFi--Tnc9pxBe9WO0ADEOudaMFNdULAhJ5g1VCDUKloxUEWrLlyTeEHLHvLsgVqpyIVBaG-Jy3j5Nb8l-r99_lHQw_EW3nZfBRowH5E-cxvoR-82MwmYat1kWWv5dK2AEsSd6SFuE7jEbdGxyl9d3sKrD1ADY-2TdqVH5i_fVauCPxx9is3kKsAL255VAmwLbgA9oULune5si4mEwfecDJ4FGmZXhcRgsstZuZV7ABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyNDecGgnwBI669VZLQBo2Q%26sig%3DAOD64_0g4YmrpUhmcr8mbkX3JY4bbRoDGw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-APxEViDHoqe08WsdpfTvgXbvb_u0978C8NjA6QwEy_RAPb9WEYcAuAYdwsfJkyitWuWLiGXD-Uk1mtpi3ro8f6e6sMmXGtIiJgC77rUN0BQXk5-p5YGMgexlDxTz8vsFasgL-iweklfDW0Zd9PwXXnoT9WKQ%26cry%3D1%26dbm_d%3DAKAmf-CpagjvtdQdr8PnA_oYByU5jiTPyd3rqpH84SDOKLy6B3pWCLa7bK2CB4YN9bS3rdGojCOM878IHVb5CFAyHh25K8NxdiMPtdquI4wQtgJ7fA68pdPVbR4MyhA3JBtyADr0xtDQr3uQOX_MLDCSCyiTMEb1EKNArF7wIVXc3kQmKEL9i49bqX2NPy4smwWITxM5jAUfPsGFqAD_GpNkTLAx5iBupHHJrDrsUEVpkMr2jvgKvUw9LxNZ2kA4XEqV3BUJlgJiI67adlUT_9MZTqrJc0Y0WSTP3oHEglnxQgx80wqj4t9wBbpUPNRcXv5Wj7pZ7BL0Y0D-kXtG6k_8EbnXnBtW5Vze2rSj7IIkSFsAfc9MVs9RN2Uq-Z7891dbJa8TcL4Vc1XWQ5ViMD1rB0gAlxNSWvUBUUnhUf0elMXMtyJ1FqQ%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 13:26:04 GMT
content-encoding
gzip
last-modified
Mon, 07 Dec 2020 14:06:43 GMT
server
AmazonS3
age
32753
etag
"e9337589164f70d1d2400c1fcce0b739"
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
21968
x-amz-cf-id
NCgJqiqOyoeOPnPpxGrePcPhMId3XVxX38XDLXmk7DIVRtRp0QKWCg==
5f1168f467fe453203bf5e94251e266a.js
live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/ Frame 65E5 		83 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAa7GWm6UYL-RF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTuAU_Qn26a3csvo5Uwz7SUWZOa9fMu92-0D4LguiZtb-J5TW290vwfSotkzuiDkM_zX2CFAtRfGhVLtwjVIp-sgBo7fScovZbNGTNnOVRRBUfuBh0-PRYhJBY5Lp76dkl4A1Vp09P8RqnQoM1woNTfI-sWRmadNI77W6mhgbF64YJHNSFXNnfQS5l4tGXngsKy_FAiCUKtBm-7zmKST3YNv8gjVQkKgGEc-bq6epJ39eIpw8Rv-Cm_sSc7AbIf84jSrYManqmDEfcrfcPK0pLA13_51VmGafL4B42i4qL8DqcPS4ItSAFa5cwDcH4pb8TABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2B42yRIHYTnql7LZDFeweA%26sig%3DAOD64_1IDDT88AgBX6nkbhKbrF8PUGegbQ%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-BZFOc8VK2sUpmFWlJuWh_ZZfMjJt6r0LICqJEc1neZgi6gVRM90Vp5Q3886sxrX-DlQwTgMGCbCjDpj5e-FfKMJSOKvvxLzXgBT5hT0e_dB_nLqP_1SkcOvPOpX0PsMxEoX0uROT3mkLO_7ZsjXkNeM5dnYQ%26cry%3D1%26dbm_d%3DAKAmf-C45xxJVMle2Y0zXyVO2ObVzdRlv05nLIPEX9neH_lxh36kBdYuQnsocFaze6i-6RZLvPv0sRCTZ30ReOwO0E6oYnWtLDlU6sl4ngbuF6Hkw38AXWx4Cksf73cI9ltIa7rpfgvwsZoN8QTY3W2ngoVt0jwZJEZNnvgRSvuUgar03i83WOyI09RF_3d9w3SMcRWW0jXaN9-jkjoYnesue2JiTnQpgKCsboUbgJaNb10fGrggKDlvScwylh_zdGTx8YWakPcqmy1po13dkEu58CZCHMNtVqbc1ESeNMJJmCQvSHEWMAnA-VI75f2uqeEH-OSDGv7siEAj3px5IKhHTSeYNf02Lbo-fLfQ4qIsPwSb1cFe5hBbnc8QLFpTlpwk0X-mCXi7-WbXxY_A2wQLIR0rw1n2Pb_3ExJs3BhXVKinfraFlaE%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70deb9da89eb540d2fa684a9306a1bbceb600fb6e4d83bb348b8d4387fb53efa

Request headers

Referer
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAa7GWm6UYL-RF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTuAU_Qn26a3csvo5Uwz7SUWZOa9fMu92-0D4LguiZtb-J5TW290vwfSotkzuiDkM_zX2CFAtRfGhVLtwjVIp-sgBo7fScovZbNGTNnOVRRBUfuBh0-PRYhJBY5Lp76dkl4A1Vp09P8RqnQoM1woNTfI-sWRmadNI77W6mhgbF64YJHNSFXNnfQS5l4tGXngsKy_FAiCUKtBm-7zmKST3YNv8gjVQkKgGEc-bq6epJ39eIpw8Rv-Cm_sSc7AbIf84jSrYManqmDEfcrfcPK0pLA13_51VmGafL4B42i4qL8DqcPS4ItSAFa5cwDcH4pb8TABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2B42yRIHYTnql7LZDFeweA%26sig%3DAOD64_1IDDT88AgBX6nkbhKbrF8PUGegbQ%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-BZFOc8VK2sUpmFWlJuWh_ZZfMjJt6r0LICqJEc1neZgi6gVRM90Vp5Q3886sxrX-DlQwTgMGCbCjDpj5e-FfKMJSOKvvxLzXgBT5hT0e_dB_nLqP_1SkcOvPOpX0PsMxEoX0uROT3mkLO_7ZsjXkNeM5dnYQ%26cry%3D1%26dbm_d%3DAKAmf-C45xxJVMle2Y0zXyVO2ObVzdRlv05nLIPEX9neH_lxh36kBdYuQnsocFaze6i-6RZLvPv0sRCTZ30ReOwO0E6oYnWtLDlU6sl4ngbuF6Hkw38AXWx4Cksf73cI9ltIa7rpfgvwsZoN8QTY3W2ngoVt0jwZJEZNnvgRSvuUgar03i83WOyI09RF_3d9w3SMcRWW0jXaN9-jkjoYnesue2JiTnQpgKCsboUbgJaNb10fGrggKDlvScwylh_zdGTx8YWakPcqmy1po13dkEu58CZCHMNtVqbc1ESeNMJJmCQvSHEWMAnA-VI75f2uqeEH-OSDGv7siEAj3px5IKhHTSeYNf02Lbo-fLfQ4qIsPwSb1cFe5hBbnc8QLFpTlpwk0X-mCXi7-WbXxY_A2wQLIR0rw1n2Pb_3ExJs3BhXVKinfraFlaE%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 13:26:04 GMT
content-encoding
gzip
last-modified
Mon, 07 Dec 2020 14:06:43 GMT
server
AmazonS3
age
32753
etag
"e9337589164f70d1d2400c1fcce0b739"
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
21968
x-amz-cf-id
zaDORGBVAlvY2JEk7WL9kL9qzO1MbKC8a090gK7gZY4Dku3Mxetx-Q==
usersync.aspx
dis.criteo.com/dis/ Frame 78AD 		43 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Thu, 06 May 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1119
date
Thu, 06 May 2021 22:31:55 GMT
content-length
43
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 2395
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1514147791061770928
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1514147791061770928
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=C0B8DCA6-4544-4BC6-B95F-C7A276B84852; chkChromeAb67Sec=1; DPSync3=1621468800%3A226_221_201_227; SyncRTB3=1621123200%3A63%7C1621555200%3A35%7C1622851200%3A203%7C1621468800%3A21_54_71_8_56_161_7_166_22_81_55_3_13_165%7C1620864000%3A15_2_223
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 06 May 2021 22:31:57 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-1514147791061770928; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 22:31:57 GMT; path=/ PugT=1620340317; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 22:31:57 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 04-Aug-2021 22:31:57 GMT; path=/
X-lat
amspug018:0:320
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1514147791061770928
set-cookie
guid=1.1514147791061770928; Max-Age=31104000; Path=/; Domain=.de17a.com;
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 0B87
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBbXRFN0JLTjBBQUNfX0RUM3Eydw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABt9E7BKN0AADEs5oZmag&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=862809366025152390
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABt9E7BKN0AADEs5oZmag&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D862809366025152390%26bee_sync_partners%3Dpm%26bee_sync_...
  • https://match.prod.bidr.io/cookie-sync?userid=862809366025152390&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABt9E7BKN0AADEs5oZmag&pid=558502&do...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABt9E7BKN0AADEs5oZmag
42 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABt9E7BKN0AADEs5oZmag
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=C0B8DCA6-4544-4BC6-B95F-C7A276B84852; chkChromeAb67Sec=1; DPSync3=1621468800%3A226_221_201_227; SyncRTB3=1621123200%3A63%7C1621555200%3A35%7C1622851200%3A203%7C1621468800%3A21_54_71_8_56_161_7_166_22_81_55_3_13_165%7C1620864000%3A15_2_223; KRTBCOOKIE_1101=23040-6959308665611614348; PugT=1620340316; PUBMDCID=3; KRTBCOOKIE_218=22978-YJRuWwAAziE1gwA4&KRTB&23194-YJRuWwAAziE1gwA4&KRTB&23209-YJRuWwAAziE1gwA4&KRTB&23244-YJRuWwAAziE1gwA4; KRTBCOOKIE_391=22924-4232242844760825305&KRTB&23263-4232242844760825305; KRTBCOOKIE_22=14911-4566350889066153267; KRTBCOOKIE_377=6810-6f5b57e8-58b1-4c2f-8ab8-4329b8f9ea3d&KRTB&22918-6f5b57e8-58b1-4c2f-8ab8-4329b8f9ea3d&KRTB&23031-6f5b57e8-58b1-4c2f-8ab8-4329b8f9ea3d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 06 May 2021 22:31:56 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_699=22727-AABt9E7BKN0AADEs5oZmag; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 22:31:56 GMT; path=/ PugT=1620340316; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 22:31:56 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 04-Aug-2021 22:31:56 GMT; path=/
X-lat
amspug015:0:369
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Date
Thu, 06 May 2021 22:31:57 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABt9E7BKN0AADEs5oZmag
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame FDD7
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959308665611614348
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959308665611614348
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=C0B8DCA6-4544-4BC6-B95F-C7A276B84852; chkChromeAb67Sec=1; DPSync3=1621468800%3A226_221_201_227; SyncRTB3=1621123200%3A63%7C1621555200%3A35%7C1622851200%3A203%7C1621468800%3A21_54_71_8_56_161_7_166_22_81_55_3_13_165%7C1620864000%3A15_2_223
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 06 May 2021 22:31:56 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6959308665611614348; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 22:31:56 GMT; path=/ PugT=1620340316; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 22:31:56 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 04-Aug-2021 22:31:56 GMT; path=/
X-lat
lhrpug004:0:502
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Thu, 06 May 2021 22:31:56 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6959308665611614348; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959308665611614348
bridge
cm.adgrx.com/ Frame 540D 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Thu, 06 May 2021 22:31:59 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-5
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 1ED5 		43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A2I5133pQUQEjXJpaUSZXQE; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Thu, 06 May 2021 22:31:56 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7D18
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wLjcpkVES8a5X8eidrhIUg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=76171
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Fri, 07 May 2021 19:41:29 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 7D18 		95 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=C0B8DCA6-4544-4BC6-B95F-C7A276B84852
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
64b5a95f5aa84e1f-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09e5682f9b00004e1f02842000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 7D18
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Hjørring, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:57 GMT
frontend-id
3
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:57 GMT
frontend-id
5
location
/pubmatic/1/info2?sType=sync&sExtCookieId=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 7D18
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&addseg=31
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:01 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Thu, 06 May 2021 22:32:01 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
simage2.pubmatic.com/AdServer/ Frame 7D18
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4232242844760825305
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4232242844760825305
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:56 GMT
X-lat
lhrpug005:0:615
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4232242844760825305
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame 7D18
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFnvxqKmN8vMjY9dRB3MP4I&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFnvxqKmN8vMjY9dRB3MP4I&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:57 GMT
X-lat
amspug001:0:407
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFnvxqKmN8vMjY9dRB3MP4I&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7D18
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6f5b57e8-58b1-4c2f-8ab8-4329b8f9ea3d
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6f5b57e8-58b1-4c2f-8ab8-4329b8f9ea3d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:56 GMT
X-lat
lhrpug007:0:420
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6f5b57e8-58b1-4c2f-8ab8-4329b8f9ea3d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 7D18
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:f34d6094-6e61-4400-b50c-3f9391941115&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:f34d6094-6e61-4400-b50c-3f9391941115&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:01 GMT
X-lat
lhrpug015:0:406
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Thu, 06 May 2021 22:31:29 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:f34d6094-6e61-4400-b50c-3f9391941115&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 06 May 2021 22:31:28 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7D18
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9016660716835022949&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9016660716835022949&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:57 GMT
X-lat
amspug020:0:318
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:31:56 GMT
X-Proxy-Origin
91.132.136.84; 91.132.136.84; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.70:80
AN-X-Request-Uuid
79ae1d7b-6650-4d20-8a5d-618ae61c9c2e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9016660716835022949&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
C0B8DCA6-4544-4BC6-B95F-C7A276B84852
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7D18 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C0B8DCA6-4544-4BC6-B95F-C7A276B84852?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:56 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 7D18
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-P4qJDi9E2uVxfTf36FrvIE_VbDDKJR8-~A&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-P4qJDi9E2uVxfTf36FrvIE_VbDDKJR8-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:57 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 06 May 2021 22:31:56 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-P4qJDi9E2uVxfTf36FrvIE_VbDDKJR8-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 7D18
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_TGlzP1kqcHmN6uZ82Sxnv83pcjmM_-c_mVkFtji
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_TGlzP1kqcHmN6uZ82Sxnv83pcjmM_-c_mVkFtji
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:56 GMT
X-lat
amspug017:0:378
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_TGlzP1kqcHmN6uZ82Sxnv83pcjmM_-c_mVkFtji
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
x.bidswitch.net/ Frame 7D18
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ums.acuityplatform.com/bum?tpid=29&uid=910f06f5-f32a-411a-847a-5dfadff5bbd3&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=577306398175&expires=30&user_group=1&ssp=Pubmatic
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=236&user_id=577306398175&expires=30&user_group=1&ssp=Pubmatic
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.146.86 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://x.bidswitch.net/sync?dsp_id=236&user_id=577306398175&expires=30&user_group=1&ssp=Pubmatic
Pug
simage2.pubmatic.com/AdServer/ Frame 7D18
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4566350889066153267&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4566350889066153267&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:56 GMT
X-lat
lhrpug019:0:374
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4566350889066153267&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 7D18
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJRuWwAAziE1gwA4&gdpr=0&gdpr_consent=
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJRuWwAAziE1gwA4&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:56 GMT
X-lat
lhrpug019:0:403
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
via
1.1 varnish
server
Varnish
x-timer
S1620340316.075576,VS0,VE0
x-served-by
cache-hhn4052-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJRuWwAAziE1gwA4&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7D18
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3095a883-14ee-46de-a205-c1fc460e4adf&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3095a883-14ee-46de-a205-c1fc460e4adf&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:58 GMT
X-lat
lhrpug011:0:326
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3095a883-14ee-46de-a205-c1fc460e4adf&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 06 May 2021 22:31:58 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 7D18 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 7D18
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=3bca5b9b-e212-4741-b3b1-79260df8c15d-60946e5c-4348&gdpr=0&gdpr_consent=
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=3bca5b9b-e212-4741-b3b1-79260df8c15d-60946e5c-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:57 GMT
X-lat
amspug010:0:2091
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:55 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=3bca5b9b-e212-4741-b3b1-79260df8c15d-60946e5c-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pubmatic
um.simpli.fi/ Frame 7D18 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:59 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 05 May 2021 22:31:59 GMT
user_uploaded_tdh_cityburn_revisited_2017_400_normal.ttf
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/fonts/ Frame 87E7 		1 MB
1 MB 		Font
General
Check archive.org
Download Go to
Full URL
https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/fonts/user_uploaded_tdh_cityburn_revisited_2017_400_normal.ttf
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4231df8fb4004a36075df72d7ab5978e4505c535071e34f37b82eadadcdd536d

Request headers

Origin
https://live-tag.bannersnack.com
Referer
https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC76whWm6UYMKRF9abgQe3_L2ABZP5pdBisLmbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_Q4PfwSrMG9f4K9Xnyjj5yBwyBLdMLJoqXoEO4j0_iXLqxa_klistxC7PUCYkb4u4OwEPEFX4Ae22o22C3iqVX2oAghRIpJKEB2SnxBqJmtJ1kisVeDqwdnW9K33NJcJS86FHOwAca-Ixl-cDUJFudqrjUm-xMrsAj4Vn6L-s7Jk7ltKdc07rCpa5YJfKeSuCYx3FqzewtLX_pOuAdePhjdAH9Tz7uhcpfky3Y_rYmJE1txVD6LFs9svveZ4iBEzcJ0S4KDL4sK6LAdO2UkVmIzsZie3zJnI0wAaT6sL_GR4QHiebU5SxsYv0qd2-yjUVl-qw8wATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoN3BBSeC1Z9KHhfFStb6WYg%26sig%3DAOD64_1oUPa_UsKVutRCTGKGw-8M1c_oAg%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-B3YA4nc4zIBsipOpoMrPjF-VPjizEERjb77cV_RJfcks1PJ5u5XGzbtprI0of6Dygtq88J-_RGz7MPpDVbtWOxjLZYBgG9po4OHtmDVy4sYY2W_WN7ZU6URBkhuGRrykR6Rp2KopkggJQTQEqLKZCpLKCsUA%26cry%3D1%26dbm_d%3DAKAmf-DPTrGIHTba5yRbZag0-wDK6PzJgwAucHr7KPCU9FD6uJF0-_cAzRrSq1BtMTY6_9BRGmX5S8V9kkXz1nj3v5G-vyBoHoA-XX3EnR_ThAUhzvul69yPiPiqTIa2OqL7yM1P-N89PrRBlDV2l20OKJfqx-ZWxUA_kRtyIsG4Ui8roI4d6HJQe03N4ZO0BTvoqQemuO8aqfMsIZrnSFkvg2eq8A9KfP_3mpMYx6buYnyMRbUa2r3So0kzQ0l_eAgvJA3dwreItfYCmTm0bXM4ChylFgPTC4EleQruf3vxz49lVO6vUtxjV_x2phRM_kITlD8mK1znY320pEauC0aLxM0XhvV4n6cUnv472niiIg4do_yLH3Q8LRqaNOoq0eswm4ECufgz95C5HGB5MDgk-JjqpviQPKh9bztqwB1LzQw1m_F_2nY%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 13:13:37 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
age
33500
x-cache
Hit from cloudfront
content-length
1459860
last-modified
Mon, 07 Dec 2020 13:46:18 GMT
server
AmazonS3
etag
"c2cfd15b83f82e9b9ce6579f67d289e7"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/x-font-ttf
access-control-allow-origin
https://live-tag.bannersnack.com
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
HA1ghf984l7Pgr1IAWIiwwWtsrByr1c_MsuzZF_-q6mDriFHyiCbug==
a7d047259bdea4b2b509eb942f43f4bf.png
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/ Frame 87E7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/a7d047259bdea4b2b509eb942f43f4bf.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC76whWm6UYMKRF9abgQe3_L2ABZP5pdBisLmbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_Q4PfwSrMG9f4K9Xnyjj5yBwyBLdMLJoqXoEO4j0_iXLqxa_klistxC7PUCYkb4u4OwEPEFX4Ae22o22C3iqVX2oAghRIpJKEB2SnxBqJmtJ1kisVeDqwdnW9K33NJcJS86FHOwAca-Ixl-cDUJFudqrjUm-xMrsAj4Vn6L-s7Jk7ltKdc07rCpa5YJfKeSuCYx3FqzewtLX_pOuAdePhjdAH9Tz7uhcpfky3Y_rYmJE1txVD6LFs9svveZ4iBEzcJ0S4KDL4sK6LAdO2UkVmIzsZie3zJnI0wAaT6sL_GR4QHiebU5SxsYv0qd2-yjUVl-qw8wATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoN3BBSeC1Z9KHhfFStb6WYg%26sig%3DAOD64_1oUPa_UsKVutRCTGKGw-8M1c_oAg%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-B3YA4nc4zIBsipOpoMrPjF-VPjizEERjb77cV_RJfcks1PJ5u5XGzbtprI0of6Dygtq88J-_RGz7MPpDVbtWOxjLZYBgG9po4OHtmDVy4sYY2W_WN7ZU6URBkhuGRrykR6Rp2KopkggJQTQEqLKZCpLKCsUA%26cry%3D1%26dbm_d%3DAKAmf-DPTrGIHTba5yRbZag0-wDK6PzJgwAucHr7KPCU9FD6uJF0-_cAzRrSq1BtMTY6_9BRGmX5S8V9kkXz1nj3v5G-vyBoHoA-XX3EnR_ThAUhzvul69yPiPiqTIa2OqL7yM1P-N89PrRBlDV2l20OKJfqx-ZWxUA_kRtyIsG4Ui8roI4d6HJQe03N4ZO0BTvoqQemuO8aqfMsIZrnSFkvg2eq8A9KfP_3mpMYx6buYnyMRbUa2r3So0kzQ0l_eAgvJA3dwreItfYCmTm0bXM4ChylFgPTC4EleQruf3vxz49lVO6vUtxjV_x2phRM_kITlD8mK1znY320pEauC0aLxM0XhvV4n6cUnv472niiIg4do_yLH3Q8LRqaNOoq0eswm4ECufgz95C5HGB5MDgk-JjqpviQPKh9bztqwB1LzQw1m_F_2nY%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e4c1bd42e97617bc7f374a7694f589744bb36d8f5aadddb3cdd0bc5aa37a539

Request headers

Referer
https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC76whWm6UYMKRF9abgQe3_L2ABZP5pdBisLmbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_Q4PfwSrMG9f4K9Xnyjj5yBwyBLdMLJoqXoEO4j0_iXLqxa_klistxC7PUCYkb4u4OwEPEFX4Ae22o22C3iqVX2oAghRIpJKEB2SnxBqJmtJ1kisVeDqwdnW9K33NJcJS86FHOwAca-Ixl-cDUJFudqrjUm-xMrsAj4Vn6L-s7Jk7ltKdc07rCpa5YJfKeSuCYx3FqzewtLX_pOuAdePhjdAH9Tz7uhcpfky3Y_rYmJE1txVD6LFs9svveZ4iBEzcJ0S4KDL4sK6LAdO2UkVmIzsZie3zJnI0wAaT6sL_GR4QHiebU5SxsYv0qd2-yjUVl-qw8wATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoN3BBSeC1Z9KHhfFStb6WYg%26sig%3DAOD64_1oUPa_UsKVutRCTGKGw-8M1c_oAg%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-B3YA4nc4zIBsipOpoMrPjF-VPjizEERjb77cV_RJfcks1PJ5u5XGzbtprI0of6Dygtq88J-_RGz7MPpDVbtWOxjLZYBgG9po4OHtmDVy4sYY2W_WN7ZU6URBkhuGRrykR6Rp2KopkggJQTQEqLKZCpLKCsUA%26cry%3D1%26dbm_d%3DAKAmf-DPTrGIHTba5yRbZag0-wDK6PzJgwAucHr7KPCU9FD6uJF0-_cAzRrSq1BtMTY6_9BRGmX5S8V9kkXz1nj3v5G-vyBoHoA-XX3EnR_ThAUhzvul69yPiPiqTIa2OqL7yM1P-N89PrRBlDV2l20OKJfqx-ZWxUA_kRtyIsG4Ui8roI4d6HJQe03N4ZO0BTvoqQemuO8aqfMsIZrnSFkvg2eq8A9KfP_3mpMYx6buYnyMRbUa2r3So0kzQ0l_eAgvJA3dwreItfYCmTm0bXM4ChylFgPTC4EleQruf3vxz49lVO6vUtxjV_x2phRM_kITlD8mK1znY320pEauC0aLxM0XhvV4n6cUnv472niiIg4do_yLH3Q8LRqaNOoq0eswm4ECufgz95C5HGB5MDgk-JjqpviQPKh9bztqwB1LzQw1m_F_2nY%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 13:25:41 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 13:46:17 GMT
server
AmazonS3
age
32776
etag
"a7d047259bdea4b2b509eb942f43f4bf"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
5113
x-amz-cf-id
8IiS5kD4UW04zT8S39nhjffSxeUAHZGlUVpugm5bBIj5fbbdtosc0g==
/
stats.bannersnack.com/info/ Frame 87E7 		155 B
324 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.bannersnack.com/info/?h=b1nsrsqem&n=25&c=bsStats_b1nsrsqem
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.252.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
226ec1329e62a38391ba1a0ac74149638bef28a4b719c7ed3a8aa0da6cd71953
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://live-tag.bannersnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:59 GMT
cache-control
no-cache
vary
Accept-Encoding
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
gen_204
pagead2.googlesyndication.com/pagead/ Frame CC2D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B863kW26UYJiYB4nR7gPFqKDwDwAAAAA4AeAEAg&bg=!vL-lv_vNAAYP3QOmD907ACkAdvg8Wp-YqewRyD1yUCmsce-evD9x0tddhBEKgDj2dc-x88JcLJunjgIAAAGyUgAAAHRoAQcKACwVaBuQHRFeBMyo3iA_VDfSvHXYDunc6Ovfj4J9krTRVPZZsWCHlb0AHqQYeJkClr9ZqBAjYMbun5R3OnYIQHGBrWts2ZuIwvplMCn5QRvOFkDqtTLA0kr342_IPdw0Bvn0fkunIp3EBaLOkySLpoCyWm-ntyadE_NOq1Y8cgAzpxacl0jAs_XUcoPcj5zVutdLQxOGzUyuYdCY1oIvY1Bqdk6cm9sejQOb7NrFynuBJI83ejKbKC5vTB4gm1-1mBZna-wv4V0CSnHgjx2HGESO9WS2cJaPEzzZZ1KeaBatPxhjd70aaVYBCNjGe1twlabMup6n7IYC9YrD8-3j-74lJDH69SaMT5zOwLY8ckGveCFhiGHVjVRwyjaJ_SEnbGi743ZMPn058pG8PcriU3DWKPYzZyqYB33FtRNu5nR-KhMODEH2YLOEqPyICudWYL-oEu108qqRfvNAZXKgxrQ5U4iXmLeZX0-hneWxpctSissnwfLXZCaeDKaFSGtm1jnqaEXFbUYNlNDUkrQhthe-naQIJMslNiiF4rugWJtn78AwDiTbIJAVGdjh0uuCqdWPN-zKo2rDBolxcm4BN-ncltonhHU51zlzNrDgHgm3iBZrABdri6GiuwLJyBeTebxt6W2_NYHWaMHi3ERUiFLKYJvhcIzlFsqW6ILGGByoXKtqrVRdMKhxmwl6FMet9gq49HHAWlbzUg0rJRzRx_9ieX1HwNcKKZpU_VTNeb8slTqg4U4gSmCCJ53GB89R3nhwSbmH0AHTAdcBCgtEqAbyQ3BFOkPuRjEtyv9TyIkD8PX1af0_Bs9uvpM8XxltYNKUCdvPcPPM44QQcPBFCTVwEIzU18Z-0TcYUD_VyBqPBFTPsDAEyiX28IPdh_kqpaasMm5ETLbmbpHEYaD0T1ejGRM-9NCoE6PKEtTHOtjS6jFbYn6B
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_uploaded_tdh_cityburn_revisited_2017_400_normal.ttf
live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/fonts/ Frame 3C99 		1 MB
1 MB 		Font
General
Check archive.org
Download Go to
Full URL
https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/fonts/user_uploaded_tdh_cityburn_revisited_2017_400_normal.ttf
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4231df8fb4004a36075df72d7ab5978e4505c535071e34f37b82eadadcdd536d

Request headers

Origin
https://live-tag.bannersnack.com
Referer
https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4H5dWm6UYMGRF9abgQe3_L2ABZP5pdBiqLWbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_QzeWgi_Z0c29mbW2xF3rK9M4De5lrtXP6m1wKTK2rT4MWBth30j6k-Ra4FvVtxa95RU12Hjr4iiYGB64C03aOsYS8tEnJPrhtlCGV3cZY0umwXVV6NFb8Q0MkKJ0Xxcyfg0fmeWsWsAL0CkDxyXgYUz8TVKXqS9Rm0UmCvAuD4-mfCfqmRyPCePME0B3GiC1Q2yPwZycQCw_L1fcJDzJmhLpztez99tm6mvLnQ4U9bgdHUrdaluUtyhsxRnbyIOVjNZwEHJFGtIS6QRTUhRoLbmw2ocU83dS_ozLCUV6ShkJachhHatIqOGuOXfV-liglCMfpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopA5rDjHBkcTzvxbzbkv4dA%26sig%3DAOD64_0jOZYwbX-BHoC2D8tng9K4yhpSiw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-AsKV_G9Qmfi8F1iXMVr2bUQRawsJNef_qPTyfAwfjG6M-JQ1NL50YmLTQIo5RBLKp4hBqhFbFqVVAb8oXwxUxl25sfIuwadSSnXBhZ_ghpVu5rtW0fKwLa7LOMyWRywnOOHIU10DvFy7peMu42W-ixq4pkgA%26cry%3D1%26dbm_d%3DAKAmf-D7ATsnersCdrpAxQVZH74YiN__v6R-LA0yQahIxwmuRUxSCHzFEzA1ajkEe8k-MnNvGGe9DfKWAiPwK7UReKtbM1Dp2lfS_uglSg7440C3qLKmhMDx3v5Naau3vz6c72fn4imoWubwcOR0SKYAdEPQsjbn55j_9QWEBpGd_HMFxo9Qp7n1JI8LkhDgZsyh5aCRGUaBdqcVP92wLZkG3hvKfspPh98Fi78XKnASVdhYKhnIcsLLKSdZYdmAEyJJmP15IwOMxrGoXgKtJL6lOVXLNhGBCu1peur35GeuJy50CpbTVrT03E26u6N62lIScbEhxyFmG1dX8g_soTFCOtcqsY4fGId75gSpTAxTPTEBWC-whPHm3wqKcyd75qgvoOSOAZq2FFhLqLk3h5W6Eu1LmCVH1ZbXTuJJdYt8b5PqtLNflAs%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 13:25:55 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
age
32762
x-cache
Hit from cloudfront
content-length
1459860
last-modified
Mon, 07 Dec 2020 14:06:42 GMT
server
AmazonS3
etag
"c2cfd15b83f82e9b9ce6579f67d289e7"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/x-font-ttf
access-control-allow-origin
https://live-tag.bannersnack.com
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
Tn1yQ0UQ5S5Cb3BWQD3bVbLzRZQySn3LLqy84MzkfQpmXMFGbnkF6Q==
a7d047259bdea4b2b509eb942f43f4bf.png
live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/media/ Frame 3C99 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/media/a7d047259bdea4b2b509eb942f43f4bf.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4H5dWm6UYMGRF9abgQe3_L2ABZP5pdBiqLWbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_QzeWgi_Z0c29mbW2xF3rK9M4De5lrtXP6m1wKTK2rT4MWBth30j6k-Ra4FvVtxa95RU12Hjr4iiYGB64C03aOsYS8tEnJPrhtlCGV3cZY0umwXVV6NFb8Q0MkKJ0Xxcyfg0fmeWsWsAL0CkDxyXgYUz8TVKXqS9Rm0UmCvAuD4-mfCfqmRyPCePME0B3GiC1Q2yPwZycQCw_L1fcJDzJmhLpztez99tm6mvLnQ4U9bgdHUrdaluUtyhsxRnbyIOVjNZwEHJFGtIS6QRTUhRoLbmw2ocU83dS_ozLCUV6ShkJachhHatIqOGuOXfV-liglCMfpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopA5rDjHBkcTzvxbzbkv4dA%26sig%3DAOD64_0jOZYwbX-BHoC2D8tng9K4yhpSiw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-AsKV_G9Qmfi8F1iXMVr2bUQRawsJNef_qPTyfAwfjG6M-JQ1NL50YmLTQIo5RBLKp4hBqhFbFqVVAb8oXwxUxl25sfIuwadSSnXBhZ_ghpVu5rtW0fKwLa7LOMyWRywnOOHIU10DvFy7peMu42W-ixq4pkgA%26cry%3D1%26dbm_d%3DAKAmf-D7ATsnersCdrpAxQVZH74YiN__v6R-LA0yQahIxwmuRUxSCHzFEzA1ajkEe8k-MnNvGGe9DfKWAiPwK7UReKtbM1Dp2lfS_uglSg7440C3qLKmhMDx3v5Naau3vz6c72fn4imoWubwcOR0SKYAdEPQsjbn55j_9QWEBpGd_HMFxo9Qp7n1JI8LkhDgZsyh5aCRGUaBdqcVP92wLZkG3hvKfspPh98Fi78XKnASVdhYKhnIcsLLKSdZYdmAEyJJmP15IwOMxrGoXgKtJL6lOVXLNhGBCu1peur35GeuJy50CpbTVrT03E26u6N62lIScbEhxyFmG1dX8g_soTFCOtcqsY4fGId75gSpTAxTPTEBWC-whPHm3wqKcyd75qgvoOSOAZq2FFhLqLk3h5W6Eu1LmCVH1ZbXTuJJdYt8b5PqtLNflAs%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e4c1bd42e97617bc7f374a7694f589744bb36d8f5aadddb3cdd0bc5aa37a539

Request headers

Referer
https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4H5dWm6UYMGRF9abgQe3_L2ABZP5pdBiqLWbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_QzeWgi_Z0c29mbW2xF3rK9M4De5lrtXP6m1wKTK2rT4MWBth30j6k-Ra4FvVtxa95RU12Hjr4iiYGB64C03aOsYS8tEnJPrhtlCGV3cZY0umwXVV6NFb8Q0MkKJ0Xxcyfg0fmeWsWsAL0CkDxyXgYUz8TVKXqS9Rm0UmCvAuD4-mfCfqmRyPCePME0B3GiC1Q2yPwZycQCw_L1fcJDzJmhLpztez99tm6mvLnQ4U9bgdHUrdaluUtyhsxRnbyIOVjNZwEHJFGtIS6QRTUhRoLbmw2ocU83dS_ozLCUV6ShkJachhHatIqOGuOXfV-liglCMfpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopA5rDjHBkcTzvxbzbkv4dA%26sig%3DAOD64_0jOZYwbX-BHoC2D8tng9K4yhpSiw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-AsKV_G9Qmfi8F1iXMVr2bUQRawsJNef_qPTyfAwfjG6M-JQ1NL50YmLTQIo5RBLKp4hBqhFbFqVVAb8oXwxUxl25sfIuwadSSnXBhZ_ghpVu5rtW0fKwLa7LOMyWRywnOOHIU10DvFy7peMu42W-ixq4pkgA%26cry%3D1%26dbm_d%3DAKAmf-D7ATsnersCdrpAxQVZH74YiN__v6R-LA0yQahIxwmuRUxSCHzFEzA1ajkEe8k-MnNvGGe9DfKWAiPwK7UReKtbM1Dp2lfS_uglSg7440C3qLKmhMDx3v5Naau3vz6c72fn4imoWubwcOR0SKYAdEPQsjbn55j_9QWEBpGd_HMFxo9Qp7n1JI8LkhDgZsyh5aCRGUaBdqcVP92wLZkG3hvKfspPh98Fi78XKnASVdhYKhnIcsLLKSdZYdmAEyJJmP15IwOMxrGoXgKtJL6lOVXLNhGBCu1peur35GeuJy50CpbTVrT03E26u6N62lIScbEhxyFmG1dX8g_soTFCOtcqsY4fGId75gSpTAxTPTEBWC-whPHm3wqKcyd75qgvoOSOAZq2FFhLqLk3h5W6Eu1LmCVH1ZbXTuJJdYt8b5PqtLNflAs%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 13:25:55 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 14:06:42 GMT
server
AmazonS3
age
32762
etag
"a7d047259bdea4b2b509eb942f43f4bf"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
5113
x-amz-cf-id
SmtiHePgKzsDdVdYgoo9jgPtYic0ObRl6AxWkkmMge9Ieh0rFhLWFQ==
/
stats.bannersnack.com/info/ Frame 3C99 		155 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.bannersnack.com/info/?h=bxnig8san&n=25&c=bsStats_bxnig8san
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.252.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
c2857dfa0c52ff3b5dd84b6af375e6cf15964972b26f9b7c015a5b4fda085ce9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://live-tag.bannersnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:59 GMT
cache-control
no-cache
vary
Accept-Encoding
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
user_uploaded_tdh_cityburn_revisited_2017_400_normal.ttf
live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/fonts/ Frame 83D0 		1 MB
1 MB 		Font
General
Check archive.org
Download Go to
Full URL
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/fonts/user_uploaded_tdh_cityburn_revisited_2017_400_normal.ttf
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4231df8fb4004a36075df72d7ab5978e4505c535071e34f37b82eadadcdd536d

Request headers

Origin
https://live-tag.bannersnack.com
Referer
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsXbcWm6UYMCRF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTxAU_QldOKkl5vj1rePCUIZ_iezJurMotthR6XrWLnMdkI-zAa8YjnRvTaBkSzilXozbaUPYs-3RbpOj9WEky5EV-B3SJGFi--Tnc9pxBe9WO0ADEOudaMFNdULAhJ5g1VCDUKloxUEWrLlyTeEHLHvLsgVqpyIVBaG-Jy3j5Nb8l-r99_lHQw_EW3nZfBRowH5E-cxvoR-82MwmYat1kWWv5dK2AEsSd6SFuE7jEbdGxyl9d3sKrD1ADY-2TdqVH5i_fVauCPxx9is3kKsAL255VAmwLbgA9oULune5si4mEwfecDJ4FGmZXhcRgsstZuZV7ABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyNDecGgnwBI669VZLQBo2Q%26sig%3DAOD64_0g4YmrpUhmcr8mbkX3JY4bbRoDGw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-APxEViDHoqe08WsdpfTvgXbvb_u0978C8NjA6QwEy_RAPb9WEYcAuAYdwsfJkyitWuWLiGXD-Uk1mtpi3ro8f6e6sMmXGtIiJgC77rUN0BQXk5-p5YGMgexlDxTz8vsFasgL-iweklfDW0Zd9PwXXnoT9WKQ%26cry%3D1%26dbm_d%3DAKAmf-CpagjvtdQdr8PnA_oYByU5jiTPyd3rqpH84SDOKLy6B3pWCLa7bK2CB4YN9bS3rdGojCOM878IHVb5CFAyHh25K8NxdiMPtdquI4wQtgJ7fA68pdPVbR4MyhA3JBtyADr0xtDQr3uQOX_MLDCSCyiTMEb1EKNArF7wIVXc3kQmKEL9i49bqX2NPy4smwWITxM5jAUfPsGFqAD_GpNkTLAx5iBupHHJrDrsUEVpkMr2jvgKvUw9LxNZ2kA4XEqV3BUJlgJiI67adlUT_9MZTqrJc0Y0WSTP3oHEglnxQgx80wqj4t9wBbpUPNRcXv5Wj7pZ7BL0Y0D-kXtG6k_8EbnXnBtW5Vze2rSj7IIkSFsAfc9MVs9RN2Uq-Z7891dbJa8TcL4Vc1XWQ5ViMD1rB0gAlxNSWvUBUUnhUf0elMXMtyJ1FqQ%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 22:51:58 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
age
85199
x-cache
Hit from cloudfront
content-length
1459860
last-modified
Mon, 07 Dec 2020 14:06:43 GMT
server
AmazonS3
etag
"c2cfd15b83f82e9b9ce6579f67d289e7"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/x-font-ttf
access-control-allow-origin
https://live-tag.bannersnack.com
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
VyFL9BLtFdr5CVTNQjkgw61lLL-JbfyUJ9m5zsqxL8TfYWeTFa7hDg==
32511a8a930e2f3acc093d38493bad88.png
live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/ Frame 83D0 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/32511a8a930e2f3acc093d38493bad88.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsXbcWm6UYMCRF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTxAU_QldOKkl5vj1rePCUIZ_iezJurMotthR6XrWLnMdkI-zAa8YjnRvTaBkSzilXozbaUPYs-3RbpOj9WEky5EV-B3SJGFi--Tnc9pxBe9WO0ADEOudaMFNdULAhJ5g1VCDUKloxUEWrLlyTeEHLHvLsgVqpyIVBaG-Jy3j5Nb8l-r99_lHQw_EW3nZfBRowH5E-cxvoR-82MwmYat1kWWv5dK2AEsSd6SFuE7jEbdGxyl9d3sKrD1ADY-2TdqVH5i_fVauCPxx9is3kKsAL255VAmwLbgA9oULune5si4mEwfecDJ4FGmZXhcRgsstZuZV7ABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyNDecGgnwBI669VZLQBo2Q%26sig%3DAOD64_0g4YmrpUhmcr8mbkX3JY4bbRoDGw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-APxEViDHoqe08WsdpfTvgXbvb_u0978C8NjA6QwEy_RAPb9WEYcAuAYdwsfJkyitWuWLiGXD-Uk1mtpi3ro8f6e6sMmXGtIiJgC77rUN0BQXk5-p5YGMgexlDxTz8vsFasgL-iweklfDW0Zd9PwXXnoT9WKQ%26cry%3D1%26dbm_d%3DAKAmf-CpagjvtdQdr8PnA_oYByU5jiTPyd3rqpH84SDOKLy6B3pWCLa7bK2CB4YN9bS3rdGojCOM878IHVb5CFAyHh25K8NxdiMPtdquI4wQtgJ7fA68pdPVbR4MyhA3JBtyADr0xtDQr3uQOX_MLDCSCyiTMEb1EKNArF7wIVXc3kQmKEL9i49bqX2NPy4smwWITxM5jAUfPsGFqAD_GpNkTLAx5iBupHHJrDrsUEVpkMr2jvgKvUw9LxNZ2kA4XEqV3BUJlgJiI67adlUT_9MZTqrJc0Y0WSTP3oHEglnxQgx80wqj4t9wBbpUPNRcXv5Wj7pZ7BL0Y0D-kXtG6k_8EbnXnBtW5Vze2rSj7IIkSFsAfc9MVs9RN2Uq-Z7891dbJa8TcL4Vc1XWQ5ViMD1rB0gAlxNSWvUBUUnhUf0elMXMtyJ1FqQ%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fed343e409c8fed4497bf726aba31f49710aa088b534acd821f188f7bcefb48

Request headers

Referer
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsXbcWm6UYMCRF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTxAU_QldOKkl5vj1rePCUIZ_iezJurMotthR6XrWLnMdkI-zAa8YjnRvTaBkSzilXozbaUPYs-3RbpOj9WEky5EV-B3SJGFi--Tnc9pxBe9WO0ADEOudaMFNdULAhJ5g1VCDUKloxUEWrLlyTeEHLHvLsgVqpyIVBaG-Jy3j5Nb8l-r99_lHQw_EW3nZfBRowH5E-cxvoR-82MwmYat1kWWv5dK2AEsSd6SFuE7jEbdGxyl9d3sKrD1ADY-2TdqVH5i_fVauCPxx9is3kKsAL255VAmwLbgA9oULune5si4mEwfecDJ4FGmZXhcRgsstZuZV7ABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyNDecGgnwBI669VZLQBo2Q%26sig%3DAOD64_0g4YmrpUhmcr8mbkX3JY4bbRoDGw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-APxEViDHoqe08WsdpfTvgXbvb_u0978C8NjA6QwEy_RAPb9WEYcAuAYdwsfJkyitWuWLiGXD-Uk1mtpi3ro8f6e6sMmXGtIiJgC77rUN0BQXk5-p5YGMgexlDxTz8vsFasgL-iweklfDW0Zd9PwXXnoT9WKQ%26cry%3D1%26dbm_d%3DAKAmf-CpagjvtdQdr8PnA_oYByU5jiTPyd3rqpH84SDOKLy6B3pWCLa7bK2CB4YN9bS3rdGojCOM878IHVb5CFAyHh25K8NxdiMPtdquI4wQtgJ7fA68pdPVbR4MyhA3JBtyADr0xtDQr3uQOX_MLDCSCyiTMEb1EKNArF7wIVXc3kQmKEL9i49bqX2NPy4smwWITxM5jAUfPsGFqAD_GpNkTLAx5iBupHHJrDrsUEVpkMr2jvgKvUw9LxNZ2kA4XEqV3BUJlgJiI67adlUT_9MZTqrJc0Y0WSTP3oHEglnxQgx80wqj4t9wBbpUPNRcXv5Wj7pZ7BL0Y0D-kXtG6k_8EbnXnBtW5Vze2rSj7IIkSFsAfc9MVs9RN2Uq-Z7891dbJa8TcL4Vc1XWQ5ViMD1rB0gAlxNSWvUBUUnhUf0elMXMtyJ1FqQ%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:02:21 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 14:06:43 GMT
server
AmazonS3
age
1783
etag
"32511a8a930e2f3acc093d38493bad88"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
7008
x-amz-cf-id
Ckg2R2AVJGvELWrIw_AX2uyZCd4JizjrZzE-hahbs5POZfFTF2Jmpg==
/
stats.bannersnack.com/info/ Frame 83D0 		155 B
324 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.bannersnack.com/info/?h=bumfrsqem&n=25&c=bsStats_bumfrsqem
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.252.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
c668b0c96accf4a56efc53a4a81fd926e98826c0f2babfc7a6debbd1468c71df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://live-tag.bannersnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:59 GMT
cache-control
no-cache
vary
Accept-Encoding
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
32511a8a930e2f3acc093d38493bad88.png
live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/ Frame 65E5 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/32511a8a930e2f3acc093d38493bad88.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fed343e409c8fed4497bf726aba31f49710aa088b534acd821f188f7bcefb48

Request headers

Referer
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAa7GWm6UYL-RF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTuAU_Qn26a3csvo5Uwz7SUWZOa9fMu92-0D4LguiZtb-J5TW290vwfSotkzuiDkM_zX2CFAtRfGhVLtwjVIp-sgBo7fScovZbNGTNnOVRRBUfuBh0-PRYhJBY5Lp76dkl4A1Vp09P8RqnQoM1woNTfI-sWRmadNI77W6mhgbF64YJHNSFXNnfQS5l4tGXngsKy_FAiCUKtBm-7zmKST3YNv8gjVQkKgGEc-bq6epJ39eIpw8Rv-Cm_sSc7AbIf84jSrYManqmDEfcrfcPK0pLA13_51VmGafL4B42i4qL8DqcPS4ItSAFa5cwDcH4pb8TABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2B42yRIHYTnql7LZDFeweA%26sig%3DAOD64_1IDDT88AgBX6nkbhKbrF8PUGegbQ%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-BZFOc8VK2sUpmFWlJuWh_ZZfMjJt6r0LICqJEc1neZgi6gVRM90Vp5Q3886sxrX-DlQwTgMGCbCjDpj5e-FfKMJSOKvvxLzXgBT5hT0e_dB_nLqP_1SkcOvPOpX0PsMxEoX0uROT3mkLO_7ZsjXkNeM5dnYQ%26cry%3D1%26dbm_d%3DAKAmf-C45xxJVMle2Y0zXyVO2ObVzdRlv05nLIPEX9neH_lxh36kBdYuQnsocFaze6i-6RZLvPv0sRCTZ30ReOwO0E6oYnWtLDlU6sl4ngbuF6Hkw38AXWx4Cksf73cI9ltIa7rpfgvwsZoN8QTY3W2ngoVt0jwZJEZNnvgRSvuUgar03i83WOyI09RF_3d9w3SMcRWW0jXaN9-jkjoYnesue2JiTnQpgKCsboUbgJaNb10fGrggKDlvScwylh_zdGTx8YWakPcqmy1po13dkEu58CZCHMNtVqbc1ESeNMJJmCQvSHEWMAnA-VI75f2uqeEH-OSDGv7siEAj3px5IKhHTSeYNf02Lbo-fLfQ4qIsPwSb1cFe5hBbnc8QLFpTlpwk0X-mCXi7-WbXxY_A2wQLIR0rw1n2Pb_3ExJs3BhXVKinfraFlaE%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:02:21 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 14:06:43 GMT
server
AmazonS3
age
1783
etag
"32511a8a930e2f3acc093d38493bad88"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
7008
x-amz-cf-id
ZIJZjlDT8C3Hph02s2NvIci496tKeJQonRRDNvdTqbkZJyLzXbJz6Q==
user_uploaded_tdh_cityburn_revisited_2017_400_normal.ttf
live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/fonts/ Frame 65E5 		1 MB
1 MB 		Font
General
Check archive.org
Download Go to
Full URL
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/fonts/user_uploaded_tdh_cityburn_revisited_2017_400_normal.ttf
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4231df8fb4004a36075df72d7ab5978e4505c535071e34f37b82eadadcdd536d

Request headers

Origin
https://live-tag.bannersnack.com
Referer
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAa7GWm6UYL-RF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTuAU_Qn26a3csvo5Uwz7SUWZOa9fMu92-0D4LguiZtb-J5TW290vwfSotkzuiDkM_zX2CFAtRfGhVLtwjVIp-sgBo7fScovZbNGTNnOVRRBUfuBh0-PRYhJBY5Lp76dkl4A1Vp09P8RqnQoM1woNTfI-sWRmadNI77W6mhgbF64YJHNSFXNnfQS5l4tGXngsKy_FAiCUKtBm-7zmKST3YNv8gjVQkKgGEc-bq6epJ39eIpw8Rv-Cm_sSc7AbIf84jSrYManqmDEfcrfcPK0pLA13_51VmGafL4B42i4qL8DqcPS4ItSAFa5cwDcH4pb8TABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2B42yRIHYTnql7LZDFeweA%26sig%3DAOD64_1IDDT88AgBX6nkbhKbrF8PUGegbQ%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-BZFOc8VK2sUpmFWlJuWh_ZZfMjJt6r0LICqJEc1neZgi6gVRM90Vp5Q3886sxrX-DlQwTgMGCbCjDpj5e-FfKMJSOKvvxLzXgBT5hT0e_dB_nLqP_1SkcOvPOpX0PsMxEoX0uROT3mkLO_7ZsjXkNeM5dnYQ%26cry%3D1%26dbm_d%3DAKAmf-C45xxJVMle2Y0zXyVO2ObVzdRlv05nLIPEX9neH_lxh36kBdYuQnsocFaze6i-6RZLvPv0sRCTZ30ReOwO0E6oYnWtLDlU6sl4ngbuF6Hkw38AXWx4Cksf73cI9ltIa7rpfgvwsZoN8QTY3W2ngoVt0jwZJEZNnvgRSvuUgar03i83WOyI09RF_3d9w3SMcRWW0jXaN9-jkjoYnesue2JiTnQpgKCsboUbgJaNb10fGrggKDlvScwylh_zdGTx8YWakPcqmy1po13dkEu58CZCHMNtVqbc1ESeNMJJmCQvSHEWMAnA-VI75f2uqeEH-OSDGv7siEAj3px5IKhHTSeYNf02Lbo-fLfQ4qIsPwSb1cFe5hBbnc8QLFpTlpwk0X-mCXi7-WbXxY_A2wQLIR0rw1n2Pb_3ExJs3BhXVKinfraFlaE%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 22:51:58 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
age
85199
x-cache
Hit from cloudfront
content-length
1459860
last-modified
Mon, 07 Dec 2020 14:06:43 GMT
server
AmazonS3
etag
"c2cfd15b83f82e9b9ce6579f67d289e7"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/x-font-ttf
access-control-allow-origin
https://live-tag.bannersnack.com
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
owVnNThJrs3bkt0a1PaJcM6kwNcoKuK-Abag3CcRISVZkBXmoctYZw==
/
stats.bannersnack.com/info/ Frame 65E5 		155 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.bannersnack.com/info/?h=bumfrsqem&n=25&c=bsStats_bumfrsqem
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.252.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
49634a980a79d0a176f84f72f1c874904624ad90bb531df5586541a516018650
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://live-tag.bannersnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:31:59 GMT
cache-control
no-cache
vary
Accept-Encoding
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
activeview
pagead2.googlesyndication.com/pcs/ Frame 5959 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHTg-HYuYfGGbpcPf1rswowuJpcEJnL7f41kbOG-gDFgkdigqLNuVhFjefDl-agcX2V0oVUz3GTaNcqdr0jOwWGF3iN8B76v_SSOC5tOmQRUytafLh3EX13Ms&sai=AMfl-YTQvRqZaepUSCsVFP36LVjxTBK3rUWWMPdNR2G44Xi0tXlznOHfPrfhTY4MjY3BgAFY3R7xwiVrGL9ci_qy4HaC-YGuJQa0aH5_5c7-plx1HkLIZs6vNp_WQGLC&sig=Cg0ArKJSzDhClBHd-HVkEAE&cid=CAASFeRosY5cKojlm9zM3HndVrBFVEWo3Q&id=ampim&o=290,241&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1027&mtos=0,0,1027,1027,1027&tos=0,0,1027,0,0&tfs=221&tls=1248&g=100&h=100&tt=1248&r=v&avms=ampa&adk=3176455463
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2674 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst7H9p8KNQPrX_j3yja0Z5u1GmD6q6eWh83XAtF0cZw3XPhu4te4tDnHfrgxaIiCJred2b56yuOPcvpLiDZoIdvMB9I9mdF_YfcErnReKa5Nlvnv9r2hfoyKjs&sai=AMfl-YSnk5J8cg74vXECbarTXF8jOdH2yG_l6sMya8o2j1WTV-nrY7L_5hejVFKNiR42HtRI1lyLyIjWkD0xv9H6XEyWnvzLXlLalSI9qyLj9sT2dRiSI_bSvAEot52Y&sig=Cg0ArKJSzAdiJi_UXUj2EAE&cid=CAASEuRoN3BBSeC1Z9KHhfFStb6WYg&id=lidar2&mcvt=1030&p=496,1010,750,1310&mtos=0,1030,1030,1030,1030&tos=0,1030,0,0,0&v=20210505&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=2184520972&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620340314969&dlt=10&rpt=0&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
h4bqBfzbNhyfW_h1rVmWXBQaJ_zHuZxkYqdqs1GA3F4.js
pagead2.googlesyndication.com/bg/ Frame 1711 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/h4bqBfzbNhyfW_h1rVmWXBQaJ_zHuZxkYqdqs1GA3F4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8786ea05fcdb361c9f5bf875ad59965c141a27fcc7b99c6462a76ab35180dc5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 16:38:25 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 03 May 2021 10:48:00 GMT
server
sffe
age
194011
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5698
x-xss-protection
0
expires
Wed, 04 May 2022 16:38:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D3C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXp2wW26UYOKnDcGcgAeI7YTQCwAAAAA4AeAEAg&bg=!kpGlkdXNAAYP3QOmD907ACkAdvg8Wjhtb6LlEpudYBzQBTpBkqd7h-TRw2q5P2ePmjNfup9TpiD5PwIAAAKjUgAAAC5oAQcKAOo_C-SzGB4izB9Qe1eJl_7oxJaR0f20wvb6nVh2rCe3iRG2SfgNxNhl1L-hSy3EsA8LkBbxvGImGvdZxg_MvVJH4EjN_hF0vjb6cDuEY1O3IqfdFlq_96AZlv3M9ARsfi6jF1yoYwm5KuAHcG453eKMYnXmbioIhxgHl7HVMlbygE_H-6nP1zASAdrZ7u54nXA85r-GeCkf9S5it491rYTgs_CgN0MFy8eo4D2ta0fzyBQ49OXT2s4i2Xt-_pTTKvGxgPh-AKlE9tqNh8BW6vQfpLHcPx7ljeBjwxLogzsRctc2md61b8SRUH6ZAo7vpKIMOO6AP83cpfUcaedai3UOTZq-qzSXppJWza2Pda0CdPHyTEYabJqW_42CUfkAlXlUTgTh5HDHJ3OecWCOFDuPAEFS424tFousTX5dZPGQhkEaB4_Lu5qjKSUwR43_Vx0m3pb6L12AfeiTzJwmC90ot0ZAxM_Ic63veo9xHXuSB_bQbEn80LKd7omV_Kz9IfnYK1DGmtXqLvMfvUfA7FdJpzj0HfY0Z9YDoE0D0BEaMYkviTqhyULllJKEdBhGQP7tOkZeDj7HKLLkX1C-D-_9oJDiYw8-QifKlSruOZZYjE4tGtAOZQV5Egza0BmQeOYUljEdEzeiUEraG3FmYkLb_3Kq6bUeTLK-rWHdck_aaGLOVbYCzwOkAuRm3wvPm9ni8fwaq5E-ay7eLpWITugN-1jKABiiE7f313cvNCxiE7TX5I6ILVuSnlC6dzPxDuRM1xTIhsyXMJMRMPv_ofK-dYoxxYriD4cTwvypepJk4Flu0FAFKSvI3EFVtmUV0CWz2ZnEE15yiI6tLh_ZiTTklAePcwvuCsDg0Y-JQrWIzDMQ0gnTF-D5eIbLiYvoHmfmFnwMGHxOYKXbwHp6khJo9qsWnGemJ0kbY1_XIG3w0l0k-Oi8jo3p19jH47alp0u-zwdtNPRstSxPItN1LI5-_6X28H5bbiBQ6aGGRtZAl6SGjPqZhQNTUe2HEVREde9gL-SZDn-nL6ufMC_qU-bYrMZW3Ky-KPO-HNR2xF5XhySSNsfF7PvB4hyXClnlUF3Ib53uTU1Jzkxss72ylTQwBKSmq9KeEECAtb3a5bHci0pM39XAuUkdAzEM0I76rfoDmp4LFi35lMGICnlPCpDGfuQdvP6khHP_D60
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 8CE8 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CtziRW26UYKKhC5rl-gaKwID4C9yNmcVix8nkvuINsJAfEAEg0pbmOGD1lc6B4ASgAe3xtdoDyAEFqQKZ6G7ZRneyPuACAKgDAZgEAKoEpwJP0PWFkLZ4hiSwvcK_AJ1VX32oyRHEdxiXNuk1MLcOWxs4PzS4ozhvIyWL6t6BtrdftOklDopYZDCvT7FcQA0Wd4KXmnreni2Qw4N_e81LxGcIYiNo9OUSJW7ZbfSAgmGKVuhq8xDv8_fKRNd7eRKvOGR1rMUHgFvyVs5XtP6qwZptV7Uh_bORRIIbjljswOz30AWCu8D4W9JaoIzclJ5qxFu04FE6-izj2A7394DeS53ABMC3YCFQxOQSNVFV9SZ-buL9rxq0oY1inCDwjCCnRsUuUjbmCXnGeI3S5vXxnFgPOj2dVDf1ywD06o-x9tJHEhiQwEky7XhZx7v4UXCD96xAF1BhHwTxXWSF3TTlOBQtb5TpN4CYdAoCyczjN0pzLjex9reYwATG-_KHuwPgBAGgBlSAB7C58SmoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIIBwiAYRABGB3yCBthZHgtc3Vic3luLTY1MDg1NzM4NTQwOTg2ODaaCaQBaHR0cHM6Ly93d3cuaW50ZXJkaXNjb3VudC5jaC9kZS9tb2JpbHRlbGVmb24tdGFibGV0LXdlYXJhYmxlcy9tb2JpbHRlbGVmb24vbW9iaWx0ZWxlZm9uZS0tYzQxMTAwMC9zYW1zdW5nLWdhbGF4eS1hNTEtNi01LTEyOC1nYi00OC1tcC1wcmlzbS1jcnVzaC1ibGFjay0tcDAwMDIxMDk5OTKxCYAwQivRJz32gAoDyAsB0AsO4AsBuAwB2BMN0BUB4hYCCAGAFwE&sigh=ZsJ7fRQbZmA&label=video_ad_loaded&acvw=&sdkv=h.3.454.1&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3MzExNDk0NDcxMTIMNTE4MDU1MjUxOTcwQNwCUh0QDyUAAMBBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DB3D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6gc9W26UYIDCDvS8lQfA_IdAAAAAADgB4AQC&bg=!bW6lbirNAAYP3QOmD907ACkAdvg8Wv-SzIq70sTUp2LSHR0lZ_vsDTjNYXygLwxfqQ4CtupmMts3jAIAAAH2UgAAABVoAQcKABRQmjzvURLp84Zfd5glirmxzXCV0ZkCnKChCH-CtdLewdfmAW5YUrmIushMWLKptSboRwPaoQAGR-EgFZniR5FFtWt_LdjKY0eCK7vq0oL51ehD3J6tfMarCZlSiSFl4ZnhB0eW5wx_mKBlUJDTTGDUX2OhrHDUl8tF1kdEho43BNJ74grMM-3yY3F8tDGzWJvn9-utSq7vrLAipVYOy6VCCBZw4z1hQ7GZnun69eQi_LPnwf1PCXxMsW_xxYfzpBr4iuMsyCaBCpJftmuwj-ntxNIqPVhfTnzeEnkssjS6rt3W5OdtwbMn8_tOLwt0v7QMGAfvvoIzSkk3-VW6EQO6xDs6G8ytR-Gs-ylfBGrVKBeGOEBFjyVu6IX4M9tdZ1QDT79j6ZIAjkByanrn_GWgkZ42sdcwU2qYUIQUOfB7isH5BzCrwrHQNP5gPUmbq3Pmxp_xqUAHNsI98_BwVvFYyTcQ0OGLoj-FE13MoWRsISp3uG081ZUq9Ua6t6U_7TWpUeRBMkhaN1naCJf-PRjrV_O_Dvq73P2mw7NUG0j5ARXj6GvV3k58Z1u-ItD_Dsjb1sP0xqIzpTkgZMBvZIsa80bET32ptePP6wb_J8Di4bQXT0GyZf87SjC1lSjuZaTS870HpDL-f5JGweV9L_Z-fAfiGChbJQo6zeHRFNwgIgZblQjyc0nO8vdoR2ZHXGLLfIFs3iUAlpFXWISeXA-OQf-HdSbQYRs2t1PhmKBPFLfyVpMuUX63lvdYm8Wiy3ql1MLg2_dqGokmbM43pj8QnGZkkRadtKBuKz3DK1_qOtfStDiIqAbrtWz8EXes0wZO3_ATV2JSfwO-kO_PecGb8OS84Z2d4PZbcecMIX3ve4234JhtHxyphjOq_TkU7E1ijZcdn4wLljPli3VU5bHeJL5R
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DEB2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxAMLsZrL7jp7jAeGtji5TCLQULiOxhjxEj1dEvAgW2ki8FdCh9kJ9N05kYQp71J4BZxkzlp37ebKsJC_uT6e1cvVT4R1aIxgbT8UpBTlqm1ZFmNFYyyxeYjU&sai=AMfl-YTLxp_bT3r4qs-DFaClDmG00tGrI4fJRLRTrWuNmBoUDSW1a0020zn4ChEpAGabArVgh4syIaENT8cKHD_B8m2hDqpIvrtBEOSDXlAxNvegTMLJUeoJIAymKXVj&sig=Cg0ArKJSzIgRCwoguCJdEAE&cid=CAASEuRopA5rDjHBkcTzvxbzbkv4dA&id=lidar2&mcvt=1019&p=241,1010,495,1310&mtos=0,1019,1019,1019,1019&tos=0,1019,0,0,0&v=20210505&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=58431305&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620340314968&dlt=13&rpt=1&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1431 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbZDlW26UYLC1DvL33wOui5fQCAAAAAA4AeAEAg&bg=!_v2l_bnNAAYP3QOmD907ACkAdvg8WmfekF7atJP7-rXo04hkXPxCnnFSdBvax-PurGy3iJEfSGrdygIAAAIQUgAAABNoAQeZAp1tVwOSo4cT6-ZhpV76Diolk4AkyixzZbvXLTFqQcKJnqFpwSUlvvSPvaF4ftKuK90wwq-tsudGYO_GqwhrhBxqre79ubdBO-V3g4bwTHBvalvNkv9GJJBvU_wysMNsdUjumrUn9-qpFCDUa0TW614RJYy1Dma4VuIKhsugeSPf2TJfxi5z_89ajtbPr9-cQpyyK_jCbYZZU4jt4gE9oLNKaZa591MuQtFyK4X2m_ZQqbrXaO44at56NrbuLWTKSZ7xVwcPvITpzLx60FpiTBWNlEm-zKN-ue1YsN7scvPTE_DNUMgvAk4m1YKKcqkAZaWWHlRkaLy0xMgk7Un-vTjRmpacvggBVsS6MEpfv3DxzoEIoFhe7A4zyPvjj40jnTLRPUmAzEp-iDOGotDttWtg2mN3ZZEBNZFh3UDTk9194WU8O7IoX46rEYXSFifwh0_GwMkXLLhkIAwNYp9cqj12ZhC2h-lIYMPa6NzzNc2OsWydAnbpi17EcHUf0w48ppR7zCU8EpnK-FXTZq17ri6ldpTtHaLiaCgB0-ahiKxKaH8EXTNHasytnbYJd9DILdxQCHQa8td8pBde2txzDhhkwUa6urVIwbcUXTuS6EH6KOBSO2QoN_ufrcQBOlmAM0BcObu1019RvNolGJBHnUB8rx6pCt-Gh_0Wx2UZOJIO4qmBz3Fr313ivH9-jTqN2NHbv76VTok6tKWmYtelLk6UmG6jzEhPWzIMEm7quoIUz02b8ZR0xKTQobucrvkgd_GMt6DyPMFsI2yoWGVOMO_hQ8b1lIctXeHUQpR4nSlRpuBB-wixQqrIq4yuxpRpYacFylEae7QFEVcVw18DIFbfn43CVRLzKbV_kQ0yEGC3rSZpN7eQcYvx0k_lg-w
Requested by
Host: dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
URL: https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame 8CE8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.454.1_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 05:51:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492037
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 May 2022 05:51:19 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 8CE8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CC0EzW26UYKKhC5rl-gaKwID4C9yNmcVix8nkvuINsJAfEAEg0pbmOGD1lc6B4ASgAe3xtdoDyAEFqQKZ6G7ZRneyPuACAKgDAZgEAKoEpAJP0PWFkLZ4hiSwvcK_AJ1VX32oyRHEdxiXNuk1MLcOWxs4PzS4ozhvIyWL6t6BtrdftOklDopYZDCvT7FcQA0Wd4KXmnreni2Qw4N_e81LxGcIYiNo9OUSJW7ZbfSAgmGKVuhq8xDv8_fKRNd7eRKvOGR1rMUHgFvyVs5XtP6qwZptV7Uh_bORRIIbjljswOz30AWCu8D4W9JaoIzclJ5qxFu04FE6-izj2A7394DeS53ABMC3YCFQxOQSNVFV9SZ-buL9rxq0oY1inCDwjCCnRsUuUjbmCXnGeI3S5vXxnFgPOj2dVDf1ywD06o-x9tJHEhiQwEky7XhZx7v4UXCD96xAF1BhHwTxXWSF3WzkggAlTQrnpSB-4Sn9XKgcpT-AlHypwATG-_KHuwPgBAGgBlSAB7C58SmoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG9gHAfIHBBDM7iioCAHSCAcIgGEQARgd8ggbYWR4LXN1YnN5bi02NTA4NTczODU0MDk4Njg2gAoDyAsBwhMGGO3xtdoD2BMN0BUB4hYCCAGAFwGyFxoKGAgAEhRwdWItMTkyOTYxNTY5NDM3MzEwMw&sigh=AVWUV-dKnyc&cmd=Ch1jYS12aWRlby1wdWItMTkyOTYxNTY5NDM3MzEwMxAAGAI&sdkv=h.3.454.1
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 8CE8 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C3154W26UYKKhC5rl-gaKwID4C9yNmcVix8nkvuINsJAfEAEg0pbmOGD1lc6B4ASgAe3xtdoDyAEFqQKZ6G7ZRneyPuACAKgDAZgEAKoEpAJP0PWFkLZ4hiSwvcK_AJ1VX32oyRHEdxiXNuk1MLcOWxs4PzS4ozhvIyWL6t6BtrdftOklDopYZDCvT7FcQA0Wd4KXmnreni2Qw4N_e81LxGcIYiNo9OUSJW7ZbfSAgmGKVuhq8xDv8_fKRNd7eRKvOGR1rMUHgFvyVs5XtP6qwZptV7Uh_bORRIIbjljswOz30AWCu8D4W9JaoIzclJ5qxFu04FE6-izj2A7394DeS53ABMC3YCFQxOQSNVFV9SZ-buL9rxq0oY1inCDwjCCnRsUuUjbmCXnGeI3S5vXxnFgPOj2dVDf1ywD06o-x9tJHEhiQwEky7XhZx7v4UXCD96xAF1BhHwTxXWSF3WzkggAlTQrnpSB-4Sn9XKgcpT-AlHypwATG-_KHuwPgBAGgBlSAB7C58SmoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIIBwiAYRABGB3yCBthZHgtc3Vic3luLTY1MDg1NzM4NTQwOTg2ODaACgPICwHYEw3QFQHiFgIIAYAXAQ&sigh=fZPmrJobJ8k&cmd=Ch1jYS12aWRlby1wdWItMTkyOTYxNTY5NDM3MzEwMxAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D894%26cb%3Dj%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D585,516,838,966%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D19017%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1159%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D679419909%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1620340316370%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.05%26t%3D1620340315545&sdkv=h.3.454.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3MzExNDk0NDcxMTIMNTE4MDU1MjUxOTcwQNwCUiAQDyUAAMBBKAE6B3Vua25vd25CB3Vua25vd25I1ARQABgB
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8CE8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsklb_awv6BWzXE82Rh8xvxUgIJe-HmNa8rktOaHlOya0ubkY2PDjxe_I7T5oEBylT8OCps-R8GztNdOcXwRvhtCGpJmM6RVQL99wvUtCCyeW0jqrOIJ42FV2zJLc9LGTbzcjdFnQqsEIzl5ng7g&sai=AMfl-YTAdLynFzGu3O-H_4AWXFOMyFOU9apL3HUzcsFlrcmTuz4WM8qXdY02n8aQk1L3kMYyOB5KYKGbeffwjJax2OSI2h9F5WqEPk4FCPlqpTPhEG6RBNLeIxvf-Jjx&sig=Cg0ArKJSzBcRfG234jDMEAE&cid=CAASFeRokpfi6mSHoNCyS0yjRmX5qlsIwA&id=lidarv&acvw=sv%3D894%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D585,516,838,966%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D19017%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1159%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D679419909%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1620340316372%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1620340315545&avm=1
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 8CE8 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C3154W26UYKKhC5rl-gaKwID4C9yNmcVix8nkvuINsJAfEAEg0pbmOGD1lc6B4ASgAe3xtdoDyAEFqQKZ6G7ZRneyPuACAKgDAZgEAKoEpAJP0PWFkLZ4hiSwvcK_AJ1VX32oyRHEdxiXNuk1MLcOWxs4PzS4ozhvIyWL6t6BtrdftOklDopYZDCvT7FcQA0Wd4KXmnreni2Qw4N_e81LxGcIYiNo9OUSJW7ZbfSAgmGKVuhq8xDv8_fKRNd7eRKvOGR1rMUHgFvyVs5XtP6qwZptV7Uh_bORRIIbjljswOz30AWCu8D4W9JaoIzclJ5qxFu04FE6-izj2A7394DeS53ABMC3YCFQxOQSNVFV9SZ-buL9rxq0oY1inCDwjCCnRsUuUjbmCXnGeI3S5vXxnFgPOj2dVDf1ywD06o-x9tJHEhiQwEky7XhZx7v4UXCD96xAF1BhHwTxXWSF3WzkggAlTQrnpSB-4Sn9XKgcpT-AlHypwATG-_KHuwPgBAGgBlSAB7C58SmoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIIBwiAYRABGB3yCBthZHgtc3Vic3luLTY1MDg1NzM4NTQwOTg2ODaACgPICwHYEw3QFQHiFgIIAYAXAQ&sigh=fZPmrJobJ8k&cmd=Ch1jYS12aWRlby1wdWItMTkyOTYxNTY5NDM3MzEwMxAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D894%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D585,516,838,966%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D19017%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1159%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D679419909%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1620340316375%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1620340315545&sdkv=h.3.454.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3MzExNDk0NDcxMTIMNTE4MDU1MjUxOTcwQNwCUiAQDyUAAMBBKAE6B3Vua25vd25CB3Vua25vd25I1ARQABgB
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8CE8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.454.1&e=21064201&id=ima_html5&c=3607165506182372&domain=start.mybluelight.com
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 8CE8 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C3154W26UYKKhC5rl-gaKwID4C9yNmcVix8nkvuINsJAfEAEg0pbmOGD1lc6B4ASgAe3xtdoDyAEFqQKZ6G7ZRneyPuACAKgDAZgEAKoEpAJP0PWFkLZ4hiSwvcK_AJ1VX32oyRHEdxiXNuk1MLcOWxs4PzS4ozhvIyWL6t6BtrdftOklDopYZDCvT7FcQA0Wd4KXmnreni2Qw4N_e81LxGcIYiNo9OUSJW7ZbfSAgmGKVuhq8xDv8_fKRNd7eRKvOGR1rMUHgFvyVs5XtP6qwZptV7Uh_bORRIIbjljswOz30AWCu8D4W9JaoIzclJ5qxFu04FE6-izj2A7394DeS53ABMC3YCFQxOQSNVFV9SZ-buL9rxq0oY1inCDwjCCnRsUuUjbmCXnGeI3S5vXxnFgPOj2dVDf1ywD06o-x9tJHEhiQwEky7XhZx7v4UXCD96xAF1BhHwTxXWSF3WzkggAlTQrnpSB-4Sn9XKgcpT-AlHypwATG-_KHuwPgBAGgBlSAB7C58SmoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIIBwiAYRABGB3yCBthZHgtc3Vic3luLTY1MDg1NzM4NTQwOTg2ODaACgPICwHYEw3QFQHiFgIIAYAXAQ&sigh=fZPmrJobJ8k&cmd=Ch1jYS12aWRlby1wdWItMTkyOTYxNTY5NDM3MzEwMxAAGAI&label=admute&ad_mt=0&acvw=sv%3D894%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D585,516,838,966%26tos%3D24,0,0,0,0%26mtos%3D24,24,24,24,24%26amtos%3D0,0,0,0,0%26mcvt%3D24%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D24%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D24%26pst%3D-1%26dur%3D19017%26vmtime%3D-1%26dvs%3D24%26dfvs%3D24%26dvpt%3D24%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1159%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D679419909%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1620340316385%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,24&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1620340315545&sdkv=h.3.454.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3MzExNDk0NDcxMTIMNTE4MDU1MjUxOTcwQNwCUiAQDyUAAMBBKAE6B3Vua25vd25CB3Vua25vd25I1ARQABgB
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ai
capi.connatix.com/tr/ Frame D9A3 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ai?v=116015
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.99.24 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 06 May 2021 22:31:56 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://start.mybluelight.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
activeview
pagead2.googlesyndication.com/pcs/ Frame FEE4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4QHe-e7dCV-m9U8Z6wWcIjufFlKVvPwlnVrspkLM8ogZPgHnopme_iMjEDH5y6rPl7nO5uXt-JYLZyXrxSi2wrWTfZ6hBmj_KXxOIb8tyIx6WzEH5Mzms5qU&sai=AMfl-YTTL3B517WUBgeOQAHVLSOPUygh-7SEAKEmQ8kJqa-4cWo7yyGFfY2P-0kUm1rRYZQTPcNd713oJfPczvTbq20jpzdlUza6edb0P0Tt42gBBFF38go35Dm-cwhn&sig=Cg0ArKJSzMhSKMYydhFUEAE&cid=CAASEuRoyNDecGgnwBI669VZLQBo2Q&id=lidar2&mcvt=1025&p=1093,582,1187,1310&mtos=0,1025,1025,1025,1025&tos=0,1025,0,0,0&v=20210505&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=3106991557&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620340314958&dlt=27&rpt=10&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 4FFD 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/hhrtBw21.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://imasdk.googleapis.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://imasdk.googleapis.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8727
date
Mon, 03 May 2021 18:12:19 GMT
expires
Tue, 03 May 2022 18:12:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
274777
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame E105 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLpMbiRekc2zjjwx4t9_MbqZkKx9LQDoCbKwsd-HUyA_x1R2Lc5d_T2hKiIkYEjN6xvx7BcYmSUSe3kMw4ioYPtUGi9aeoODIh8MU-03XwMj7Bion_VcPp6A0&sai=AMfl-YRKQVyjVfg9Vo3QcycSm2gigO9rcSWAxWZ4-nHzCrOKYa2g5mEqbm_XPlEtV1DI5n_qOQ4ZExhQ4SjJW9Z0KPd-Zg7s_9wMeulFbu3Io3-TJCGcNLlUTfgL_3vj&sig=Cg0ArKJSzKB3HFg4ia0NEAE&cid=CAASEuRo2B42yRIHYTnql7LZDFeweA&id=lidar2&mcvt=1009&p=10,582,104,1310&mtos=0,1009,1009,1009,1009&tos=0,1009,0,0,0&v=20210505&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=3493789625&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620340314923&dlt=64&rpt=1&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 87E7 		672 B
360 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:900
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
783b19ce6e3caa738691d51adf23d6280c4046739a34a6e8cc4c16ec985a6c21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://live-tag.bannersnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 06 May 2021 21:16:57 GMT
server
ESF
date
Thu, 06 May 2021 22:31:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 06 May 2021 22:31:56 GMT
c5c0842a67c836eeeca1056bf14c2e05.png
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/ Frame 87E7 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/c5c0842a67c836eeeca1056bf14c2e05.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC76whWm6UYMKRF9abgQe3_L2ABZP5pdBisLmbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_Q4PfwSrMG9f4K9Xnyjj5yBwyBLdMLJoqXoEO4j0_iXLqxa_klistxC7PUCYkb4u4OwEPEFX4Ae22o22C3iqVX2oAghRIpJKEB2SnxBqJmtJ1kisVeDqwdnW9K33NJcJS86FHOwAca-Ixl-cDUJFudqrjUm-xMrsAj4Vn6L-s7Jk7ltKdc07rCpa5YJfKeSuCYx3FqzewtLX_pOuAdePhjdAH9Tz7uhcpfky3Y_rYmJE1txVD6LFs9svveZ4iBEzcJ0S4KDL4sK6LAdO2UkVmIzsZie3zJnI0wAaT6sL_GR4QHiebU5SxsYv0qd2-yjUVl-qw8wATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoN3BBSeC1Z9KHhfFStb6WYg%26sig%3DAOD64_1oUPa_UsKVutRCTGKGw-8M1c_oAg%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-B3YA4nc4zIBsipOpoMrPjF-VPjizEERjb77cV_RJfcks1PJ5u5XGzbtprI0of6Dygtq88J-_RGz7MPpDVbtWOxjLZYBgG9po4OHtmDVy4sYY2W_WN7ZU6URBkhuGRrykR6Rp2KopkggJQTQEqLKZCpLKCsUA%26cry%3D1%26dbm_d%3DAKAmf-DPTrGIHTba5yRbZag0-wDK6PzJgwAucHr7KPCU9FD6uJF0-_cAzRrSq1BtMTY6_9BRGmX5S8V9kkXz1nj3v5G-vyBoHoA-XX3EnR_ThAUhzvul69yPiPiqTIa2OqL7yM1P-N89PrRBlDV2l20OKJfqx-ZWxUA_kRtyIsG4Ui8roI4d6HJQe03N4ZO0BTvoqQemuO8aqfMsIZrnSFkvg2eq8A9KfP_3mpMYx6buYnyMRbUa2r3So0kzQ0l_eAgvJA3dwreItfYCmTm0bXM4ChylFgPTC4EleQruf3vxz49lVO6vUtxjV_x2phRM_kITlD8mK1znY320pEauC0aLxM0XhvV4n6cUnv472niiIg4do_yLH3Q8LRqaNOoq0eswm4ECufgz95C5HGB5MDgk-JjqpviQPKh9bztqwB1LzQw1m_F_2nY%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3c95078f581f7252c3894266c07132443db49466b78642faca28f18e8614f8b

Request headers

Referer
https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC76whWm6UYMKRF9abgQe3_L2ABZP5pdBisLmbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_Q4PfwSrMG9f4K9Xnyjj5yBwyBLdMLJoqXoEO4j0_iXLqxa_klistxC7PUCYkb4u4OwEPEFX4Ae22o22C3iqVX2oAghRIpJKEB2SnxBqJmtJ1kisVeDqwdnW9K33NJcJS86FHOwAca-Ixl-cDUJFudqrjUm-xMrsAj4Vn6L-s7Jk7ltKdc07rCpa5YJfKeSuCYx3FqzewtLX_pOuAdePhjdAH9Tz7uhcpfky3Y_rYmJE1txVD6LFs9svveZ4iBEzcJ0S4KDL4sK6LAdO2UkVmIzsZie3zJnI0wAaT6sL_GR4QHiebU5SxsYv0qd2-yjUVl-qw8wATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoN3BBSeC1Z9KHhfFStb6WYg%26sig%3DAOD64_1oUPa_UsKVutRCTGKGw-8M1c_oAg%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-B3YA4nc4zIBsipOpoMrPjF-VPjizEERjb77cV_RJfcks1PJ5u5XGzbtprI0of6Dygtq88J-_RGz7MPpDVbtWOxjLZYBgG9po4OHtmDVy4sYY2W_WN7ZU6URBkhuGRrykR6Rp2KopkggJQTQEqLKZCpLKCsUA%26cry%3D1%26dbm_d%3DAKAmf-DPTrGIHTba5yRbZag0-wDK6PzJgwAucHr7KPCU9FD6uJF0-_cAzRrSq1BtMTY6_9BRGmX5S8V9kkXz1nj3v5G-vyBoHoA-XX3EnR_ThAUhzvul69yPiPiqTIa2OqL7yM1P-N89PrRBlDV2l20OKJfqx-ZWxUA_kRtyIsG4Ui8roI4d6HJQe03N4ZO0BTvoqQemuO8aqfMsIZrnSFkvg2eq8A9KfP_3mpMYx6buYnyMRbUa2r3So0kzQ0l_eAgvJA3dwreItfYCmTm0bXM4ChylFgPTC4EleQruf3vxz49lVO6vUtxjV_x2phRM_kITlD8mK1znY320pEauC0aLxM0XhvV4n6cUnv472niiIg4do_yLH3Q8LRqaNOoq0eswm4ECufgz95C5HGB5MDgk-JjqpviQPKh9bztqwB1LzQw1m_F_2nY%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 13:27:11 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 13:46:18 GMT
server
AmazonS3
age
32686
etag
"c5c0842a67c836eeeca1056bf14c2e05"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
184755
x-amz-cf-id
31MyQslYaSbDcSvSx79sqJ_TgEZiqO-YEYjQHGYP8RCXHVz_t5kkFw==
90b64bdc05e626dc71af907aefda3bbd.png
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/ Frame 87E7 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/90b64bdc05e626dc71af907aefda3bbd.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC76whWm6UYMKRF9abgQe3_L2ABZP5pdBisLmbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_Q4PfwSrMG9f4K9Xnyjj5yBwyBLdMLJoqXoEO4j0_iXLqxa_klistxC7PUCYkb4u4OwEPEFX4Ae22o22C3iqVX2oAghRIpJKEB2SnxBqJmtJ1kisVeDqwdnW9K33NJcJS86FHOwAca-Ixl-cDUJFudqrjUm-xMrsAj4Vn6L-s7Jk7ltKdc07rCpa5YJfKeSuCYx3FqzewtLX_pOuAdePhjdAH9Tz7uhcpfky3Y_rYmJE1txVD6LFs9svveZ4iBEzcJ0S4KDL4sK6LAdO2UkVmIzsZie3zJnI0wAaT6sL_GR4QHiebU5SxsYv0qd2-yjUVl-qw8wATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoN3BBSeC1Z9KHhfFStb6WYg%26sig%3DAOD64_1oUPa_UsKVutRCTGKGw-8M1c_oAg%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-B3YA4nc4zIBsipOpoMrPjF-VPjizEERjb77cV_RJfcks1PJ5u5XGzbtprI0of6Dygtq88J-_RGz7MPpDVbtWOxjLZYBgG9po4OHtmDVy4sYY2W_WN7ZU6URBkhuGRrykR6Rp2KopkggJQTQEqLKZCpLKCsUA%26cry%3D1%26dbm_d%3DAKAmf-DPTrGIHTba5yRbZag0-wDK6PzJgwAucHr7KPCU9FD6uJF0-_cAzRrSq1BtMTY6_9BRGmX5S8V9kkXz1nj3v5G-vyBoHoA-XX3EnR_ThAUhzvul69yPiPiqTIa2OqL7yM1P-N89PrRBlDV2l20OKJfqx-ZWxUA_kRtyIsG4Ui8roI4d6HJQe03N4ZO0BTvoqQemuO8aqfMsIZrnSFkvg2eq8A9KfP_3mpMYx6buYnyMRbUa2r3So0kzQ0l_eAgvJA3dwreItfYCmTm0bXM4ChylFgPTC4EleQruf3vxz49lVO6vUtxjV_x2phRM_kITlD8mK1znY320pEauC0aLxM0XhvV4n6cUnv472niiIg4do_yLH3Q8LRqaNOoq0eswm4ECufgz95C5HGB5MDgk-JjqpviQPKh9bztqwB1LzQw1m_F_2nY%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
683927ce48904f371f977c1240e074816187cbb6f96d66525a39f26230b7254c

Request headers

Referer
https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC76whWm6UYMKRF9abgQe3_L2ABZP5pdBisLmbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_Q4PfwSrMG9f4K9Xnyjj5yBwyBLdMLJoqXoEO4j0_iXLqxa_klistxC7PUCYkb4u4OwEPEFX4Ae22o22C3iqVX2oAghRIpJKEB2SnxBqJmtJ1kisVeDqwdnW9K33NJcJS86FHOwAca-Ixl-cDUJFudqrjUm-xMrsAj4Vn6L-s7Jk7ltKdc07rCpa5YJfKeSuCYx3FqzewtLX_pOuAdePhjdAH9Tz7uhcpfky3Y_rYmJE1txVD6LFs9svveZ4iBEzcJ0S4KDL4sK6LAdO2UkVmIzsZie3zJnI0wAaT6sL_GR4QHiebU5SxsYv0qd2-yjUVl-qw8wATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoN3BBSeC1Z9KHhfFStb6WYg%26sig%3DAOD64_1oUPa_UsKVutRCTGKGw-8M1c_oAg%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-B3YA4nc4zIBsipOpoMrPjF-VPjizEERjb77cV_RJfcks1PJ5u5XGzbtprI0of6Dygtq88J-_RGz7MPpDVbtWOxjLZYBgG9po4OHtmDVy4sYY2W_WN7ZU6URBkhuGRrykR6Rp2KopkggJQTQEqLKZCpLKCsUA%26cry%3D1%26dbm_d%3DAKAmf-DPTrGIHTba5yRbZag0-wDK6PzJgwAucHr7KPCU9FD6uJF0-_cAzRrSq1BtMTY6_9BRGmX5S8V9kkXz1nj3v5G-vyBoHoA-XX3EnR_ThAUhzvul69yPiPiqTIa2OqL7yM1P-N89PrRBlDV2l20OKJfqx-ZWxUA_kRtyIsG4Ui8roI4d6HJQe03N4ZO0BTvoqQemuO8aqfMsIZrnSFkvg2eq8A9KfP_3mpMYx6buYnyMRbUa2r3So0kzQ0l_eAgvJA3dwreItfYCmTm0bXM4ChylFgPTC4EleQruf3vxz49lVO6vUtxjV_x2phRM_kITlD8mK1znY320pEauC0aLxM0XhvV4n6cUnv472niiIg4do_yLH3Q8LRqaNOoq0eswm4ECufgz95C5HGB5MDgk-JjqpviQPKh9bztqwB1LzQw1m_F_2nY%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 13:26:04 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 13:46:17 GMT
server
AmazonS3
age
32753
etag
"90b64bdc05e626dc71af907aefda3bbd"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
71178
x-amz-cf-id
O3887Ii0hmLCCbSIiXoYez3p_drI73nIeJE0DEgwwblBKu_lKnX0zA==
be124a930734a3f1be09a1924dc7348f.png
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/ Frame 87E7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/be124a930734a3f1be09a1924dc7348f.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC76whWm6UYMKRF9abgQe3_L2ABZP5pdBisLmbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_Q4PfwSrMG9f4K9Xnyjj5yBwyBLdMLJoqXoEO4j0_iXLqxa_klistxC7PUCYkb4u4OwEPEFX4Ae22o22C3iqVX2oAghRIpJKEB2SnxBqJmtJ1kisVeDqwdnW9K33NJcJS86FHOwAca-Ixl-cDUJFudqrjUm-xMrsAj4Vn6L-s7Jk7ltKdc07rCpa5YJfKeSuCYx3FqzewtLX_pOuAdePhjdAH9Tz7uhcpfky3Y_rYmJE1txVD6LFs9svveZ4iBEzcJ0S4KDL4sK6LAdO2UkVmIzsZie3zJnI0wAaT6sL_GR4QHiebU5SxsYv0qd2-yjUVl-qw8wATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoN3BBSeC1Z9KHhfFStb6WYg%26sig%3DAOD64_1oUPa_UsKVutRCTGKGw-8M1c_oAg%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-B3YA4nc4zIBsipOpoMrPjF-VPjizEERjb77cV_RJfcks1PJ5u5XGzbtprI0of6Dygtq88J-_RGz7MPpDVbtWOxjLZYBgG9po4OHtmDVy4sYY2W_WN7ZU6URBkhuGRrykR6Rp2KopkggJQTQEqLKZCpLKCsUA%26cry%3D1%26dbm_d%3DAKAmf-DPTrGIHTba5yRbZag0-wDK6PzJgwAucHr7KPCU9FD6uJF0-_cAzRrSq1BtMTY6_9BRGmX5S8V9kkXz1nj3v5G-vyBoHoA-XX3EnR_ThAUhzvul69yPiPiqTIa2OqL7yM1P-N89PrRBlDV2l20OKJfqx-ZWxUA_kRtyIsG4Ui8roI4d6HJQe03N4ZO0BTvoqQemuO8aqfMsIZrnSFkvg2eq8A9KfP_3mpMYx6buYnyMRbUa2r3So0kzQ0l_eAgvJA3dwreItfYCmTm0bXM4ChylFgPTC4EleQruf3vxz49lVO6vUtxjV_x2phRM_kITlD8mK1znY320pEauC0aLxM0XhvV4n6cUnv472niiIg4do_yLH3Q8LRqaNOoq0eswm4ECufgz95C5HGB5MDgk-JjqpviQPKh9bztqwB1LzQw1m_F_2nY%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63aa2fbb8b33647f08118e73651eb17f48dbc2d6da58d7868013d3ef083d5904

Request headers

Referer
https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC76whWm6UYMKRF9abgQe3_L2ABZP5pdBisLmbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_Q4PfwSrMG9f4K9Xnyjj5yBwyBLdMLJoqXoEO4j0_iXLqxa_klistxC7PUCYkb4u4OwEPEFX4Ae22o22C3iqVX2oAghRIpJKEB2SnxBqJmtJ1kisVeDqwdnW9K33NJcJS86FHOwAca-Ixl-cDUJFudqrjUm-xMrsAj4Vn6L-s7Jk7ltKdc07rCpa5YJfKeSuCYx3FqzewtLX_pOuAdePhjdAH9Tz7uhcpfky3Y_rYmJE1txVD6LFs9svveZ4iBEzcJ0S4KDL4sK6LAdO2UkVmIzsZie3zJnI0wAaT6sL_GR4QHiebU5SxsYv0qd2-yjUVl-qw8wATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoN3BBSeC1Z9KHhfFStb6WYg%26sig%3DAOD64_1oUPa_UsKVutRCTGKGw-8M1c_oAg%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-B3YA4nc4zIBsipOpoMrPjF-VPjizEERjb77cV_RJfcks1PJ5u5XGzbtprI0of6Dygtq88J-_RGz7MPpDVbtWOxjLZYBgG9po4OHtmDVy4sYY2W_WN7ZU6URBkhuGRrykR6Rp2KopkggJQTQEqLKZCpLKCsUA%26cry%3D1%26dbm_d%3DAKAmf-DPTrGIHTba5yRbZag0-wDK6PzJgwAucHr7KPCU9FD6uJF0-_cAzRrSq1BtMTY6_9BRGmX5S8V9kkXz1nj3v5G-vyBoHoA-XX3EnR_ThAUhzvul69yPiPiqTIa2OqL7yM1P-N89PrRBlDV2l20OKJfqx-ZWxUA_kRtyIsG4Ui8roI4d6HJQe03N4ZO0BTvoqQemuO8aqfMsIZrnSFkvg2eq8A9KfP_3mpMYx6buYnyMRbUa2r3So0kzQ0l_eAgvJA3dwreItfYCmTm0bXM4ChylFgPTC4EleQruf3vxz49lVO6vUtxjV_x2phRM_kITlD8mK1znY320pEauC0aLxM0XhvV4n6cUnv472niiIg4do_yLH3Q8LRqaNOoq0eswm4ECufgz95C5HGB5MDgk-JjqpviQPKh9bztqwB1LzQw1m_F_2nY%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 13:26:04 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 13:46:17 GMT
server
AmazonS3
age
32753
etag
"be124a930734a3f1be09a1924dc7348f"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
1801
x-amz-cf-id
wJZwS40T0U38fogxdAKX-trSiAvhBo0q1ofak2Q0_ItKRY-TfD3rFQ==
Legs_Education_FR_MASTER.mp4
f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/ Frame 87E7 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/Legs_Education_FR_MASTER.mp4
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC76whWm6UYMKRF9abgQe3_L2ABZP5pdBisLmbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_Q4PfwSrMG9f4K9Xnyjj5yBwyBLdMLJoqXoEO4j0_iXLqxa_klistxC7PUCYkb4u4OwEPEFX4Ae22o22C3iqVX2oAghRIpJKEB2SnxBqJmtJ1kisVeDqwdnW9K33NJcJS86FHOwAca-Ixl-cDUJFudqrjUm-xMrsAj4Vn6L-s7Jk7ltKdc07rCpa5YJfKeSuCYx3FqzewtLX_pOuAdePhjdAH9Tz7uhcpfky3Y_rYmJE1txVD6LFs9svveZ4iBEzcJ0S4KDL4sK6LAdO2UkVmIzsZie3zJnI0wAaT6sL_GR4QHiebU5SxsYv0qd2-yjUVl-qw8wATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoN3BBSeC1Z9KHhfFStb6WYg%26sig%3DAOD64_1oUPa_UsKVutRCTGKGw-8M1c_oAg%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-B3YA4nc4zIBsipOpoMrPjF-VPjizEERjb77cV_RJfcks1PJ5u5XGzbtprI0of6Dygtq88J-_RGz7MPpDVbtWOxjLZYBgG9po4OHtmDVy4sYY2W_WN7ZU6URBkhuGRrykR6Rp2KopkggJQTQEqLKZCpLKCsUA%26cry%3D1%26dbm_d%3DAKAmf-DPTrGIHTba5yRbZag0-wDK6PzJgwAucHr7KPCU9FD6uJF0-_cAzRrSq1BtMTY6_9BRGmX5S8V9kkXz1nj3v5G-vyBoHoA-XX3EnR_ThAUhzvul69yPiPiqTIa2OqL7yM1P-N89PrRBlDV2l20OKJfqx-ZWxUA_kRtyIsG4Ui8roI4d6HJQe03N4ZO0BTvoqQemuO8aqfMsIZrnSFkvg2eq8A9KfP_3mpMYx6buYnyMRbUa2r3So0kzQ0l_eAgvJA3dwreItfYCmTm0bXM4ChylFgPTC4EleQruf3vxz49lVO6vUtxjV_x2phRM_kITlD8mK1znY320pEauC0aLxM0XhvV4n6cUnv472niiIg4do_yLH3Q8LRqaNOoq0eswm4ECufgz95C5HGB5MDgk-JjqpviQPKh9bztqwB1LzQw1m_F_2nY%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fda66347f754500639a66bd23e4bb776ff697494961e6c6c369a7354fdba137a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://live-tag.bannersnack.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

cf-request-id
09e568316c0000324cf299d000000001
x-amz-meta-cache-tag
F-38154537489,FD-38154711878,P-5474758,FLS-ALL
age
291944
x-amz-server-side-encryption
AES256
edge-cache-tag
F-38154537489,FD-38154711878,P-5474758,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
WJPZZTXV34CDTARC
etag
"4ab603de2ff07572a2a2533cdce01efa"
vary
Accept-Encoding
x-amz-meta-created-unix-time-millis
1606728962775
content-type
video/mp4
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
date
Thu, 06 May 2021 22:31:56 GMT
via
1.1 93ca7f89577bcc406284a7bbde241b21.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
WAW50-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
Content-Range
bytes 0-2338520/2338521
Content-Length
2338521
x-amz-id-2
ItRRDwdqbsy77b+2kg54nhkIiNuPj+SRTBLrfgsVQkqv0IzPPyudrWMM0GfzYBWbcZIVZiTRZXk=
x-amz-meta-index-tag
all
last-modified
Mon, 30 Nov 2020 15:19:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-version-id
HKvInhsakM6G4tDghL4.AswyD2UDFoi1
cf-ray
64b5a9624b1b324c-FRA
x-amz-cf-id
CIAG0lrLt0Nxilv0QHsQACPg0Ij7VHa_TL5Jrhgg8SzYcXawAiNX2Q==
Legs_Education_FR_MASTER.mp4
f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/ Frame 87E7 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/Legs_Education_FR_MASTER.mp4
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC76whWm6UYMKRF9abgQe3_L2ABZP5pdBisLmbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_Q4PfwSrMG9f4K9Xnyjj5yBwyBLdMLJoqXoEO4j0_iXLqxa_klistxC7PUCYkb4u4OwEPEFX4Ae22o22C3iqVX2oAghRIpJKEB2SnxBqJmtJ1kisVeDqwdnW9K33NJcJS86FHOwAca-Ixl-cDUJFudqrjUm-xMrsAj4Vn6L-s7Jk7ltKdc07rCpa5YJfKeSuCYx3FqzewtLX_pOuAdePhjdAH9Tz7uhcpfky3Y_rYmJE1txVD6LFs9svveZ4iBEzcJ0S4KDL4sK6LAdO2UkVmIzsZie3zJnI0wAaT6sL_GR4QHiebU5SxsYv0qd2-yjUVl-qw8wATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoN3BBSeC1Z9KHhfFStb6WYg%26sig%3DAOD64_1oUPa_UsKVutRCTGKGw-8M1c_oAg%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-B3YA4nc4zIBsipOpoMrPjF-VPjizEERjb77cV_RJfcks1PJ5u5XGzbtprI0of6Dygtq88J-_RGz7MPpDVbtWOxjLZYBgG9po4OHtmDVy4sYY2W_WN7ZU6URBkhuGRrykR6Rp2KopkggJQTQEqLKZCpLKCsUA%26cry%3D1%26dbm_d%3DAKAmf-DPTrGIHTba5yRbZag0-wDK6PzJgwAucHr7KPCU9FD6uJF0-_cAzRrSq1BtMTY6_9BRGmX5S8V9kkXz1nj3v5G-vyBoHoA-XX3EnR_ThAUhzvul69yPiPiqTIa2OqL7yM1P-N89PrRBlDV2l20OKJfqx-ZWxUA_kRtyIsG4Ui8roI4d6HJQe03N4ZO0BTvoqQemuO8aqfMsIZrnSFkvg2eq8A9KfP_3mpMYx6buYnyMRbUa2r3So0kzQ0l_eAgvJA3dwreItfYCmTm0bXM4ChylFgPTC4EleQruf3vxz49lVO6vUtxjV_x2phRM_kITlD8mK1znY320pEauC0aLxM0XhvV4n6cUnv472niiIg4do_yLH3Q8LRqaNOoq0eswm4ECufgz95C5HGB5MDgk-JjqpviQPKh9bztqwB1LzQw1m_F_2nY%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://live-tag.bannersnack.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

cf-request-id
09e568316c0000324c6e3c6000000001
x-amz-meta-cache-tag
F-38154537489,FD-38154711878,P-5474758,FLS-ALL
age
291944
x-amz-server-side-encryption
AES256
edge-cache-tag
F-38154537489,FD-38154711878,P-5474758,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
WJPZZTXV34CDTARC
etag
"4ab603de2ff07572a2a2533cdce01efa"
vary
Accept-Encoding
x-amz-meta-created-unix-time-millis
1606728962775
content-type
video/mp4
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
date
Thu, 06 May 2021 22:31:56 GMT
via
1.1 93ca7f89577bcc406284a7bbde241b21.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
WAW50-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
Content-Range
bytes 0-2338520/2338521
Content-Length
2338521
x-amz-id-2
ItRRDwdqbsy77b+2kg54nhkIiNuPj+SRTBLrfgsVQkqv0IzPPyudrWMM0GfzYBWbcZIVZiTRZXk=
x-amz-meta-index-tag
all
last-modified
Mon, 30 Nov 2020 15:19:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-version-id
HKvInhsakM6G4tDghL4.AswyD2UDFoi1
cf-ray
64b5a9624b1d324c-FRA
x-amz-cf-id
CIAG0lrLt0Nxilv0QHsQACPg0Ij7VHa_TL5Jrhgg8SzYcXawAiNX2Q==
css
fonts.googleapis.com/ Frame 3C99 		672 B
360 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:900
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
783b19ce6e3caa738691d51adf23d6280c4046739a34a6e8cc4c16ec985a6c21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://live-tag.bannersnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 06 May 2021 21:19:08 GMT
server
ESF
date
Thu, 06 May 2021 22:31:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 06 May 2021 22:31:56 GMT
c5c0842a67c836eeeca1056bf14c2e05.png
live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/media/ Frame 3C99 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/media/c5c0842a67c836eeeca1056bf14c2e05.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4H5dWm6UYMGRF9abgQe3_L2ABZP5pdBiqLWbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_QzeWgi_Z0c29mbW2xF3rK9M4De5lrtXP6m1wKTK2rT4MWBth30j6k-Ra4FvVtxa95RU12Hjr4iiYGB64C03aOsYS8tEnJPrhtlCGV3cZY0umwXVV6NFb8Q0MkKJ0Xxcyfg0fmeWsWsAL0CkDxyXgYUz8TVKXqS9Rm0UmCvAuD4-mfCfqmRyPCePME0B3GiC1Q2yPwZycQCw_L1fcJDzJmhLpztez99tm6mvLnQ4U9bgdHUrdaluUtyhsxRnbyIOVjNZwEHJFGtIS6QRTUhRoLbmw2ocU83dS_ozLCUV6ShkJachhHatIqOGuOXfV-liglCMfpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopA5rDjHBkcTzvxbzbkv4dA%26sig%3DAOD64_0jOZYwbX-BHoC2D8tng9K4yhpSiw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-AsKV_G9Qmfi8F1iXMVr2bUQRawsJNef_qPTyfAwfjG6M-JQ1NL50YmLTQIo5RBLKp4hBqhFbFqVVAb8oXwxUxl25sfIuwadSSnXBhZ_ghpVu5rtW0fKwLa7LOMyWRywnOOHIU10DvFy7peMu42W-ixq4pkgA%26cry%3D1%26dbm_d%3DAKAmf-D7ATsnersCdrpAxQVZH74YiN__v6R-LA0yQahIxwmuRUxSCHzFEzA1ajkEe8k-MnNvGGe9DfKWAiPwK7UReKtbM1Dp2lfS_uglSg7440C3qLKmhMDx3v5Naau3vz6c72fn4imoWubwcOR0SKYAdEPQsjbn55j_9QWEBpGd_HMFxo9Qp7n1JI8LkhDgZsyh5aCRGUaBdqcVP92wLZkG3hvKfspPh98Fi78XKnASVdhYKhnIcsLLKSdZYdmAEyJJmP15IwOMxrGoXgKtJL6lOVXLNhGBCu1peur35GeuJy50CpbTVrT03E26u6N62lIScbEhxyFmG1dX8g_soTFCOtcqsY4fGId75gSpTAxTPTEBWC-whPHm3wqKcyd75qgvoOSOAZq2FFhLqLk3h5W6Eu1LmCVH1ZbXTuJJdYt8b5PqtLNflAs%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3c95078f581f7252c3894266c07132443db49466b78642faca28f18e8614f8b

Request headers

Referer
https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4H5dWm6UYMGRF9abgQe3_L2ABZP5pdBiqLWbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_QzeWgi_Z0c29mbW2xF3rK9M4De5lrtXP6m1wKTK2rT4MWBth30j6k-Ra4FvVtxa95RU12Hjr4iiYGB64C03aOsYS8tEnJPrhtlCGV3cZY0umwXVV6NFb8Q0MkKJ0Xxcyfg0fmeWsWsAL0CkDxyXgYUz8TVKXqS9Rm0UmCvAuD4-mfCfqmRyPCePME0B3GiC1Q2yPwZycQCw_L1fcJDzJmhLpztez99tm6mvLnQ4U9bgdHUrdaluUtyhsxRnbyIOVjNZwEHJFGtIS6QRTUhRoLbmw2ocU83dS_ozLCUV6ShkJachhHatIqOGuOXfV-liglCMfpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopA5rDjHBkcTzvxbzbkv4dA%26sig%3DAOD64_0jOZYwbX-BHoC2D8tng9K4yhpSiw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-AsKV_G9Qmfi8F1iXMVr2bUQRawsJNef_qPTyfAwfjG6M-JQ1NL50YmLTQIo5RBLKp4hBqhFbFqVVAb8oXwxUxl25sfIuwadSSnXBhZ_ghpVu5rtW0fKwLa7LOMyWRywnOOHIU10DvFy7peMu42W-ixq4pkgA%26cry%3D1%26dbm_d%3DAKAmf-D7ATsnersCdrpAxQVZH74YiN__v6R-LA0yQahIxwmuRUxSCHzFEzA1ajkEe8k-MnNvGGe9DfKWAiPwK7UReKtbM1Dp2lfS_uglSg7440C3qLKmhMDx3v5Naau3vz6c72fn4imoWubwcOR0SKYAdEPQsjbn55j_9QWEBpGd_HMFxo9Qp7n1JI8LkhDgZsyh5aCRGUaBdqcVP92wLZkG3hvKfspPh98Fi78XKnASVdhYKhnIcsLLKSdZYdmAEyJJmP15IwOMxrGoXgKtJL6lOVXLNhGBCu1peur35GeuJy50CpbTVrT03E26u6N62lIScbEhxyFmG1dX8g_soTFCOtcqsY4fGId75gSpTAxTPTEBWC-whPHm3wqKcyd75qgvoOSOAZq2FFhLqLk3h5W6Eu1LmCVH1ZbXTuJJdYt8b5PqtLNflAs%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 13:27:18 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 14:06:42 GMT
server
AmazonS3
age
32679
etag
"c5c0842a67c836eeeca1056bf14c2e05"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
184755
x-amz-cf-id
DOOl7Ucu08Vqza365_N9IDUtIJAPeb0ZSmsqCJu4y7sXUHohZ6MN1w==
a2cff8615a63998ce9034cf542a708f3.png
live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/media/ Frame 3C99 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/media/a2cff8615a63998ce9034cf542a708f3.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4H5dWm6UYMGRF9abgQe3_L2ABZP5pdBiqLWbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_QzeWgi_Z0c29mbW2xF3rK9M4De5lrtXP6m1wKTK2rT4MWBth30j6k-Ra4FvVtxa95RU12Hjr4iiYGB64C03aOsYS8tEnJPrhtlCGV3cZY0umwXVV6NFb8Q0MkKJ0Xxcyfg0fmeWsWsAL0CkDxyXgYUz8TVKXqS9Rm0UmCvAuD4-mfCfqmRyPCePME0B3GiC1Q2yPwZycQCw_L1fcJDzJmhLpztez99tm6mvLnQ4U9bgdHUrdaluUtyhsxRnbyIOVjNZwEHJFGtIS6QRTUhRoLbmw2ocU83dS_ozLCUV6ShkJachhHatIqOGuOXfV-liglCMfpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopA5rDjHBkcTzvxbzbkv4dA%26sig%3DAOD64_0jOZYwbX-BHoC2D8tng9K4yhpSiw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-AsKV_G9Qmfi8F1iXMVr2bUQRawsJNef_qPTyfAwfjG6M-JQ1NL50YmLTQIo5RBLKp4hBqhFbFqVVAb8oXwxUxl25sfIuwadSSnXBhZ_ghpVu5rtW0fKwLa7LOMyWRywnOOHIU10DvFy7peMu42W-ixq4pkgA%26cry%3D1%26dbm_d%3DAKAmf-D7ATsnersCdrpAxQVZH74YiN__v6R-LA0yQahIxwmuRUxSCHzFEzA1ajkEe8k-MnNvGGe9DfKWAiPwK7UReKtbM1Dp2lfS_uglSg7440C3qLKmhMDx3v5Naau3vz6c72fn4imoWubwcOR0SKYAdEPQsjbn55j_9QWEBpGd_HMFxo9Qp7n1JI8LkhDgZsyh5aCRGUaBdqcVP92wLZkG3hvKfspPh98Fi78XKnASVdhYKhnIcsLLKSdZYdmAEyJJmP15IwOMxrGoXgKtJL6lOVXLNhGBCu1peur35GeuJy50CpbTVrT03E26u6N62lIScbEhxyFmG1dX8g_soTFCOtcqsY4fGId75gSpTAxTPTEBWC-whPHm3wqKcyd75qgvoOSOAZq2FFhLqLk3h5W6Eu1LmCVH1ZbXTuJJdYt8b5PqtLNflAs%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4146cb33b13cbf63e7955f6a726ee15e584d1e64e13967910c77e8520376cc71

Request headers

Referer
https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4H5dWm6UYMGRF9abgQe3_L2ABZP5pdBiqLWbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_QzeWgi_Z0c29mbW2xF3rK9M4De5lrtXP6m1wKTK2rT4MWBth30j6k-Ra4FvVtxa95RU12Hjr4iiYGB64C03aOsYS8tEnJPrhtlCGV3cZY0umwXVV6NFb8Q0MkKJ0Xxcyfg0fmeWsWsAL0CkDxyXgYUz8TVKXqS9Rm0UmCvAuD4-mfCfqmRyPCePME0B3GiC1Q2yPwZycQCw_L1fcJDzJmhLpztez99tm6mvLnQ4U9bgdHUrdaluUtyhsxRnbyIOVjNZwEHJFGtIS6QRTUhRoLbmw2ocU83dS_ozLCUV6ShkJachhHatIqOGuOXfV-liglCMfpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopA5rDjHBkcTzvxbzbkv4dA%26sig%3DAOD64_0jOZYwbX-BHoC2D8tng9K4yhpSiw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-AsKV_G9Qmfi8F1iXMVr2bUQRawsJNef_qPTyfAwfjG6M-JQ1NL50YmLTQIo5RBLKp4hBqhFbFqVVAb8oXwxUxl25sfIuwadSSnXBhZ_ghpVu5rtW0fKwLa7LOMyWRywnOOHIU10DvFy7peMu42W-ixq4pkgA%26cry%3D1%26dbm_d%3DAKAmf-D7ATsnersCdrpAxQVZH74YiN__v6R-LA0yQahIxwmuRUxSCHzFEzA1ajkEe8k-MnNvGGe9DfKWAiPwK7UReKtbM1Dp2lfS_uglSg7440C3qLKmhMDx3v5Naau3vz6c72fn4imoWubwcOR0SKYAdEPQsjbn55j_9QWEBpGd_HMFxo9Qp7n1JI8LkhDgZsyh5aCRGUaBdqcVP92wLZkG3hvKfspPh98Fi78XKnASVdhYKhnIcsLLKSdZYdmAEyJJmP15IwOMxrGoXgKtJL6lOVXLNhGBCu1peur35GeuJy50CpbTVrT03E26u6N62lIScbEhxyFmG1dX8g_soTFCOtcqsY4fGId75gSpTAxTPTEBWC-whPHm3wqKcyd75qgvoOSOAZq2FFhLqLk3h5W6Eu1LmCVH1ZbXTuJJdYt8b5PqtLNflAs%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 13:25:55 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 14:06:42 GMT
server
AmazonS3
age
32761
etag
"a2cff8615a63998ce9034cf542a708f3"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
90817
x-amz-cf-id
IACVBHT3iRhIgjXMb0yzTOFRsEuH3i7XznvlKwdNMz_J9-hc5HRBvA==
be124a930734a3f1be09a1924dc7348f.png
live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/media/ Frame 3C99 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/media/be124a930734a3f1be09a1924dc7348f.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4H5dWm6UYMGRF9abgQe3_L2ABZP5pdBiqLWbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_QzeWgi_Z0c29mbW2xF3rK9M4De5lrtXP6m1wKTK2rT4MWBth30j6k-Ra4FvVtxa95RU12Hjr4iiYGB64C03aOsYS8tEnJPrhtlCGV3cZY0umwXVV6NFb8Q0MkKJ0Xxcyfg0fmeWsWsAL0CkDxyXgYUz8TVKXqS9Rm0UmCvAuD4-mfCfqmRyPCePME0B3GiC1Q2yPwZycQCw_L1fcJDzJmhLpztez99tm6mvLnQ4U9bgdHUrdaluUtyhsxRnbyIOVjNZwEHJFGtIS6QRTUhRoLbmw2ocU83dS_ozLCUV6ShkJachhHatIqOGuOXfV-liglCMfpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopA5rDjHBkcTzvxbzbkv4dA%26sig%3DAOD64_0jOZYwbX-BHoC2D8tng9K4yhpSiw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-AsKV_G9Qmfi8F1iXMVr2bUQRawsJNef_qPTyfAwfjG6M-JQ1NL50YmLTQIo5RBLKp4hBqhFbFqVVAb8oXwxUxl25sfIuwadSSnXBhZ_ghpVu5rtW0fKwLa7LOMyWRywnOOHIU10DvFy7peMu42W-ixq4pkgA%26cry%3D1%26dbm_d%3DAKAmf-D7ATsnersCdrpAxQVZH74YiN__v6R-LA0yQahIxwmuRUxSCHzFEzA1ajkEe8k-MnNvGGe9DfKWAiPwK7UReKtbM1Dp2lfS_uglSg7440C3qLKmhMDx3v5Naau3vz6c72fn4imoWubwcOR0SKYAdEPQsjbn55j_9QWEBpGd_HMFxo9Qp7n1JI8LkhDgZsyh5aCRGUaBdqcVP92wLZkG3hvKfspPh98Fi78XKnASVdhYKhnIcsLLKSdZYdmAEyJJmP15IwOMxrGoXgKtJL6lOVXLNhGBCu1peur35GeuJy50CpbTVrT03E26u6N62lIScbEhxyFmG1dX8g_soTFCOtcqsY4fGId75gSpTAxTPTEBWC-whPHm3wqKcyd75qgvoOSOAZq2FFhLqLk3h5W6Eu1LmCVH1ZbXTuJJdYt8b5PqtLNflAs%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63aa2fbb8b33647f08118e73651eb17f48dbc2d6da58d7868013d3ef083d5904

Request headers

Referer
https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4H5dWm6UYMGRF9abgQe3_L2ABZP5pdBiqLWbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_QzeWgi_Z0c29mbW2xF3rK9M4De5lrtXP6m1wKTK2rT4MWBth30j6k-Ra4FvVtxa95RU12Hjr4iiYGB64C03aOsYS8tEnJPrhtlCGV3cZY0umwXVV6NFb8Q0MkKJ0Xxcyfg0fmeWsWsAL0CkDxyXgYUz8TVKXqS9Rm0UmCvAuD4-mfCfqmRyPCePME0B3GiC1Q2yPwZycQCw_L1fcJDzJmhLpztez99tm6mvLnQ4U9bgdHUrdaluUtyhsxRnbyIOVjNZwEHJFGtIS6QRTUhRoLbmw2ocU83dS_ozLCUV6ShkJachhHatIqOGuOXfV-liglCMfpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopA5rDjHBkcTzvxbzbkv4dA%26sig%3DAOD64_0jOZYwbX-BHoC2D8tng9K4yhpSiw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-AsKV_G9Qmfi8F1iXMVr2bUQRawsJNef_qPTyfAwfjG6M-JQ1NL50YmLTQIo5RBLKp4hBqhFbFqVVAb8oXwxUxl25sfIuwadSSnXBhZ_ghpVu5rtW0fKwLa7LOMyWRywnOOHIU10DvFy7peMu42W-ixq4pkgA%26cry%3D1%26dbm_d%3DAKAmf-D7ATsnersCdrpAxQVZH74YiN__v6R-LA0yQahIxwmuRUxSCHzFEzA1ajkEe8k-MnNvGGe9DfKWAiPwK7UReKtbM1Dp2lfS_uglSg7440C3qLKmhMDx3v5Naau3vz6c72fn4imoWubwcOR0SKYAdEPQsjbn55j_9QWEBpGd_HMFxo9Qp7n1JI8LkhDgZsyh5aCRGUaBdqcVP92wLZkG3hvKfspPh98Fi78XKnASVdhYKhnIcsLLKSdZYdmAEyJJmP15IwOMxrGoXgKtJL6lOVXLNhGBCu1peur35GeuJy50CpbTVrT03E26u6N62lIScbEhxyFmG1dX8g_soTFCOtcqsY4fGId75gSpTAxTPTEBWC-whPHm3wqKcyd75qgvoOSOAZq2FFhLqLk3h5W6Eu1LmCVH1ZbXTuJJdYt8b5PqtLNflAs%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 13:25:56 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 14:06:42 GMT
server
AmazonS3
age
32761
etag
"be124a930734a3f1be09a1924dc7348f"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
1801
x-amz-cf-id
O-f3yjhqM8UjeeOmwbcYflZhO0f5yJ-UyI6oct_wh5PaiE2gH6lo2w==
css
fonts.googleapis.com/ Frame 83D0 		672 B
360 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:900
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
783b19ce6e3caa738691d51adf23d6280c4046739a34a6e8cc4c16ec985a6c21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://live-tag.bannersnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 06 May 2021 21:44:54 GMT
server
ESF
date
Thu, 06 May 2021 22:31:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 06 May 2021 22:31:56 GMT
9eb5a7965855159eddc4ff41d843a8ff.png
live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/ Frame 83D0 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/9eb5a7965855159eddc4ff41d843a8ff.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsXbcWm6UYMCRF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTxAU_QldOKkl5vj1rePCUIZ_iezJurMotthR6XrWLnMdkI-zAa8YjnRvTaBkSzilXozbaUPYs-3RbpOj9WEky5EV-B3SJGFi--Tnc9pxBe9WO0ADEOudaMFNdULAhJ5g1VCDUKloxUEWrLlyTeEHLHvLsgVqpyIVBaG-Jy3j5Nb8l-r99_lHQw_EW3nZfBRowH5E-cxvoR-82MwmYat1kWWv5dK2AEsSd6SFuE7jEbdGxyl9d3sKrD1ADY-2TdqVH5i_fVauCPxx9is3kKsAL255VAmwLbgA9oULune5si4mEwfecDJ4FGmZXhcRgsstZuZV7ABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyNDecGgnwBI669VZLQBo2Q%26sig%3DAOD64_0g4YmrpUhmcr8mbkX3JY4bbRoDGw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-APxEViDHoqe08WsdpfTvgXbvb_u0978C8NjA6QwEy_RAPb9WEYcAuAYdwsfJkyitWuWLiGXD-Uk1mtpi3ro8f6e6sMmXGtIiJgC77rUN0BQXk5-p5YGMgexlDxTz8vsFasgL-iweklfDW0Zd9PwXXnoT9WKQ%26cry%3D1%26dbm_d%3DAKAmf-CpagjvtdQdr8PnA_oYByU5jiTPyd3rqpH84SDOKLy6B3pWCLa7bK2CB4YN9bS3rdGojCOM878IHVb5CFAyHh25K8NxdiMPtdquI4wQtgJ7fA68pdPVbR4MyhA3JBtyADr0xtDQr3uQOX_MLDCSCyiTMEb1EKNArF7wIVXc3kQmKEL9i49bqX2NPy4smwWITxM5jAUfPsGFqAD_GpNkTLAx5iBupHHJrDrsUEVpkMr2jvgKvUw9LxNZ2kA4XEqV3BUJlgJiI67adlUT_9MZTqrJc0Y0WSTP3oHEglnxQgx80wqj4t9wBbpUPNRcXv5Wj7pZ7BL0Y0D-kXtG6k_8EbnXnBtW5Vze2rSj7IIkSFsAfc9MVs9RN2Uq-Z7891dbJa8TcL4Vc1XWQ5ViMD1rB0gAlxNSWvUBUUnhUf0elMXMtyJ1FqQ%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90cb6519104e8399a6e7feea9f3b825afc73c87eb9017581da07bef4c584f8ee

Request headers

Referer
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsXbcWm6UYMCRF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTxAU_QldOKkl5vj1rePCUIZ_iezJurMotthR6XrWLnMdkI-zAa8YjnRvTaBkSzilXozbaUPYs-3RbpOj9WEky5EV-B3SJGFi--Tnc9pxBe9WO0ADEOudaMFNdULAhJ5g1VCDUKloxUEWrLlyTeEHLHvLsgVqpyIVBaG-Jy3j5Nb8l-r99_lHQw_EW3nZfBRowH5E-cxvoR-82MwmYat1kWWv5dK2AEsSd6SFuE7jEbdGxyl9d3sKrD1ADY-2TdqVH5i_fVauCPxx9is3kKsAL255VAmwLbgA9oULune5si4mEwfecDJ4FGmZXhcRgsstZuZV7ABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyNDecGgnwBI669VZLQBo2Q%26sig%3DAOD64_0g4YmrpUhmcr8mbkX3JY4bbRoDGw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-APxEViDHoqe08WsdpfTvgXbvb_u0978C8NjA6QwEy_RAPb9WEYcAuAYdwsfJkyitWuWLiGXD-Uk1mtpi3ro8f6e6sMmXGtIiJgC77rUN0BQXk5-p5YGMgexlDxTz8vsFasgL-iweklfDW0Zd9PwXXnoT9WKQ%26cry%3D1%26dbm_d%3DAKAmf-CpagjvtdQdr8PnA_oYByU5jiTPyd3rqpH84SDOKLy6B3pWCLa7bK2CB4YN9bS3rdGojCOM878IHVb5CFAyHh25K8NxdiMPtdquI4wQtgJ7fA68pdPVbR4MyhA3JBtyADr0xtDQr3uQOX_MLDCSCyiTMEb1EKNArF7wIVXc3kQmKEL9i49bqX2NPy4smwWITxM5jAUfPsGFqAD_GpNkTLAx5iBupHHJrDrsUEVpkMr2jvgKvUw9LxNZ2kA4XEqV3BUJlgJiI67adlUT_9MZTqrJc0Y0WSTP3oHEglnxQgx80wqj4t9wBbpUPNRcXv5Wj7pZ7BL0Y0D-kXtG6k_8EbnXnBtW5Vze2rSj7IIkSFsAfc9MVs9RN2Uq-Z7891dbJa8TcL4Vc1XWQ5ViMD1rB0gAlxNSWvUBUUnhUf0elMXMtyJ1FqQ%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 22:50:12 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 14:06:43 GMT
server
AmazonS3
age
85305
etag
"9eb5a7965855159eddc4ff41d843a8ff"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
136369
x-amz-cf-id
r8AhY28Lh7LE-uVuQPZ6GqkXg7RJCRPhxPLJ7rraEDQhTkolfEjqRQ==
d65e79bd5e532a2ed627f2f1070fb1b9.png
live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/ Frame 83D0 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/d65e79bd5e532a2ed627f2f1070fb1b9.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsXbcWm6UYMCRF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTxAU_QldOKkl5vj1rePCUIZ_iezJurMotthR6XrWLnMdkI-zAa8YjnRvTaBkSzilXozbaUPYs-3RbpOj9WEky5EV-B3SJGFi--Tnc9pxBe9WO0ADEOudaMFNdULAhJ5g1VCDUKloxUEWrLlyTeEHLHvLsgVqpyIVBaG-Jy3j5Nb8l-r99_lHQw_EW3nZfBRowH5E-cxvoR-82MwmYat1kWWv5dK2AEsSd6SFuE7jEbdGxyl9d3sKrD1ADY-2TdqVH5i_fVauCPxx9is3kKsAL255VAmwLbgA9oULune5si4mEwfecDJ4FGmZXhcRgsstZuZV7ABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyNDecGgnwBI669VZLQBo2Q%26sig%3DAOD64_0g4YmrpUhmcr8mbkX3JY4bbRoDGw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-APxEViDHoqe08WsdpfTvgXbvb_u0978C8NjA6QwEy_RAPb9WEYcAuAYdwsfJkyitWuWLiGXD-Uk1mtpi3ro8f6e6sMmXGtIiJgC77rUN0BQXk5-p5YGMgexlDxTz8vsFasgL-iweklfDW0Zd9PwXXnoT9WKQ%26cry%3D1%26dbm_d%3DAKAmf-CpagjvtdQdr8PnA_oYByU5jiTPyd3rqpH84SDOKLy6B3pWCLa7bK2CB4YN9bS3rdGojCOM878IHVb5CFAyHh25K8NxdiMPtdquI4wQtgJ7fA68pdPVbR4MyhA3JBtyADr0xtDQr3uQOX_MLDCSCyiTMEb1EKNArF7wIVXc3kQmKEL9i49bqX2NPy4smwWITxM5jAUfPsGFqAD_GpNkTLAx5iBupHHJrDrsUEVpkMr2jvgKvUw9LxNZ2kA4XEqV3BUJlgJiI67adlUT_9MZTqrJc0Y0WSTP3oHEglnxQgx80wqj4t9wBbpUPNRcXv5Wj7pZ7BL0Y0D-kXtG6k_8EbnXnBtW5Vze2rSj7IIkSFsAfc9MVs9RN2Uq-Z7891dbJa8TcL4Vc1XWQ5ViMD1rB0gAlxNSWvUBUUnhUf0elMXMtyJ1FqQ%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
854bce7721bca315b8f6b096a0ffec2498ea7fa2e096fb9d8920f18a327a01bc

Request headers

Referer
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsXbcWm6UYMCRF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTxAU_QldOKkl5vj1rePCUIZ_iezJurMotthR6XrWLnMdkI-zAa8YjnRvTaBkSzilXozbaUPYs-3RbpOj9WEky5EV-B3SJGFi--Tnc9pxBe9WO0ADEOudaMFNdULAhJ5g1VCDUKloxUEWrLlyTeEHLHvLsgVqpyIVBaG-Jy3j5Nb8l-r99_lHQw_EW3nZfBRowH5E-cxvoR-82MwmYat1kWWv5dK2AEsSd6SFuE7jEbdGxyl9d3sKrD1ADY-2TdqVH5i_fVauCPxx9is3kKsAL255VAmwLbgA9oULune5si4mEwfecDJ4FGmZXhcRgsstZuZV7ABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyNDecGgnwBI669VZLQBo2Q%26sig%3DAOD64_0g4YmrpUhmcr8mbkX3JY4bbRoDGw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-APxEViDHoqe08WsdpfTvgXbvb_u0978C8NjA6QwEy_RAPb9WEYcAuAYdwsfJkyitWuWLiGXD-Uk1mtpi3ro8f6e6sMmXGtIiJgC77rUN0BQXk5-p5YGMgexlDxTz8vsFasgL-iweklfDW0Zd9PwXXnoT9WKQ%26cry%3D1%26dbm_d%3DAKAmf-CpagjvtdQdr8PnA_oYByU5jiTPyd3rqpH84SDOKLy6B3pWCLa7bK2CB4YN9bS3rdGojCOM878IHVb5CFAyHh25K8NxdiMPtdquI4wQtgJ7fA68pdPVbR4MyhA3JBtyADr0xtDQr3uQOX_MLDCSCyiTMEb1EKNArF7wIVXc3kQmKEL9i49bqX2NPy4smwWITxM5jAUfPsGFqAD_GpNkTLAx5iBupHHJrDrsUEVpkMr2jvgKvUw9LxNZ2kA4XEqV3BUJlgJiI67adlUT_9MZTqrJc0Y0WSTP3oHEglnxQgx80wqj4t9wBbpUPNRcXv5Wj7pZ7BL0Y0D-kXtG6k_8EbnXnBtW5Vze2rSj7IIkSFsAfc9MVs9RN2Uq-Z7891dbJa8TcL4Vc1XWQ5ViMD1rB0gAlxNSWvUBUUnhUf0elMXMtyJ1FqQ%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 22:50:12 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 14:06:43 GMT
server
AmazonS3
age
85305
etag
"d65e79bd5e532a2ed627f2f1070fb1b9"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
39663
x-amz-cf-id
CaUY0r-5mPnJl8zRZ31RO2s6Re8Nk4Ilcp3HyBL5E6eY4YfGtALj3A==
a705a07561259f8d533887aa81956c88.png
live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/ Frame 83D0 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/a705a07561259f8d533887aa81956c88.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsXbcWm6UYMCRF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTxAU_QldOKkl5vj1rePCUIZ_iezJurMotthR6XrWLnMdkI-zAa8YjnRvTaBkSzilXozbaUPYs-3RbpOj9WEky5EV-B3SJGFi--Tnc9pxBe9WO0ADEOudaMFNdULAhJ5g1VCDUKloxUEWrLlyTeEHLHvLsgVqpyIVBaG-Jy3j5Nb8l-r99_lHQw_EW3nZfBRowH5E-cxvoR-82MwmYat1kWWv5dK2AEsSd6SFuE7jEbdGxyl9d3sKrD1ADY-2TdqVH5i_fVauCPxx9is3kKsAL255VAmwLbgA9oULune5si4mEwfecDJ4FGmZXhcRgsstZuZV7ABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyNDecGgnwBI669VZLQBo2Q%26sig%3DAOD64_0g4YmrpUhmcr8mbkX3JY4bbRoDGw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-APxEViDHoqe08WsdpfTvgXbvb_u0978C8NjA6QwEy_RAPb9WEYcAuAYdwsfJkyitWuWLiGXD-Uk1mtpi3ro8f6e6sMmXGtIiJgC77rUN0BQXk5-p5YGMgexlDxTz8vsFasgL-iweklfDW0Zd9PwXXnoT9WKQ%26cry%3D1%26dbm_d%3DAKAmf-CpagjvtdQdr8PnA_oYByU5jiTPyd3rqpH84SDOKLy6B3pWCLa7bK2CB4YN9bS3rdGojCOM878IHVb5CFAyHh25K8NxdiMPtdquI4wQtgJ7fA68pdPVbR4MyhA3JBtyADr0xtDQr3uQOX_MLDCSCyiTMEb1EKNArF7wIVXc3kQmKEL9i49bqX2NPy4smwWITxM5jAUfPsGFqAD_GpNkTLAx5iBupHHJrDrsUEVpkMr2jvgKvUw9LxNZ2kA4XEqV3BUJlgJiI67adlUT_9MZTqrJc0Y0WSTP3oHEglnxQgx80wqj4t9wBbpUPNRcXv5Wj7pZ7BL0Y0D-kXtG6k_8EbnXnBtW5Vze2rSj7IIkSFsAfc9MVs9RN2Uq-Z7891dbJa8TcL4Vc1XWQ5ViMD1rB0gAlxNSWvUBUUnhUf0elMXMtyJ1FqQ%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57c864927d9c581cba66b9e26ee948842cc77e1cf211d13d845f6c6ce0daf7be

Request headers

Referer
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsXbcWm6UYMCRF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTxAU_QldOKkl5vj1rePCUIZ_iezJurMotthR6XrWLnMdkI-zAa8YjnRvTaBkSzilXozbaUPYs-3RbpOj9WEky5EV-B3SJGFi--Tnc9pxBe9WO0ADEOudaMFNdULAhJ5g1VCDUKloxUEWrLlyTeEHLHvLsgVqpyIVBaG-Jy3j5Nb8l-r99_lHQw_EW3nZfBRowH5E-cxvoR-82MwmYat1kWWv5dK2AEsSd6SFuE7jEbdGxyl9d3sKrD1ADY-2TdqVH5i_fVauCPxx9is3kKsAL255VAmwLbgA9oULune5si4mEwfecDJ4FGmZXhcRgsstZuZV7ABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyNDecGgnwBI669VZLQBo2Q%26sig%3DAOD64_0g4YmrpUhmcr8mbkX3JY4bbRoDGw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-APxEViDHoqe08WsdpfTvgXbvb_u0978C8NjA6QwEy_RAPb9WEYcAuAYdwsfJkyitWuWLiGXD-Uk1mtpi3ro8f6e6sMmXGtIiJgC77rUN0BQXk5-p5YGMgexlDxTz8vsFasgL-iweklfDW0Zd9PwXXnoT9WKQ%26cry%3D1%26dbm_d%3DAKAmf-CpagjvtdQdr8PnA_oYByU5jiTPyd3rqpH84SDOKLy6B3pWCLa7bK2CB4YN9bS3rdGojCOM878IHVb5CFAyHh25K8NxdiMPtdquI4wQtgJ7fA68pdPVbR4MyhA3JBtyADr0xtDQr3uQOX_MLDCSCyiTMEb1EKNArF7wIVXc3kQmKEL9i49bqX2NPy4smwWITxM5jAUfPsGFqAD_GpNkTLAx5iBupHHJrDrsUEVpkMr2jvgKvUw9LxNZ2kA4XEqV3BUJlgJiI67adlUT_9MZTqrJc0Y0WSTP3oHEglnxQgx80wqj4t9wBbpUPNRcXv5Wj7pZ7BL0Y0D-kXtG6k_8EbnXnBtW5Vze2rSj7IIkSFsAfc9MVs9RN2Uq-Z7891dbJa8TcL4Vc1XWQ5ViMD1rB0gAlxNSWvUBUUnhUf0elMXMtyJ1FqQ%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 13:26:16 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 14:06:43 GMT
server
AmazonS3
age
32741
etag
"a705a07561259f8d533887aa81956c88"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
3708
x-amz-cf-id
d1tB9yKefyXg0coI5kxDykLHmKdAr6yLWo32zn89vY-pfwkWuaeeUg==
Legs_Ecologie_FR_MASTER.mp4
f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/ Frame 3C99 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/Legs_Ecologie_FR_MASTER.mp4
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4H5dWm6UYMGRF9abgQe3_L2ABZP5pdBiqLWbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_QzeWgi_Z0c29mbW2xF3rK9M4De5lrtXP6m1wKTK2rT4MWBth30j6k-Ra4FvVtxa95RU12Hjr4iiYGB64C03aOsYS8tEnJPrhtlCGV3cZY0umwXVV6NFb8Q0MkKJ0Xxcyfg0fmeWsWsAL0CkDxyXgYUz8TVKXqS9Rm0UmCvAuD4-mfCfqmRyPCePME0B3GiC1Q2yPwZycQCw_L1fcJDzJmhLpztez99tm6mvLnQ4U9bgdHUrdaluUtyhsxRnbyIOVjNZwEHJFGtIS6QRTUhRoLbmw2ocU83dS_ozLCUV6ShkJachhHatIqOGuOXfV-liglCMfpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopA5rDjHBkcTzvxbzbkv4dA%26sig%3DAOD64_0jOZYwbX-BHoC2D8tng9K4yhpSiw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-AsKV_G9Qmfi8F1iXMVr2bUQRawsJNef_qPTyfAwfjG6M-JQ1NL50YmLTQIo5RBLKp4hBqhFbFqVVAb8oXwxUxl25sfIuwadSSnXBhZ_ghpVu5rtW0fKwLa7LOMyWRywnOOHIU10DvFy7peMu42W-ixq4pkgA%26cry%3D1%26dbm_d%3DAKAmf-D7ATsnersCdrpAxQVZH74YiN__v6R-LA0yQahIxwmuRUxSCHzFEzA1ajkEe8k-MnNvGGe9DfKWAiPwK7UReKtbM1Dp2lfS_uglSg7440C3qLKmhMDx3v5Naau3vz6c72fn4imoWubwcOR0SKYAdEPQsjbn55j_9QWEBpGd_HMFxo9Qp7n1JI8LkhDgZsyh5aCRGUaBdqcVP92wLZkG3hvKfspPh98Fi78XKnASVdhYKhnIcsLLKSdZYdmAEyJJmP15IwOMxrGoXgKtJL6lOVXLNhGBCu1peur35GeuJy50CpbTVrT03E26u6N62lIScbEhxyFmG1dX8g_soTFCOtcqsY4fGId75gSpTAxTPTEBWC-whPHm3wqKcyd75qgvoOSOAZq2FFhLqLk3h5W6Eu1LmCVH1ZbXTuJJdYt8b5PqtLNflAs%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55ec182ca829ac1d563ae550d998c3897adaf7796039ad04c05d651f959eb530
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://live-tag.bannersnack.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

cf-request-id
09e56831a40000324c631dc000000001
x-amz-meta-cache-tag
F-38154712025,FD-38154711878,P-5474758,FLS-ALL
age
291914
x-amz-server-side-encryption
AES256
edge-cache-tag
F-38154712025,FD-38154711878,P-5474758,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
JE5Y3TR75E8Y6W29
etag
"bf474605eb16235aaecaef975422f952"
vary
Accept-Encoding
x-amz-meta-created-unix-time-millis
1606728965568
content-type
video/mp4
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
date
Thu, 06 May 2021 22:31:56 GMT
via
1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
Content-Range
bytes 0-2507536/2507537
Content-Length
2507537
x-amz-id-2
H0N2oltwCfD1VHtHeD7Py00qzU05RO8AnyoSBrBMofidgYLkA+i5sE7Zy2Vo7cJy0gakbcJoPx8=
x-amz-meta-index-tag
all
last-modified
Mon, 30 Nov 2020 15:19:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-version-id
SJE1SbLCvu5JmM4FPbQLdDhlRTNzp0Tc
cf-ray
64b5a9629b85324c-FRA
x-amz-cf-id
fDPx3MwOacKz-Kycey8d6Cc5L7Tel9POY_-s3BtH-rNbiWK0t1LsmA==
Legs_Ecologie_FR_MASTER.mp4
f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/ Frame 3C99 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/Legs_Ecologie_FR_MASTER.mp4
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4H5dWm6UYMGRF9abgQe3_L2ABZP5pdBiqLWbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_QzeWgi_Z0c29mbW2xF3rK9M4De5lrtXP6m1wKTK2rT4MWBth30j6k-Ra4FvVtxa95RU12Hjr4iiYGB64C03aOsYS8tEnJPrhtlCGV3cZY0umwXVV6NFb8Q0MkKJ0Xxcyfg0fmeWsWsAL0CkDxyXgYUz8TVKXqS9Rm0UmCvAuD4-mfCfqmRyPCePME0B3GiC1Q2yPwZycQCw_L1fcJDzJmhLpztez99tm6mvLnQ4U9bgdHUrdaluUtyhsxRnbyIOVjNZwEHJFGtIS6QRTUhRoLbmw2ocU83dS_ozLCUV6ShkJachhHatIqOGuOXfV-liglCMfpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopA5rDjHBkcTzvxbzbkv4dA%26sig%3DAOD64_0jOZYwbX-BHoC2D8tng9K4yhpSiw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-AsKV_G9Qmfi8F1iXMVr2bUQRawsJNef_qPTyfAwfjG6M-JQ1NL50YmLTQIo5RBLKp4hBqhFbFqVVAb8oXwxUxl25sfIuwadSSnXBhZ_ghpVu5rtW0fKwLa7LOMyWRywnOOHIU10DvFy7peMu42W-ixq4pkgA%26cry%3D1%26dbm_d%3DAKAmf-D7ATsnersCdrpAxQVZH74YiN__v6R-LA0yQahIxwmuRUxSCHzFEzA1ajkEe8k-MnNvGGe9DfKWAiPwK7UReKtbM1Dp2lfS_uglSg7440C3qLKmhMDx3v5Naau3vz6c72fn4imoWubwcOR0SKYAdEPQsjbn55j_9QWEBpGd_HMFxo9Qp7n1JI8LkhDgZsyh5aCRGUaBdqcVP92wLZkG3hvKfspPh98Fi78XKnASVdhYKhnIcsLLKSdZYdmAEyJJmP15IwOMxrGoXgKtJL6lOVXLNhGBCu1peur35GeuJy50CpbTVrT03E26u6N62lIScbEhxyFmG1dX8g_soTFCOtcqsY4fGId75gSpTAxTPTEBWC-whPHm3wqKcyd75qgvoOSOAZq2FFhLqLk3h5W6Eu1LmCVH1ZbXTuJJdYt8b5PqtLNflAs%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://live-tag.bannersnack.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

cf-request-id
09e56831a40000324cfc806000000001
x-amz-meta-cache-tag
F-38154712025,FD-38154711878,P-5474758,FLS-ALL
age
291914
x-amz-server-side-encryption
AES256
edge-cache-tag
F-38154712025,FD-38154711878,P-5474758,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
JE5Y3TR75E8Y6W29
etag
"bf474605eb16235aaecaef975422f952"
vary
Accept-Encoding
x-amz-meta-created-unix-time-millis
1606728965568
content-type
video/mp4
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
date
Thu, 06 May 2021 22:31:56 GMT
via
1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
Content-Range
bytes 0-2507536/2507537
Content-Length
2507537
x-amz-id-2
H0N2oltwCfD1VHtHeD7Py00qzU05RO8AnyoSBrBMofidgYLkA+i5sE7Zy2Vo7cJy0gakbcJoPx8=
x-amz-meta-index-tag
all
last-modified
Mon, 30 Nov 2020 15:19:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-version-id
SJE1SbLCvu5JmM4FPbQLdDhlRTNzp0Tc
cf-ray
64b5a962ab86324c-FRA
x-amz-cf-id
fDPx3MwOacKz-Kycey8d6Cc5L7Tel9POY_-s3BtH-rNbiWK0t1LsmA==
Legs_Ecologie_FR_MASTER.mp4
f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/ Frame 83D0 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/Legs_Ecologie_FR_MASTER.mp4
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsXbcWm6UYMCRF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTxAU_QldOKkl5vj1rePCUIZ_iezJurMotthR6XrWLnMdkI-zAa8YjnRvTaBkSzilXozbaUPYs-3RbpOj9WEky5EV-B3SJGFi--Tnc9pxBe9WO0ADEOudaMFNdULAhJ5g1VCDUKloxUEWrLlyTeEHLHvLsgVqpyIVBaG-Jy3j5Nb8l-r99_lHQw_EW3nZfBRowH5E-cxvoR-82MwmYat1kWWv5dK2AEsSd6SFuE7jEbdGxyl9d3sKrD1ADY-2TdqVH5i_fVauCPxx9is3kKsAL255VAmwLbgA9oULune5si4mEwfecDJ4FGmZXhcRgsstZuZV7ABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyNDecGgnwBI669VZLQBo2Q%26sig%3DAOD64_0g4YmrpUhmcr8mbkX3JY4bbRoDGw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-APxEViDHoqe08WsdpfTvgXbvb_u0978C8NjA6QwEy_RAPb9WEYcAuAYdwsfJkyitWuWLiGXD-Uk1mtpi3ro8f6e6sMmXGtIiJgC77rUN0BQXk5-p5YGMgexlDxTz8vsFasgL-iweklfDW0Zd9PwXXnoT9WKQ%26cry%3D1%26dbm_d%3DAKAmf-CpagjvtdQdr8PnA_oYByU5jiTPyd3rqpH84SDOKLy6B3pWCLa7bK2CB4YN9bS3rdGojCOM878IHVb5CFAyHh25K8NxdiMPtdquI4wQtgJ7fA68pdPVbR4MyhA3JBtyADr0xtDQr3uQOX_MLDCSCyiTMEb1EKNArF7wIVXc3kQmKEL9i49bqX2NPy4smwWITxM5jAUfPsGFqAD_GpNkTLAx5iBupHHJrDrsUEVpkMr2jvgKvUw9LxNZ2kA4XEqV3BUJlgJiI67adlUT_9MZTqrJc0Y0WSTP3oHEglnxQgx80wqj4t9wBbpUPNRcXv5Wj7pZ7BL0Y0D-kXtG6k_8EbnXnBtW5Vze2rSj7IIkSFsAfc9MVs9RN2Uq-Z7891dbJa8TcL4Vc1XWQ5ViMD1rB0gAlxNSWvUBUUnhUf0elMXMtyJ1FqQ%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55ec182ca829ac1d563ae550d998c3897adaf7796039ad04c05d651f959eb530
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://live-tag.bannersnack.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

cf-request-id
09e56831af0000324ce9385000000001
x-amz-meta-cache-tag
F-38154712025,FD-38154711878,P-5474758,FLS-ALL
age
291914
x-amz-server-side-encryption
AES256
edge-cache-tag
F-38154712025,FD-38154711878,P-5474758,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
JE5Y3TR75E8Y6W29
etag
"bf474605eb16235aaecaef975422f952"
vary
Accept-Encoding
x-amz-meta-created-unix-time-millis
1606728965568
content-type
video/mp4
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
date
Thu, 06 May 2021 22:31:56 GMT
via
1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
Content-Range
bytes 0-2507536/2507537
Content-Length
2507537
x-amz-id-2
H0N2oltwCfD1VHtHeD7Py00qzU05RO8AnyoSBrBMofidgYLkA+i5sE7Zy2Vo7cJy0gakbcJoPx8=
x-amz-meta-index-tag
all
last-modified
Mon, 30 Nov 2020 15:19:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-version-id
SJE1SbLCvu5JmM4FPbQLdDhlRTNzp0Tc
cf-ray
64b5a962bb9d324c-FRA
x-amz-cf-id
fDPx3MwOacKz-Kycey8d6Cc5L7Tel9POY_-s3BtH-rNbiWK0t1LsmA==
Legs_Ecologie_FR_MASTER.mp4
f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/ Frame 83D0 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/Legs_Ecologie_FR_MASTER.mp4
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsXbcWm6UYMCRF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTxAU_QldOKkl5vj1rePCUIZ_iezJurMotthR6XrWLnMdkI-zAa8YjnRvTaBkSzilXozbaUPYs-3RbpOj9WEky5EV-B3SJGFi--Tnc9pxBe9WO0ADEOudaMFNdULAhJ5g1VCDUKloxUEWrLlyTeEHLHvLsgVqpyIVBaG-Jy3j5Nb8l-r99_lHQw_EW3nZfBRowH5E-cxvoR-82MwmYat1kWWv5dK2AEsSd6SFuE7jEbdGxyl9d3sKrD1ADY-2TdqVH5i_fVauCPxx9is3kKsAL255VAmwLbgA9oULune5si4mEwfecDJ4FGmZXhcRgsstZuZV7ABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyNDecGgnwBI669VZLQBo2Q%26sig%3DAOD64_0g4YmrpUhmcr8mbkX3JY4bbRoDGw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-APxEViDHoqe08WsdpfTvgXbvb_u0978C8NjA6QwEy_RAPb9WEYcAuAYdwsfJkyitWuWLiGXD-Uk1mtpi3ro8f6e6sMmXGtIiJgC77rUN0BQXk5-p5YGMgexlDxTz8vsFasgL-iweklfDW0Zd9PwXXnoT9WKQ%26cry%3D1%26dbm_d%3DAKAmf-CpagjvtdQdr8PnA_oYByU5jiTPyd3rqpH84SDOKLy6B3pWCLa7bK2CB4YN9bS3rdGojCOM878IHVb5CFAyHh25K8NxdiMPtdquI4wQtgJ7fA68pdPVbR4MyhA3JBtyADr0xtDQr3uQOX_MLDCSCyiTMEb1EKNArF7wIVXc3kQmKEL9i49bqX2NPy4smwWITxM5jAUfPsGFqAD_GpNkTLAx5iBupHHJrDrsUEVpkMr2jvgKvUw9LxNZ2kA4XEqV3BUJlgJiI67adlUT_9MZTqrJc0Y0WSTP3oHEglnxQgx80wqj4t9wBbpUPNRcXv5Wj7pZ7BL0Y0D-kXtG6k_8EbnXnBtW5Vze2rSj7IIkSFsAfc9MVs9RN2Uq-Z7891dbJa8TcL4Vc1XWQ5ViMD1rB0gAlxNSWvUBUUnhUf0elMXMtyJ1FqQ%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://live-tag.bannersnack.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

cf-request-id
09e56831af0000324cd72bd000000001
x-amz-meta-cache-tag
F-38154712025,FD-38154711878,P-5474758,FLS-ALL
age
291914
x-amz-server-side-encryption
AES256
edge-cache-tag
F-38154712025,FD-38154711878,P-5474758,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
JE5Y3TR75E8Y6W29
etag
"bf474605eb16235aaecaef975422f952"
vary
Accept-Encoding
x-amz-meta-created-unix-time-millis
1606728965568
content-type
video/mp4
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
date
Thu, 06 May 2021 22:31:56 GMT
via
1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
Content-Range
bytes 0-2507536/2507537
Content-Length
2507537
x-amz-id-2
H0N2oltwCfD1VHtHeD7Py00qzU05RO8AnyoSBrBMofidgYLkA+i5sE7Zy2Vo7cJy0gakbcJoPx8=
x-amz-meta-index-tag
all
last-modified
Mon, 30 Nov 2020 15:19:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-version-id
SJE1SbLCvu5JmM4FPbQLdDhlRTNzp0Tc
cf-ray
64b5a962bb9e324c-FRA
x-amz-cf-id
fDPx3MwOacKz-Kycey8d6Cc5L7Tel9POY_-s3BtH-rNbiWK0t1LsmA==
d65e79bd5e532a2ed627f2f1070fb1b9.png
live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/ Frame 65E5 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/d65e79bd5e532a2ed627f2f1070fb1b9.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
854bce7721bca315b8f6b096a0ffec2498ea7fa2e096fb9d8920f18a327a01bc

Request headers

Referer
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAa7GWm6UYL-RF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTuAU_Qn26a3csvo5Uwz7SUWZOa9fMu92-0D4LguiZtb-J5TW290vwfSotkzuiDkM_zX2CFAtRfGhVLtwjVIp-sgBo7fScovZbNGTNnOVRRBUfuBh0-PRYhJBY5Lp76dkl4A1Vp09P8RqnQoM1woNTfI-sWRmadNI77W6mhgbF64YJHNSFXNnfQS5l4tGXngsKy_FAiCUKtBm-7zmKST3YNv8gjVQkKgGEc-bq6epJ39eIpw8Rv-Cm_sSc7AbIf84jSrYManqmDEfcrfcPK0pLA13_51VmGafL4B42i4qL8DqcPS4ItSAFa5cwDcH4pb8TABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2B42yRIHYTnql7LZDFeweA%26sig%3DAOD64_1IDDT88AgBX6nkbhKbrF8PUGegbQ%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-BZFOc8VK2sUpmFWlJuWh_ZZfMjJt6r0LICqJEc1neZgi6gVRM90Vp5Q3886sxrX-DlQwTgMGCbCjDpj5e-FfKMJSOKvvxLzXgBT5hT0e_dB_nLqP_1SkcOvPOpX0PsMxEoX0uROT3mkLO_7ZsjXkNeM5dnYQ%26cry%3D1%26dbm_d%3DAKAmf-C45xxJVMle2Y0zXyVO2ObVzdRlv05nLIPEX9neH_lxh36kBdYuQnsocFaze6i-6RZLvPv0sRCTZ30ReOwO0E6oYnWtLDlU6sl4ngbuF6Hkw38AXWx4Cksf73cI9ltIa7rpfgvwsZoN8QTY3W2ngoVt0jwZJEZNnvgRSvuUgar03i83WOyI09RF_3d9w3SMcRWW0jXaN9-jkjoYnesue2JiTnQpgKCsboUbgJaNb10fGrggKDlvScwylh_zdGTx8YWakPcqmy1po13dkEu58CZCHMNtVqbc1ESeNMJJmCQvSHEWMAnA-VI75f2uqeEH-OSDGv7siEAj3px5IKhHTSeYNf02Lbo-fLfQ4qIsPwSb1cFe5hBbnc8QLFpTlpwk0X-mCXi7-WbXxY_A2wQLIR0rw1n2Pb_3ExJs3BhXVKinfraFlaE%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 22:50:12 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 14:06:43 GMT
server
AmazonS3
age
85305
etag
"d65e79bd5e532a2ed627f2f1070fb1b9"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
39663
x-amz-cf-id
HoU5QWG6EuFCjBPWz-WZpE_8rd8AUXiKBjOxbqfMadvZtSfC-p4Biw==
a705a07561259f8d533887aa81956c88.png
live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/ Frame 65E5 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/a705a07561259f8d533887aa81956c88.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57c864927d9c581cba66b9e26ee948842cc77e1cf211d13d845f6c6ce0daf7be

Request headers

Referer
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAa7GWm6UYL-RF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTuAU_Qn26a3csvo5Uwz7SUWZOa9fMu92-0D4LguiZtb-J5TW290vwfSotkzuiDkM_zX2CFAtRfGhVLtwjVIp-sgBo7fScovZbNGTNnOVRRBUfuBh0-PRYhJBY5Lp76dkl4A1Vp09P8RqnQoM1woNTfI-sWRmadNI77W6mhgbF64YJHNSFXNnfQS5l4tGXngsKy_FAiCUKtBm-7zmKST3YNv8gjVQkKgGEc-bq6epJ39eIpw8Rv-Cm_sSc7AbIf84jSrYManqmDEfcrfcPK0pLA13_51VmGafL4B42i4qL8DqcPS4ItSAFa5cwDcH4pb8TABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2B42yRIHYTnql7LZDFeweA%26sig%3DAOD64_1IDDT88AgBX6nkbhKbrF8PUGegbQ%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-BZFOc8VK2sUpmFWlJuWh_ZZfMjJt6r0LICqJEc1neZgi6gVRM90Vp5Q3886sxrX-DlQwTgMGCbCjDpj5e-FfKMJSOKvvxLzXgBT5hT0e_dB_nLqP_1SkcOvPOpX0PsMxEoX0uROT3mkLO_7ZsjXkNeM5dnYQ%26cry%3D1%26dbm_d%3DAKAmf-C45xxJVMle2Y0zXyVO2ObVzdRlv05nLIPEX9neH_lxh36kBdYuQnsocFaze6i-6RZLvPv0sRCTZ30ReOwO0E6oYnWtLDlU6sl4ngbuF6Hkw38AXWx4Cksf73cI9ltIa7rpfgvwsZoN8QTY3W2ngoVt0jwZJEZNnvgRSvuUgar03i83WOyI09RF_3d9w3SMcRWW0jXaN9-jkjoYnesue2JiTnQpgKCsboUbgJaNb10fGrggKDlvScwylh_zdGTx8YWakPcqmy1po13dkEu58CZCHMNtVqbc1ESeNMJJmCQvSHEWMAnA-VI75f2uqeEH-OSDGv7siEAj3px5IKhHTSeYNf02Lbo-fLfQ4qIsPwSb1cFe5hBbnc8QLFpTlpwk0X-mCXi7-WbXxY_A2wQLIR0rw1n2Pb_3ExJs3BhXVKinfraFlaE%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 13:26:16 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 14:06:43 GMT
server
AmazonS3
age
32741
etag
"a705a07561259f8d533887aa81956c88"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
3708
x-amz-cf-id
PvU62WVue_bRNwfhBam3uMw6nwd15RBE3UEoQ6zGQhKJ-JPpgP-b_Q==
css
fonts.googleapis.com/ Frame 65E5 		672 B
360 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:900
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
783b19ce6e3caa738691d51adf23d6280c4046739a34a6e8cc4c16ec985a6c21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://live-tag.bannersnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 06 May 2021 20:39:07 GMT
server
ESF
date
Thu, 06 May 2021 22:31:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 06 May 2021 22:31:56 GMT
9eb5a7965855159eddc4ff41d843a8ff.png
live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/ Frame 65E5 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/9eb5a7965855159eddc4ff41d843a8ff.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAa7GWm6UYL-RF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTuAU_Qn26a3csvo5Uwz7SUWZOa9fMu92-0D4LguiZtb-J5TW290vwfSotkzuiDkM_zX2CFAtRfGhVLtwjVIp-sgBo7fScovZbNGTNnOVRRBUfuBh0-PRYhJBY5Lp76dkl4A1Vp09P8RqnQoM1woNTfI-sWRmadNI77W6mhgbF64YJHNSFXNnfQS5l4tGXngsKy_FAiCUKtBm-7zmKST3YNv8gjVQkKgGEc-bq6epJ39eIpw8Rv-Cm_sSc7AbIf84jSrYManqmDEfcrfcPK0pLA13_51VmGafL4B42i4qL8DqcPS4ItSAFa5cwDcH4pb8TABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2B42yRIHYTnql7LZDFeweA%26sig%3DAOD64_1IDDT88AgBX6nkbhKbrF8PUGegbQ%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-BZFOc8VK2sUpmFWlJuWh_ZZfMjJt6r0LICqJEc1neZgi6gVRM90Vp5Q3886sxrX-DlQwTgMGCbCjDpj5e-FfKMJSOKvvxLzXgBT5hT0e_dB_nLqP_1SkcOvPOpX0PsMxEoX0uROT3mkLO_7ZsjXkNeM5dnYQ%26cry%3D1%26dbm_d%3DAKAmf-C45xxJVMle2Y0zXyVO2ObVzdRlv05nLIPEX9neH_lxh36kBdYuQnsocFaze6i-6RZLvPv0sRCTZ30ReOwO0E6oYnWtLDlU6sl4ngbuF6Hkw38AXWx4Cksf73cI9ltIa7rpfgvwsZoN8QTY3W2ngoVt0jwZJEZNnvgRSvuUgar03i83WOyI09RF_3d9w3SMcRWW0jXaN9-jkjoYnesue2JiTnQpgKCsboUbgJaNb10fGrggKDlvScwylh_zdGTx8YWakPcqmy1po13dkEu58CZCHMNtVqbc1ESeNMJJmCQvSHEWMAnA-VI75f2uqeEH-OSDGv7siEAj3px5IKhHTSeYNf02Lbo-fLfQ4qIsPwSb1cFe5hBbnc8QLFpTlpwk0X-mCXi7-WbXxY_A2wQLIR0rw1n2Pb_3ExJs3BhXVKinfraFlaE%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90cb6519104e8399a6e7feea9f3b825afc73c87eb9017581da07bef4c584f8ee

Request headers

Referer
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAa7GWm6UYL-RF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTuAU_Qn26a3csvo5Uwz7SUWZOa9fMu92-0D4LguiZtb-J5TW290vwfSotkzuiDkM_zX2CFAtRfGhVLtwjVIp-sgBo7fScovZbNGTNnOVRRBUfuBh0-PRYhJBY5Lp76dkl4A1Vp09P8RqnQoM1woNTfI-sWRmadNI77W6mhgbF64YJHNSFXNnfQS5l4tGXngsKy_FAiCUKtBm-7zmKST3YNv8gjVQkKgGEc-bq6epJ39eIpw8Rv-Cm_sSc7AbIf84jSrYManqmDEfcrfcPK0pLA13_51VmGafL4B42i4qL8DqcPS4ItSAFa5cwDcH4pb8TABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2B42yRIHYTnql7LZDFeweA%26sig%3DAOD64_1IDDT88AgBX6nkbhKbrF8PUGegbQ%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-BZFOc8VK2sUpmFWlJuWh_ZZfMjJt6r0LICqJEc1neZgi6gVRM90Vp5Q3886sxrX-DlQwTgMGCbCjDpj5e-FfKMJSOKvvxLzXgBT5hT0e_dB_nLqP_1SkcOvPOpX0PsMxEoX0uROT3mkLO_7ZsjXkNeM5dnYQ%26cry%3D1%26dbm_d%3DAKAmf-C45xxJVMle2Y0zXyVO2ObVzdRlv05nLIPEX9neH_lxh36kBdYuQnsocFaze6i-6RZLvPv0sRCTZ30ReOwO0E6oYnWtLDlU6sl4ngbuF6Hkw38AXWx4Cksf73cI9ltIa7rpfgvwsZoN8QTY3W2ngoVt0jwZJEZNnvgRSvuUgar03i83WOyI09RF_3d9w3SMcRWW0jXaN9-jkjoYnesue2JiTnQpgKCsboUbgJaNb10fGrggKDlvScwylh_zdGTx8YWakPcqmy1po13dkEu58CZCHMNtVqbc1ESeNMJJmCQvSHEWMAnA-VI75f2uqeEH-OSDGv7siEAj3px5IKhHTSeYNf02Lbo-fLfQ4qIsPwSb1cFe5hBbnc8QLFpTlpwk0X-mCXi7-WbXxY_A2wQLIR0rw1n2Pb_3ExJs3BhXVKinfraFlaE%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 22:50:12 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 14:06:43 GMT
server
AmazonS3
age
85305
etag
"9eb5a7965855159eddc4ff41d843a8ff"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
136369
x-amz-cf-id
QxOnPpalUH6PU9wESvCWTyJlbik9cwUP4j9Cxf_Gp1Z79G-TxhgsrA==
Legs_Ecologie_FR_MASTER.mp4
f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/ Frame 65E5 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/Legs_Ecologie_FR_MASTER.mp4
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAa7GWm6UYL-RF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTuAU_Qn26a3csvo5Uwz7SUWZOa9fMu92-0D4LguiZtb-J5TW290vwfSotkzuiDkM_zX2CFAtRfGhVLtwjVIp-sgBo7fScovZbNGTNnOVRRBUfuBh0-PRYhJBY5Lp76dkl4A1Vp09P8RqnQoM1woNTfI-sWRmadNI77W6mhgbF64YJHNSFXNnfQS5l4tGXngsKy_FAiCUKtBm-7zmKST3YNv8gjVQkKgGEc-bq6epJ39eIpw8Rv-Cm_sSc7AbIf84jSrYManqmDEfcrfcPK0pLA13_51VmGafL4B42i4qL8DqcPS4ItSAFa5cwDcH4pb8TABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2B42yRIHYTnql7LZDFeweA%26sig%3DAOD64_1IDDT88AgBX6nkbhKbrF8PUGegbQ%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-BZFOc8VK2sUpmFWlJuWh_ZZfMjJt6r0LICqJEc1neZgi6gVRM90Vp5Q3886sxrX-DlQwTgMGCbCjDpj5e-FfKMJSOKvvxLzXgBT5hT0e_dB_nLqP_1SkcOvPOpX0PsMxEoX0uROT3mkLO_7ZsjXkNeM5dnYQ%26cry%3D1%26dbm_d%3DAKAmf-C45xxJVMle2Y0zXyVO2ObVzdRlv05nLIPEX9neH_lxh36kBdYuQnsocFaze6i-6RZLvPv0sRCTZ30ReOwO0E6oYnWtLDlU6sl4ngbuF6Hkw38AXWx4Cksf73cI9ltIa7rpfgvwsZoN8QTY3W2ngoVt0jwZJEZNnvgRSvuUgar03i83WOyI09RF_3d9w3SMcRWW0jXaN9-jkjoYnesue2JiTnQpgKCsboUbgJaNb10fGrggKDlvScwylh_zdGTx8YWakPcqmy1po13dkEu58CZCHMNtVqbc1ESeNMJJmCQvSHEWMAnA-VI75f2uqeEH-OSDGv7siEAj3px5IKhHTSeYNf02Lbo-fLfQ4qIsPwSb1cFe5hBbnc8QLFpTlpwk0X-mCXi7-WbXxY_A2wQLIR0rw1n2Pb_3ExJs3BhXVKinfraFlaE%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55ec182ca829ac1d563ae550d998c3897adaf7796039ad04c05d651f959eb530
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://live-tag.bannersnack.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

cf-request-id
09e56831e80000324c02b46000000001
x-amz-meta-cache-tag
F-38154712025,FD-38154711878,P-5474758,FLS-ALL
age
291914
x-amz-server-side-encryption
AES256
edge-cache-tag
F-38154712025,FD-38154711878,P-5474758,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
JE5Y3TR75E8Y6W29
etag
"bf474605eb16235aaecaef975422f952"
vary
Accept-Encoding
x-amz-meta-created-unix-time-millis
1606728965568
content-type
video/mp4
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
date
Thu, 06 May 2021 22:31:56 GMT
via
1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
Content-Range
bytes 0-2507536/2507537
Content-Length
2507537
x-amz-id-2
H0N2oltwCfD1VHtHeD7Py00qzU05RO8AnyoSBrBMofidgYLkA+i5sE7Zy2Vo7cJy0gakbcJoPx8=
x-amz-meta-index-tag
all
last-modified
Mon, 30 Nov 2020 15:19:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-version-id
SJE1SbLCvu5JmM4FPbQLdDhlRTNzp0Tc
cf-ray
64b5a9630c08324c-FRA
x-amz-cf-id
fDPx3MwOacKz-Kycey8d6Cc5L7Tel9POY_-s3BtH-rNbiWK0t1LsmA==
Legs_Ecologie_FR_MASTER.mp4
f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/ Frame 65E5 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/Legs_Ecologie_FR_MASTER.mp4
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAa7GWm6UYL-RF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTuAU_Qn26a3csvo5Uwz7SUWZOa9fMu92-0D4LguiZtb-J5TW290vwfSotkzuiDkM_zX2CFAtRfGhVLtwjVIp-sgBo7fScovZbNGTNnOVRRBUfuBh0-PRYhJBY5Lp76dkl4A1Vp09P8RqnQoM1woNTfI-sWRmadNI77W6mhgbF64YJHNSFXNnfQS5l4tGXngsKy_FAiCUKtBm-7zmKST3YNv8gjVQkKgGEc-bq6epJ39eIpw8Rv-Cm_sSc7AbIf84jSrYManqmDEfcrfcPK0pLA13_51VmGafL4B42i4qL8DqcPS4ItSAFa5cwDcH4pb8TABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2B42yRIHYTnql7LZDFeweA%26sig%3DAOD64_1IDDT88AgBX6nkbhKbrF8PUGegbQ%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-BZFOc8VK2sUpmFWlJuWh_ZZfMjJt6r0LICqJEc1neZgi6gVRM90Vp5Q3886sxrX-DlQwTgMGCbCjDpj5e-FfKMJSOKvvxLzXgBT5hT0e_dB_nLqP_1SkcOvPOpX0PsMxEoX0uROT3mkLO_7ZsjXkNeM5dnYQ%26cry%3D1%26dbm_d%3DAKAmf-C45xxJVMle2Y0zXyVO2ObVzdRlv05nLIPEX9neH_lxh36kBdYuQnsocFaze6i-6RZLvPv0sRCTZ30ReOwO0E6oYnWtLDlU6sl4ngbuF6Hkw38AXWx4Cksf73cI9ltIa7rpfgvwsZoN8QTY3W2ngoVt0jwZJEZNnvgRSvuUgar03i83WOyI09RF_3d9w3SMcRWW0jXaN9-jkjoYnesue2JiTnQpgKCsboUbgJaNb10fGrggKDlvScwylh_zdGTx8YWakPcqmy1po13dkEu58CZCHMNtVqbc1ESeNMJJmCQvSHEWMAnA-VI75f2uqeEH-OSDGv7siEAj3px5IKhHTSeYNf02Lbo-fLfQ4qIsPwSb1cFe5hBbnc8QLFpTlpwk0X-mCXi7-WbXxY_A2wQLIR0rw1n2Pb_3ExJs3BhXVKinfraFlaE%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://live-tag.bannersnack.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

cf-request-id
09e56831e90000324cd8992000000001
x-amz-meta-cache-tag
F-38154712025,FD-38154711878,P-5474758,FLS-ALL
age
291914
x-amz-server-side-encryption
AES256
edge-cache-tag
F-38154712025,FD-38154711878,P-5474758,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
JE5Y3TR75E8Y6W29
etag
"bf474605eb16235aaecaef975422f952"
vary
Accept-Encoding
x-amz-meta-created-unix-time-millis
1606728965568
content-type
video/mp4
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
date
Thu, 06 May 2021 22:31:56 GMT
via
1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
Content-Range
bytes 0-2507536/2507537
Content-Length
2507537
x-amz-id-2
H0N2oltwCfD1VHtHeD7Py00qzU05RO8AnyoSBrBMofidgYLkA+i5sE7Zy2Vo7cJy0gakbcJoPx8=
x-amz-meta-index-tag
all
last-modified
Mon, 30 Nov 2020 15:19:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-version-id
SJE1SbLCvu5JmM4FPbQLdDhlRTNzp0Tc
cf-ray
64b5a9630c0a324c-FRA
x-amz-cf-id
fDPx3MwOacKz-Kycey8d6Cc5L7Tel9POY_-s3BtH-rNbiWK0t1LsmA==
juwEKQDXmb_mWiRVknlG87zcbCKCtKTnunSclexXl3A.js
pagead2.googlesyndication.com/bg/ Frame 4FFD 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/juwEKQDXmb_mWiRVknlG87zcbCKCtKTnunSclexXl3A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8eec042900d799bfe65a2455927946f3bcdc6c2282b4a4e7ba749c95ec579770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 06:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 03 May 2021 10:48:00 GMT
server
sffe
age
56998
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5663
x-xss-protection
0
expires
Fri, 06 May 2022 06:41:58 GMT
playback
s.youtube.com/api/stats/ Frame C449 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/playback?ns=yt&fexp=21064201&el=adunit&cpn=tASCC0TeQHF1peuk&docid=vrSkrZv08sk&ver=2&cmt=0.261&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fstart.mybluelight.com%2F&len=19.017&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=17&rtn=10
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::71 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame AB53 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042801&jk=3196673785160430&bg=!cHOlczfNAAYP3QOmD907ACkAdvg8WkggX1y88rLTsvuCqGWoS1eaf23vyl57dEhG25y0dxXK_HvsFwIAAAFdUgAAAFhoAQeZAoZBRegcCsVgLZj00qMUqaKze61pCZODgMs3VMKz_tzM7WOQdSmXxARNdify6CfJbxFfXYW3Q36aILFsWzXf30E3esiaVr1p7nhCFWXWQr8Ec0uSWwYgv_4RvaXcq-PxVHzsqACaftiW9deX9MO2soc_guXLq1Qj0QNBHsmY0_kVEJcVokS1vol8d8ncwGH9cqWKj642DyvssfiawOM2TmCm_X8qNY3RBMJ6dLe0hwUXu63pJXsEuYxUcuuA_uyuofnAXSpLm2Uwd127umDdz7wcHIdwDou8ep-W2YFJkHt_ItGtmYkyKZek0xSj-rhLvVRg3sJg3eC67Oy6VxeZBeY8d1v2UnXtxmy6SdoNGgfTc10gx19d2eknpIFn6x47GvTKwWV4VIo-CkA3LQJLtTMjPfXLhj9cvB9mYI-MpxSxUdzBMzKQPj8k5GswaraLmkzgTYMU_Y0rQL5DVhPcQpmWrE1WQAgZO2ezoU3fbfDnPqfEKgjvzzs5Zpe23whtCXYbFzMqIZXv6blFQvY0cI0S9nz1iEYxm2SdvuGt6PqdSWf5zxBSkthgJ-xKFe1K1E3B9UtAk3_Phs4mCMsZ188v7vmWlev3U4nJeYNWIVypktUxJTtZKa-MLbEUlbmQsjHkAqzx_SIB8H9olMi6E1RrxAxH9ueGR7P4lM3yf1X__l_SWtdTWYr4jW5H9uudODNMome1a5FAykAf3vOi1LoHomQV1fN-LHv36FY_QcA6a2Rdb2zPRb_gzpH5_FpubXCyaQjBgm_1_uRT15-6NbDohnhYZOlCIhZOwoGj2Qe8S52iv_owRRDHEkJpBcVtkcpjYU5rGjWJe4qsXNVaSinNCozOGioy
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 237D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSSVJhwonMvAjzLGG6D3DK3lB2pdIqyR4ao9pTg1wMfqdpZ472SuKFDgU3v3zvLdFpFFI8FmsZY6SajyaHgiOlsLMaXo4IfaIds336eGwxD8etVMakn_aMsuI&sai=AMfl-YTklvGdcf1lRTYWfZd_IZsBW_RCDiLUkyFijCxc0qhRiGybZZ_IY3x_uusxEoYTBEyRcRtr5dvOYWPDmWoQDnsA8jip7PkZacxqS1f2QbOrZilnTIAuMz3AwdDK&sig=Cg0ArKJSzK_hLUs9uucdEAE&cid=CAASFeRo0R-A4Hh2KxlFlO4R3bL3VNEGTg&id=ampim&o=0,950&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1045&mtos=0,0,1045,1045,1045&tos=0,0,1045,0,0&tfs=241&tls=1286&g=98.93229007720947&h=100&tt=1286&r=v&avms=ampa&adk=2346308092
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4FFD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.454.1&bgai=BO2OsW26UYKKhC5rl-gaKwID4CwAAAAA4AboFEwiI7JmHjrbwAhXEhnsKHcD-DcY&bg=!2Nul25_NAAYP3QOmD907ACkAdvg8WkXFt8HTshqSoS_pVAdYIXzttQBURQSvLw37LUBFgal_dLHE4AIAAAR-UgAAABtoAQcKAKzdh0YRP5-5H1OMnp8BXv215jdO-I8X2Ru5vOU4ZaOycQdRAqVi5SLV3pITK4PKbZ6aeuV98LUMgOmuF-G71juYMN3T8JK6COmqLOlDWkbA54B49VbCPIrVAcGAleMOeUuaXqk6VLSTt-CRrbr-NiqVr1qoO-biTC8XtE-2j02AJBRszfOlYVdhvaBQ2FB5Xdjo7ig_yCQZhJksPZwzKJ8DvW9kVRjKFr_AA5PvmQIEvF5enH7yS1kpbd0PfVgUmzVQdL6WO11qcog72HitxUI958qJIwBInHWRLH-0qAoHXCe3BF4cnwaW5KsDM9nqMSfuxeZyApwB1dqir4B8J_LRgrD_MsXQH4LjjeljrJEeNWvJ8SzfqVwoJUcla8ta9WF6kcqFxYQy0Fj05G0Py0WblrI-NlKxA5vu6jwnAjm0SKn0gGCNU_ZrHiM6yUa27SzFTo2QT5c3DOyK3tQ7t4RsEvtQjxKkcMocHQPAzeZeC9XQe-rBUiMkfv5JJC-CEl9uVAShkwvPUlDlLcUTkU-KLh5nZQAcpSNYvHaRXlyqnnDlPbQLAPMLTApil9ivsEXfj6nVcbJMZZecMYxzGTdhsFS0_563oI-5qwLd2ioH7pcf66hda5HE7WeM5eoyzQsHIe77kZmvIQ2Bm3eer1-5KSw0e4j5n2lrKmpIBhMPkj_8UNkwVaIDS3Ihjr67TA32p26IaFVG3szmzwhiu4zNa-eOZK_NSGNc2z_TXjvJxbzq-lnofZiQplgNcDqwdVEB7NEmjvftSNq4BMKn17fxGM8dJeMafXCfZeRHFyZXtSjZTgPnumjtkzQolXZw8m1OiDhHhaBu-QEbtSytMWE7KSO8SlCP9jrENdpxA4I1BYnnNwf8yom_-nI1O8s0MuBIP2NEBQYUinFAl2T5weJaR5CC
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 7D18 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156657&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:55 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
av
capi.connatix.com/tr/ Frame D9A3 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/av?v=116015
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.99.24 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 06 May 2021 22:31:58 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://start.mybluelight.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
usync.js
eus.rubiconproject.com/ Frame 017A 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1YNN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b2b279ece006b0e9d263bf7bed8f9c0a1435738db4dff2c57e13d1efe98900a9

Request headers

Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1YNN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=30841
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9239
Expires
Fri, 07 May 2021 07:05:59 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8CE8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsklb_awv6BWzXE82Rh8xvxUgIJe-HmNa8rktOaHlOya0ubkY2PDjxe_I7T5oEBylT8OCps-R8GztNdOcXwRvhtCGpJmM6RVQL99wvUtCCyeW0jqrOIJ42FV2zJLc9LGTbzcjdFnQqsEIzl5ng7g&sai=AMfl-YTAdLynFzGu3O-H_4AWXFOMyFOU9apL3HUzcsFlrcmTuz4WM8qXdY02n8aQk1L3kMYyOB5KYKGbeffwjJax2OSI2h9F5WqEPk4FCPlqpTPhEG6RBNLeIxvf-Jjx&sig=Cg0ArKJSzBcRfG234jDMEAE&cid=CAASFeRokpfi6mSHoNCyS0yjRmX5qlsIwA&id=lidarv&acvw=sv%3D894%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D585,516,838,966%26tos%3D2093,0,0,0,0%26mtos%3D2093,2093,2093,2093,2093%26amtos%3D0,0,0,0,0%26mcvt%3D2093%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2093%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D726%26pst%3D554%26dur%3D19017%26vmtime%3D1488%26dtos%3D2093%26dtoss%3D1%26dvs%3D2069%26dfvs%3D2069%26dvpt%3D2069%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1159%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D679419909%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1620340318454%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2093&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1620340315545
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4E74 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=C0B8DCA6-4544-4BC6-B95F-C7A276B84852; chkChromeAb67Sec=1; DPSync3=1621468800%3A226_221_201_227; SyncRTB3=1621123200%3A63%7C1621555200%3A35%7C1622851200%3A203%7C1621468800%3A21_54_71_8_56_161_7_166_22_81_55_3_13_165%7C1620864000%3A15_2_223; KRTBCOOKIE_1101=23040-6959308665611614348; PUBMDCID=3; KRTBCOOKIE_218=22978-YJRuWwAAziE1gwA4&KRTB&23194-YJRuWwAAziE1gwA4&KRTB&23209-YJRuWwAAziE1gwA4&KRTB&23244-YJRuWwAAziE1gwA4; KRTBCOOKIE_391=22924-4232242844760825305&KRTB&23263-4232242844760825305; KRTBCOOKIE_22=14911-4566350889066153267; KRTBCOOKIE_377=6810-6f5b57e8-58b1-4c2f-8ab8-4329b8f9ea3d&KRTB&22918-6f5b57e8-58b1-4c2f-8ab8-4329b8f9ea3d&KRTB&23031-6f5b57e8-58b1-4c2f-8ab8-4329b8f9ea3d; SPugT=1620340315; KRTBCOOKIE_336=5844-1514147791061770928; KRTBCOOKIE_699=22727-AABt9E7BKN0AADEs5oZmag; KRTBCOOKIE_153=1923-_TGlzP1kqcHmN6uZ82Sxnv83pcjmM_-c_mVkFtji&KRTB&19420-_TGlzP1kqcHmN6uZ82Sxnv83pcjmM_-c_mVkFtji&KRTB&22979-_TGlzP1kqcHmN6uZ82Sxnv83pcjmM_-c_mVkFtji; KRTBCOOKIE_57=22776-9016660716835022949; PugT=1620340317; KRTBCOOKIE_80=16514-CAESEFnvxqKmN8vMjY9dRB3MP4I&KRTB&22987-CAESEFnvxqKmN8vMjY9dRB3MP4I&KRTB&23025-CAESEFnvxqKmN8vMjY9dRB3MP4I; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=89902
Expires
Fri, 07 May 2021 23:30:20 GMT
Date
Thu, 06 May 2021 22:31:58 GMT
Connection
keep-alive
Vary
Accept-Encoding
tap.php
pixel.rubiconproject.com/ Frame 017A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1YNN
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ATQUfFnu1WztKuaEE2IGfsn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1YNN
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4370208921288564982
42 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4370208921288564982
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

date
Thu, 06 May 2021 22:32:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4370208921288564982
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 017A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1YNN
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09ER1NBUlgtMVAtSFQzNQ==&us_privacy=1YNN
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09ER1NBUlgtMVAtSFQzNQ==&us_privacy=1YNN
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09ER1NBUlgtMVAtSFQzNQ==&us_privacy=1YNN
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 017A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1YNN
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=84d46094-6e61-4c00-8fbb-699479726b69
42 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=84d46094-6e61-4c00-8fbb-699479726b69
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

Date
Thu, 06 May 2021 22:31:29 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x5
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=84d46094-6e61-4c00-8fbb-699479726b69
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 06 May 2021 22:31:28 GMT
709414.gif
id.rlcdn.com/ Frame 017A 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?us_privacy=1YNN
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:32:05 GMT
via
1.1 google
alt-svc
clear
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 017A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1YNN
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YJRuWwAAziE1gwA4&us_privacy=1YNN
42 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YJRuWwAAziE1gwA4&us_privacy=1YNN
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:58 GMT
via
1.1 varnish
server
Varnish
x-timer
S1620340319.614251,VS0,VE0
x-served-by
cache-hhn4052-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YJRuWwAAziE1gwA4&us_privacy=1YNN
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
v1
ads.yahoo.com/cms/ Frame 017A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1YNN
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KODGSARX-1P-HT35&sigv=1&esig=2~0c36b833d7b4177d0c8fc526ff8087ed44db7392&us_privacy=1YNN
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KODGSARX-1P-HT35&sigv=1&esig=2~0c36b833d7b4177d0c8fc526ff8087ed44db7392&us_privacy=1YNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:32:04 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KODGSARX-1P-HT35&sigv=1&esig=2~0c36b833d7b4177d0c8fc526ff8087ed44db7392&us_privacy=1YNN
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 017A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1YNN
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTEzNzdjNzc3YWJkNzQ2MjU4ODg3Y2JhMmM5MTQwYTMwZjliMWExMQ&us_privacy=1YNN
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTEzNzdjNzc3YWJkNzQ2MjU4ODg3Y2JhMmM5MTQwYTMwZjliMWExMQ&us_privacy=1YNN
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTEzNzdjNzc3YWJkNzQ2MjU4ODg3Y2JhMmM5MTQwYTMwZjliMWExMQ&us_privacy=1YNN
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 017A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1YNN
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.69.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
PugMaster
image6.pubmatic.com/AdServer/ Frame 4E74 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=69626070&p=157483&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNN&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
42e5fc7bef62c7e8bec2c699e6d48cb9ba52e2de0bf92d23648b27a1cb8f57a5

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:57 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame C105 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=C0B8DCA6-4544-4BC6-B95F-C7A276B84852
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=C0B8DCA6-4544-4BC6-B95F-C7A276B84852
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=4232242844760825305
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 06 May 2021 22:31:58 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=4232242844760825305; expires=Mon, 05 Jul 2021 22:31:58 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Cookie set merge
ce.lijit.com/ Frame 20CF
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8632975931
  • https://sync.1rx.io/usersync/tradedesk/6f5b57e8-58b1-4c2f-8ab8-4329b8f9ea3d
  • https://sync.targeting.unrulymedia.com/csync/RX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003
  • https://ce.lijit.com/merge?pid=56&3pid=RX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=56&3pid=RX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host
ce.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljt_reader=75dceddf9fb94857879a4914; ljtrtbexp=eJyrVrIwUbIyNDMyNDWxtDQ01lGyMEXlm5qh8g0NUPkmxsj8WgCbkRBY; _ljtrtb_43=0PFQedCkXHTL914s3qREK9L3UH3L8wop06XP_7iC; _ljtrtb_84=c:4d160f8d096936575a242b508c31c559; ljtrtb=eJyrVrIwUbJSSrYySTE0M0izSDGwNLM0NjM1N000MjFKMjWwSDY2TDY1tVTSUTIxBqo0CHALTE1xzo7wCPGxNDQpNi4McvW29DEO9TD2sSjPLzAwiwiIN890VqoFABNkGAg%3D; _ljtrtb_85=AABt9E7BKN0AADEs5oZmag
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 06 May 2021 22:32:00 GMT
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
_ljtrtb_84=c:4d160f8d096936575a242b508c31c559;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_85=AABt9E7BKN0AADEs5oZmag;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_43=0PFQedCkXHTL914s3qREK9L3UH3L8wop06XP_7iC;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None ljtrtb=eJyrVrIwUbJSSrYySTE0M0izSDGwNLM0NjM1N000MjFKMjWwSDY2TDY1tVTSUbIwBap0dHQqsXQ1d%2FL2M3B0dHEtNs2Pyk1MB8qaGANlDQLcAlNTnLMjPEJ8LA1Nio0Lg1y9LX2MQz2MfSzK8wsMzCIC4s0znZVqATr0IAw%3D;Path=/;Domain=.lijit.com;Expires=Fri, 06-May-2022 22:32:00 GMT;Max-Age=31536000;Secure;SameSite=None _ljtrtb_56=RX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003;Path=/;Domain=.lijit.com;Expires=Fri, 06-May-2022 22:32:00 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=75dceddf9fb94857879a4914;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJyrVrIwUbIyNDMyNDWxtDQ01lGyMEXlm5qh8g0NUPkmxsj8WgCbkRBY;Path=/;Domain=.lijit.com;Expires=Fri, 06-May-2022 22:32:00 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap6ams1

Redirect headers

server
Tengine
date
Thu, 06 May 2021 22:31:59 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003%22%7D; path=/; expires=Fri, 06 May 2022 22:31:59 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://ce.lijit.com/merge?pid=56&3pid=RX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003
etag
RX59e2dcb9394c41f9acb5fe82b55d215d003
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame C4C9
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=BTsXeaJtpCtTTSyY7ypCWw2n
42 B
775 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=BTsXeaJtpCtTTSyY7ypCWw2n
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=C0B8DCA6-4544-4BC6-B95F-C7A276B84852; KRTBCOOKIE_1101=23040-6959308665611614348; PUBMDCID=3; KRTBCOOKIE_218=22978-YJRuWwAAziE1gwA4&KRTB&23194-YJRuWwAAziE1gwA4&KRTB&23209-YJRuWwAAziE1gwA4&KRTB&23244-YJRuWwAAziE1gwA4; KRTBCOOKIE_391=22924-4232242844760825305&KRTB&23263-4232242844760825305; KRTBCOOKIE_22=14911-4566350889066153267; KRTBCOOKIE_377=6810-6f5b57e8-58b1-4c2f-8ab8-4329b8f9ea3d&KRTB&22918-6f5b57e8-58b1-4c2f-8ab8-4329b8f9ea3d&KRTB&23031-6f5b57e8-58b1-4c2f-8ab8-4329b8f9ea3d; SPugT=1620340315; KRTBCOOKIE_336=5844-1514147791061770928; KRTBCOOKIE_699=22727-AABt9E7BKN0AADEs5oZmag; KRTBCOOKIE_153=1923-_TGlzP1kqcHmN6uZ82Sxnv83pcjmM_-c_mVkFtji&KRTB&19420-_TGlzP1kqcHmN6uZ82Sxnv83pcjmM_-c_mVkFtji&KRTB&22979-_TGlzP1kqcHmN6uZ82Sxnv83pcjmM_-c_mVkFtji; KRTBCOOKIE_57=22776-9016660716835022949; PugT=1620340317; KRTBCOOKIE_80=16514-CAESEFnvxqKmN8vMjY9dRB3MP4I&KRTB&22987-CAESEFnvxqKmN8vMjY9dRB3MP4I&KRTB&23025-CAESEFnvxqKmN8vMjY9dRB3MP4I; KRTBCOOKIE_188=3189-3bca5b9b-e212-4741-b3b1-79260df8c15d-60946e5c-4348; chkChromeAb67Sec=2; DPSync3=1621468800%3A201_227_219_197_232_226_221%7C1620345600%3A174; SyncRTB3=1621468800%3A81_165_189_222_55_230_71_166_88_204_234_54_8_161_7_56_22_3_99_21_13_220_176%7C1620864000%3A67_15_2_223%7C1621555200%3A35%7C1621123200%3A63%7C1622851200%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 06 May 2021 22:31:57 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-BTsXeaJtpCtTTSyY7ypCWw2n; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 22:31:57 GMT; path=/ PugT=1620340317; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 22:31:57 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 04-Aug-2021 22:31:57 GMT; path=/
X-lat
amspug015:0:411
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Thu, 06 May 2021 22:31:59 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=BTsXeaJtpCtTTSyY7ypCWw2n; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=BTsXeaJtpCtTTSyY7ypCWw2n
strict-transport-security
max-age=0; includeSubDomains;
dpe
ad4m.at/ad/ Frame 9CB6 		42 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c03b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 06 May 2021 22:31:58 GMT
content-type
image/gif
content-length
42
set-cookie
__cfduid=db462514870f05c595989ab940aa9bbb81620340318; expires=Sat, 05-Jun-21 22:31:58 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7d3s
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
09e5683a0900002bf21c901000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64b5a97009b12bf2-FRA
Pug
simage2.pubmatic.com/AdServer/ Frame 512C
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=C0B8DCA6-4544-4BC6-B95F-C7A276B84852; KRTBCOOKIE_1101=23040-6959308665611614348; PUBMDCID=3; KRTBCOOKIE_218=22978-YJRuWwAAziE1gwA4&KRTB&23194-YJRuWwAAziE1gwA4&KRTB&23209-YJRuWwAAziE1gwA4&KRTB&23244-YJRuWwAAziE1gwA4; KRTBCOOKIE_391=22924-4232242844760825305&KRTB&23263-4232242844760825305; KRTBCOOKIE_22=14911-4566350889066153267; KRTBCOOKIE_377=6810-6f5b57e8-58b1-4c2f-8ab8-4329b8f9ea3d&KRTB&22918-6f5b57e8-58b1-4c2f-8ab8-4329b8f9ea3d&KRTB&23031-6f5b57e8-58b1-4c2f-8ab8-4329b8f9ea3d; KRTBCOOKIE_336=5844-1514147791061770928; KRTBCOOKIE_699=22727-AABt9E7BKN0AADEs5oZmag; KRTBCOOKIE_153=1923-_TGlzP1kqcHmN6uZ82Sxnv83pcjmM_-c_mVkFtji&KRTB&19420-_TGlzP1kqcHmN6uZ82Sxnv83pcjmM_-c_mVkFtji&KRTB&22979-_TGlzP1kqcHmN6uZ82Sxnv83pcjmM_-c_mVkFtji; KRTBCOOKIE_57=22776-9016660716835022949; PugT=1620340317; KRTBCOOKIE_80=16514-CAESEFnvxqKmN8vMjY9dRB3MP4I&KRTB&22987-CAESEFnvxqKmN8vMjY9dRB3MP4I&KRTB&23025-CAESEFnvxqKmN8vMjY9dRB3MP4I; KRTBCOOKIE_188=3189-3bca5b9b-e212-4741-b3b1-79260df8c15d-60946e5c-4348; chkChromeAb67Sec=2; DPSync3=1621468800%3A201_227_219_197_232_226_221%7C1620345600%3A174; SyncRTB3=1621468800%3A81_165_189_222_55_230_71_166_88_204_234_54_8_161_7_56_22_3_99_21_13_220_176%7C1620864000%3A67_15_2_223%7C1621555200%3A35%7C1621123200%3A63%7C1622851200%3A203; SPugT=1620340317; KRTBCOOKIE_409=22966-BTsXeaJtpCtTTSyY7ypCWw2n
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 06 May 2021 22:31:59 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-lat
lhrpug005:2:199
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Encoding
gzip

Redirect headers

set-cookie
viewer_token=2a320b86-1d7e-4ef3-a77c-980466374f7f; path=/; domain=csync.loopme.me; Expires=Sun, 06-Jun-2021 22:31:59 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Thu, 06 May 2021 22:31:59 GMT
server
_
i.match
s.tribalfusion.com/z/ Frame ADAB
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=acnoeUr2PKsFuYnT0tHZbQoSsmW1Hm6kWRSqfmhuZd
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 06 May 2021 22:31:59 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=defb23a232218a82f9c17bae5aa7cd09d1620340318; expires=Sat, 05-Jun-21 22:31:58 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aXnsIHOZb3VhUEjUAvMikd35rZb7qxatKYl5VcmhgsNnI7r94lIKPZbBCf75qAwZdlsU2O8BmZaUVYujxII3DQSUZdkVcb; path=/; domain=.tribalfusion.com; expires=Wed, 04-Aug-2021 22:31:59 GMT; SameSite=None; Secure; ANON_ID_old=aXnsIHOZb3VhUEjUAvMikd35rZb7qxatKYl5VcmhgsNnI7r94lIKPZbBCf75qAwZdlsU2O8BmZaUVYujxII3DQSUZdkVcb; path=/; domain=.tribalfusion.com; expires=Wed, 04-Aug-2021 22:31:59 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
09e5683ac500004e32c18a6000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64b5a9713c8a4e32-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Thu, 06 May 2021 22:31:58 GMT
content-type
text/html
set-cookie
__cfduid=defb23a232218a82f9c17bae5aa7cd09d1620340318; expires=Sat, 05-Jun-21 22:31:58 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=acnoeUr2PKsFuYnT0tHZbQoSsmW1Hm6kWRSqfmhuZd; path=/; domain=.tribalfusion.com; expires=Wed, 04-Aug-2021 22:31:58 GMT; SameSite=None; Secure; ANON_ID_old=acnoeUr2PKsFuYnT0tHZbQoSsmW1Hm6kWRSqfmhuZd; path=/; domain=.tribalfusion.com; expires=Wed, 04-Aug-2021 22:31:58 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
296
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
09e5683a1200004e32d981b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64b5a97019f04e32-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame AF10
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=UooWvvXuhaFT&pid=557219
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=UooWvvXuhaFT&pid=557219
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=C0B8DCA6-4544-4BC6-B95F-C7A276B84852; KRTBCOOKIE_1101=23040-6959308665611614348; PUBMDCID=3; KRTBCOOKIE_218=22978-YJRuWwAAziE1gwA4&KRTB&23194-YJRuWwAAziE1gwA4&KRTB&23209-YJRuWwAAziE1gwA4&KRTB&23244-YJRuWwAAziE1gwA4; KRTBCOOKIE_391=22924-4232242844760825305&KRTB&23263-4232242844760825305; KRTBCOOKIE_22=14911-4566350889066153267; KRTBCOOKIE_377=6810-6f5b57e8-58b1-4c2f-8ab8-4329b8f9ea3d&KRTB&22918-6f5b57e8-58b1-4c2f-8ab8-4329b8f9ea3d&KRTB&23031-6f5b57e8-58b1-4c2f-8ab8-4329b8f9ea3d; SPugT=1620340315; KRTBCOOKIE_336=5844-1514147791061770928; KRTBCOOKIE_699=22727-AABt9E7BKN0AADEs5oZmag; KRTBCOOKIE_153=1923-_TGlzP1kqcHmN6uZ82Sxnv83pcjmM_-c_mVkFtji&KRTB&19420-_TGlzP1kqcHmN6uZ82Sxnv83pcjmM_-c_mVkFtji&KRTB&22979-_TGlzP1kqcHmN6uZ82Sxnv83pcjmM_-c_mVkFtji; KRTBCOOKIE_57=22776-9016660716835022949; PugT=1620340317; KRTBCOOKIE_80=16514-CAESEFnvxqKmN8vMjY9dRB3MP4I&KRTB&22987-CAESEFnvxqKmN8vMjY9dRB3MP4I&KRTB&23025-CAESEFnvxqKmN8vMjY9dRB3MP4I; KRTBCOOKIE_188=3189-3bca5b9b-e212-4741-b3b1-79260df8c15d-60946e5c-4348; chkChromeAb67Sec=2; DPSync3=1621468800%3A201_227_219_197_232_226_221%7C1620345600%3A174; SyncRTB3=1621468800%3A81_165_189_222_55_230_71_166_88_204_234_54_8_161_7_56_22_3_99_21_13_220_176%7C1620864000%3A67_15_2_223%7C1621555200%3A35%7C1621123200%3A63%7C1622851200%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 06 May 2021 22:31:58 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 04-Aug-2021 22:31:58 GMT; path=/
X-lat
lhrpug006:0:400
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-stage-0
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
set-cookie
V=UooWvvXuhaFT;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sun, 01-May-2022 22:31:58 GMT;Max-Age=31104000;SameSite=None
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=UooWvvXuhaFT&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 05F6
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=4bf6dfe7-8304-4a92-b383-5051e3339845-tuct78df3e0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=4bf6dfe7-8304-4a92-b383-5051e3339845-tuct78df3e0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=4bf6dfe7-8304-4a92-b383-5051e3339845-tuct78df3e0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=4bf6dfe7-8304-4a92-b383-5051e3339845-tuct78df3e0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 06 May 2021 22:32:00 GMT
via
1.1 varnish
x-served-by
cache-fra19146-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1620340320.397803,VS0,VE9
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=4bf6dfe7-8304-4a92-b383-5051e3339845-tuct78df3e0;Version=1;Path=/;Domain=.taboola.com;Expires=Fri, 06-May-2022 22:32:00 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=4bf6dfe7-8304-4a92-b383-5051e3339845-tuct78df3e0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Thu, 06 May 2021 22:32:00 GMT
via
1.1 varnish
x-served-by
cache-fra19146-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1620340320.302544,VS0,VE57
x-vcl-time-ms
57
content-length
0
mw
mwzeom.zeotap.com/ Frame 4E74
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=C0B8DCA6-4544-4BC6-B95F-C7A276B84852
  • https://spl.zeotap.com/?zdid=1332&zcluid=8907b3e4e0470fbc
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fc5091d7-b5c5-4a0f-5bcb-b45c6c516076&reqId=f6ed399e-2e51-4b1d-4103-e7de95b209a7&zclui...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fc5091d7-b5c5-4a0f-5bcb-b45c6c516076&reqId=f6ed399e-2e51-4b1d-4103-e7de95b209a7&zclu...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESENdGeAPejHuFgdlkSIeviD4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fc5091d7-b5c5-4a0f-5bcb-b45c6c516076&reqId=f6ed399e-2e51-4b1d-4103-e7d...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESENdGeAPejHuFgdlkSIeviD4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fc5091d7-b5c5-4a0f-5bcb-b45c6c516076&reqId=f6ed399e-2e51-4b1d-4103-e7de95b209a7&zcluid=8907b3e4e0470fbc&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:32:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
64b5a97a1b1d4e1f-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09e568404e00004e1f2c837000000001

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESENdGeAPejHuFgdlkSIeviD4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fc5091d7-b5c5-4a0f-5bcb-b45c6c516076&reqId=f6ed399e-2e51-4b1d-4103-e7de95b209a7&zcluid=8907b3e4e0470fbc&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 4E74
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3
0
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:01 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 06 May 2021 22:31:29 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x15
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 06 May 2021 22:31:28 GMT
/
loadm.exelator.com/load/ Frame 4E74
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=71&buid=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&gdpr=0&gdpr_consent=&j=0
  • https://loadm.exelator.com/load/?p=204&g=71&buid=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:32:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Thu, 06 May 2021 22:32:00 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=71&buid=C0B8DCA6-4544-4BC6-B95F-C7A276B84852&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 4E74
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzBCOERDQTYtNDU0NC00QkM2LUI5NUYtQzdBMjc2Qjg0ODUy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:31:57 GMT
X-lat
amspug010:0:359
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:31:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4E74
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3005018923156814124
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3005018923156814124
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:00 GMT
X-lat
lhrpug009:0:357
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:00 GMT
X-Proxy-Origin
91.132.136.84; 91.132.136.84; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.142:80
AN-X-Request-Uuid
1a478c5d-e75f-4834-9a48-e0ed2c9e9ff8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3005018923156814124
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4E74
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2ec6d0c9-dee6-42bb-8480-72adfb575022
42 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2ec6d0c9-dee6-42bb-8480-72adfb575022
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:00 GMT
X-lat
lhrpug009:0:624
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2ec6d0c9-dee6-42bb-8480-72adfb575022
date
Thu, 06 May 2021 22:32:00 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
abt
capi.connatix.com/tr/ Frame D9A3 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=116015
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.99.24 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 06 May 2021 22:31:58 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://start.mybluelight.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
enqueue
stats-api.bannersnack.com/v1/ Frame 3C99 		20 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats-api.bannersnack.com/v1/enqueue
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5b39e6bc8c914a4c1a02fb556f0c84e2b4baa4d45c04a00039e4548da480574d

Request headers

Referer
https://live-tag.bannersnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 06 May 2021 22:31:59 GMT
via
1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amzn-requestid
752a4545-0294-43ba-9632-34c8d9d67c3d
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-60946e5f-2537a93b33846d9f194a0582
x-amz-apigw-id
e7Yu9EZyoAMF_3A=
content-length
20
x-amz-cf-id
JUgd9GHMWlDp2sUOTCTEgZU92DjtuczcIt4qLmPTj-bw3TidgV6isA==
enqueue
stats-api.bannersnack.com/v1/ Frame 65E5 		20 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats-api.bannersnack.com/v1/enqueue
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5b39e6bc8c914a4c1a02fb556f0c84e2b4baa4d45c04a00039e4548da480574d

Request headers

Referer
https://live-tag.bannersnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 06 May 2021 22:31:59 GMT
via
1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amzn-requestid
6a0d0ca6-1645-44af-9367-1a94f5dab652
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-60946e5f-170de5392956d9bb631ce410
x-amz-apigw-id
e7Yu9EWtoAMFipg=
content-length
20
x-amz-cf-id
m7NO-48sEiyv7hwoiikwVZVXaiSV_wYexswjPhrYpD6n6LJRXMcC1g==
enqueue
stats-api.bannersnack.com/v1/ Frame 83D0 		20 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats-api.bannersnack.com/v1/enqueue
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5b39e6bc8c914a4c1a02fb556f0c84e2b4baa4d45c04a00039e4548da480574d

Request headers

Referer
https://live-tag.bannersnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 06 May 2021 22:31:59 GMT
via
1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amzn-requestid
6450f60a-df20-4f42-ba2d-8908f4004713
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-60946e5f-1e63879726624b7728660af6
x-amz-apigw-id
e7Yu9FbcoAMFY9g=
content-length
20
x-amz-cf-id
pddoFf8GIBzKVfg2xhsTkzSrUA2Seu4BhtPo84aKybywvftqhhgHug==
enqueue
stats-api.bannersnack.com/v1/ Frame 87E7 		20 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats-api.bannersnack.com/v1/enqueue
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5b39e6bc8c914a4c1a02fb556f0c84e2b4baa4d45c04a00039e4548da480574d

Request headers

Referer
https://live-tag.bannersnack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 06 May 2021 22:31:59 GMT
via
1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amzn-requestid
796e6d33-40e9-4024-9b59-05e7c89fb89b
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-60946e5f-546fe53531d6eeee5ca8aff5
x-amz-apigw-id
e7Yu9HlFIAMFRFg=
content-length
20
x-amz-cf-id
BfSkmpnelm27V8NWYelR_8FWx0pwxDtUa8pHRBk_rN1ldJwbGuK7zQ==
st
capi.connatix.com/tr/ Frame D9A3 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=116015
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.99.24 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 06 May 2021 22:32:01 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://start.mybluelight.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 8CE8 		42 B
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C3154W26UYKKhC5rl-gaKwID4C9yNmcVix8nkvuINsJAfEAEg0pbmOGD1lc6B4ASgAe3xtdoDyAEFqQKZ6G7ZRneyPuACAKgDAZgEAKoEpAJP0PWFkLZ4hiSwvcK_AJ1VX32oyRHEdxiXNuk1MLcOWxs4PzS4ozhvIyWL6t6BtrdftOklDopYZDCvT7FcQA0Wd4KXmnreni2Qw4N_e81LxGcIYiNo9OUSJW7ZbfSAgmGKVuhq8xDv8_fKRNd7eRKvOGR1rMUHgFvyVs5XtP6qwZptV7Uh_bORRIIbjljswOz30AWCu8D4W9JaoIzclJ5qxFu04FE6-izj2A7394DeS53ABMC3YCFQxOQSNVFV9SZ-buL9rxq0oY1inCDwjCCnRsUuUjbmCXnGeI3S5vXxnFgPOj2dVDf1ywD06o-x9tJHEhiQwEky7XhZx7v4UXCD96xAF1BhHwTxXWSF3WzkggAlTQrnpSB-4Sn9XKgcpT-AlHypwATG-_KHuwPgBAGgBlSAB7C58SmoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIIBwiAYRABGB3yCBthZHgtc3Vic3luLTY1MDg1NzM4NTQwOTg2ODaACgPICwHYEw3QFQHiFgIIAYAXAQ&sigh=fZPmrJobJ8k&cmd=Ch1jYS12aWRlby1wdWItMTkyOTYxNTY5NDM3MzEwMxAAGAI&label=videoplaytime25&ad_mt=4948&acvw=sv%3D894%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D585,516,838,966%26tos%3D5478,0,0,0,0%26mtos%3D5478,5478,5478,5478,5478%26amtos%3D0,0,0,0,0%26mcvt%3D5478%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5478%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1330%26pst%3D554%26dur%3D19017%26vmtime%3D4948%26dtos%3D3385%26dtoss%3D2%26dvs%3D3385%26dfvs%3D3385%26dvpt%3D3385%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D5478,5478,5478,5478,5478%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1159%26femvt%3D0%26emc%3D29%26emuc%3D0%26emb%3D29,0,0,0,0%26avms%3Dexc%26qi%3D679419909%26psm%3D-2147483617%26psv%3D-2147483617%26psfv%3D-2147483617%26psa%3D0%26ptlt%3D1620340321838%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5478&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1620340315545&sdkv=h.3.454.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3MzExNDk0NDcxMTIMNTE4MDU1MjUxOTcwQNwCUiAQDyUAAMBBKAE6B3Vua25vd25CB3Vua25vd25I1ARQABgB
Requested by
Host: start.mybluelight.com
URL: https://start.mybluelight.com/start/sp.do?cf=EOW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aq
capi.connatix.com/tr/ Frame D9A3 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/aq?v=116015
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.99.24 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 06 May 2021 22:32:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://start.mybluelight.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
pv
track.mybluelight.com/s/ 		43 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.mybluelight.com/s/pv?s=999999&a=sp&p=donesp2017&d=null&i=1F3222E8A11175331BA7DE112A7118F2.VGS-AS04&cf=EOW&srt=54000994&crt=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
64.136.45.33 , United States, ASN13446 (AS-NETZERO, US),
Reverse DNS
track.dca.mybluelight.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:02 GMT
Server
Apache-Coyote/1.1
Transfer-Encoding
chunked
P3P
policyref="http://www.mybluelight.com/common/w3c/bluelight.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND PHY ONL UNI FIN COM NAV INT DEM PRE LOC"
Cache-Control
no-cache,post-check=0,pre-check=0
X-User
Content-Type
image/gif
Expires
0
syncframe
gum.criteo.com/ Frame 315E 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=start.mybluelight.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=start.mybluelight.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://start.mybluelight.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://start.mybluelight.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1563
date
Thu, 06 May 2021 22:32:01 GMT
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db19328dc1a4880732e831fe19e72a132b989ba777d221521d766e93172c1376
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 May 2021 22:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7597
x-xss-protection
0
Cookie set beacon
ap.lijit.com/ Frame 43F3 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13392629&uid=united_online
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
c76775dea2af7bbf373076de2864a319e917e18d219923ddcf1125777af28878

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://start.mybluelight.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
_ljtrtb_56=RX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003; ljt_reader=75dceddf9fb94857879a4914; ljtrtbexp=eJyrVrIwUbIyNDMyNDWxtDQ01lGyMEXlm5qh8g0NUPkmxsj8WgCbkRBY; ljtrtb=eJwVy9EKgjAUgOF32XWDs52dudOdmiEoYVIg3YRuGhFhYdBF9O6t6%2F%2F7P4KsWIu2k8SjDn5giWy8NGpi2fuB5DQ6PRAFrShIABQr4Uxc%2FNoEZWFyAdgyWkqo1yZScB6VJ%2BK%2FpCjTNHtxkWTVDtJ0Uyw0n%2B79JVaDsUKz3Y8hv3XloWZlFny2RcU1Hkus3Xt%2BgO2ac3LNxfcHoass2g%3D%3D; _ljtrtb_10=1871878969834174420
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://start.mybluelight.com/

Response headers

Server
nginx
Date
Thu, 06 May 2021 22:32:02 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJxdkDkOwzAMBP%2BiOgXvI18z%2FHfLdoCAWw4l7Q51LF5fDiGTSJHPkgfZrfvGiMk6MXmyE8GECRgK8i2gNuebuzvnjT0pyACpgo4Cy7I%2Fs252YMgTfA9G8nPWUn845w4Keaazzxp%2BLea54740jc4LWnFVsQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 06-May-2022 22:32:02 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJwVy9EKgjAUgOF32XWDs52dudOdmiEoYVIg3YRuGhFhYdBF9O6t6%2F%2F7P4KsWIu2k8SjDn5giWy8NGpi2fuB5DQ6PRAFrShIABQr4Uxc%2FNoEZWFyAdgyWkqo1yZScB6VJ%2BK%2FpCjTNHtxkWTVDtJ0Uyw0n%2B79JVaDsUKz3Y8hv3XloWZlFny2RcU1Hkus3Xt%2BgO2ac3LNxfcHoass2g%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 06-May-2022 22:32:02 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=75dceddf9fb94857879a4914;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap7ams1
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 06 May 2021 22:32:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 8880 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://start.mybluelight.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://start.mybluelight.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 06 May 2021 18:55:17 GMT
expires
Fri, 06 May 2022 18:55:17 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
13005
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 8CE8 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C3154W26UYKKhC5rl-gaKwID4C9yNmcVix8nkvuINsJAfEAEg0pbmOGD1lc6B4ASgAe3xtdoDyAEFqQKZ6G7ZRneyPuACAKgDAZgEAKoEpAJP0PWFkLZ4hiSwvcK_AJ1VX32oyRHEdxiXNuk1MLcOWxs4PzS4ozhvIyWL6t6BtrdftOklDopYZDCvT7FcQA0Wd4KXmnreni2Qw4N_e81LxGcIYiNo9OUSJW7ZbfSAgmGKVuhq8xDv8_fKRNd7eRKvOGR1rMUHgFvyVs5XtP6qwZptV7Uh_bORRIIbjljswOz30AWCu8D4W9JaoIzclJ5qxFu04FE6-izj2A7394DeS53ABMC3YCFQxOQSNVFV9SZ-buL9rxq0oY1inCDwjCCnRsUuUjbmCXnGeI3S5vXxnFgPOj2dVDf1ywD06o-x9tJHEhiQwEky7XhZx7v4UXCD96xAF1BhHwTxXWSF3WzkggAlTQrnpSB-4Sn9XKgcpT-AlHypwATG-_KHuwPgBAGgBlSAB7C58SmoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIIBwiAYRABGB3yCBthZHgtc3Vic3luLTY1MDg1NzM4NTQwOTg2ODaACgPICwHYEw3QFQHiFgIIAYAXAQ&sigh=fZPmrJobJ8k&cmd=Ch1jYS12aWRlby1wdWItMTkyOTYxNTY5NDM3MzEwMxAAGAI&label=video_skip_shown&ad_mt=5199&acvw=sv%3D894%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D585,516,838,966%26p0%3D585,516,838,966%26p1%3D585,516,838,966%26tos%3D5728,0,0,0,0%26mtos%3D5728,5728,5728,5728,5728%26amtos%3D0,0,0,0,0%26mtos1%3D5478,0,0%26mcvt%3D5728%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5728%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1537%26pst%3D554%26dur%3D19017%26vmtime%3D5199%26is%3D275%26i0%3D275%26i1%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26c1%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D250,250,250,250,250%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1159%26femvt%3D0%26emc%3D30%26emuc%3D0%26emb%3D30,0,0,0,0%26avms%3Dexc%26qi%3D679419909%26psm%3D-2147483585%26psv%3D-2147483585%26psfv%3D-2147483585%26psa%3D0%26ptlt%3D1620340322089%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5728%26ss0%3D0.05%26ss1%3D0.05&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.05%26t%3D1620340315545&sdkv=h.3.454.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3MzExNDk0NDcxMTIMNTE4MDU1MjUxOTcwQNwCUiAQDyUAAMBBKAE6B3Vua25vd25CB3Vua25vd25I1ARQABgB
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
h4bqBfzbNhyfW_h1rVmWXBQaJ_zHuZxkYqdqs1GA3F4.js
pagead2.googlesyndication.com/bg/ Frame 8880 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/h4bqBfzbNhyfW_h1rVmWXBQaJ_zHuZxkYqdqs1GA3F4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8786ea05fcdb361c9f5bf875ad59965c141a27fcc7b99c6462a76ab35180dc5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 16:38:25 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 03 May 2021 10:48:00 GMT
server
sffe
age
194017
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5698
x-xss-protection
0
expires
Wed, 04 May 2022 16:38:25 GMT
merge
ce.lijit.com/ Frame 43F3
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=75dceddf9fb94857879a4914/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent=
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=75dceddf9fb94857879a4914/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=5001&3pid=570137fbd57db8fc31612670fa0c36ce&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=5001&3pid=570137fbd57db8fc31612670fa0c36ce&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:02 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:02 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ce.lijit.com/merge?pid=5001&3pid=570137fbd57db8fc31612670fa0c36ce&gdpr=0&gdpr_consent=
cache-control
no-cache
x-server
10.45.25.48
content-length
0
expires
0
reporting
ap.lijit.com/dsp/google/ Frame 43F3
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=NzVkY2VkZGY5ZmI5NDg1Nzg3OWE0OTE0
  • https://ap.lijit.com/dsp/google/reporting
43 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/dsp/google/reporting
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:02 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ap.lijit.com/dsp/google/reporting
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
238
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 43F3
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=yk5KnuSNyFBd&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=yk5KnuSNyFBd&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:02 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://ce.lijit.com/merge?pid=49&3pid=yk5KnuSNyFBd&ev=1&pid=558511&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-vkc5h
expires
-1
merge
ce.lijit.com/ Frame 43F3
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=3005018923156814124&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=3005018923156814124&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:02 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:02 GMT
X-Proxy-Origin
91.132.136.84; 91.132.136.84; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.77:80
AN-X-Request-Uuid
c348b2c5-b255-4553-ba92-0dbc2069c47a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ce.lijit.com/merge?pid=12&3pid=3005018923156814124&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 43F3 		45 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=sov&ovsid=75dceddf9fb94857879a4914&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1023%263pid%3D%24%7BUSER%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Thu, 06 May 2021 22:32:02 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 06 May 2021 22:32:02 GMT
merge
ce.lijit.com/ Frame 43F3
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1620340322135&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=92A3FB32CF24423295B57FEF7DADC14C
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=92A3FB32CF24423295B57FEF7DADC14C
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:02 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Thu, 06 May 2021 22:32:02 GMT
x-content-type-options
nosniff
server
nginx
location
https://ce.lijit.com/merge?pid=2&3pid=92A3FB32CF24423295B57FEF7DADC14C
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Wed, 05 May 2021 22:32:02 GMT
merge
ce.lijit.com/ Frame 43F3
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=182e41fb-8a9c-4292-83b6-0c5cce7e7fe4-60946e62-4348&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=182e41fb-8a9c-4292-83b6-0c5cce7e7fe4-60946e62-4348&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:02 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:01 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=182e41fb-8a9c-4292-83b6-0c5cce7e7fe4-60946e62-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 43F3
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NzVkY2VkZGY5ZmI5NDg1Nzg3OWE0OTE0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NzVkY2VkZGY5ZmI5NDg1Nzg3OWE0OTE0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 06 May 2021 22:32:02 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NzVkY2VkZGY5ZmI5NDg1Nzg3OWE0OTE0
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame 43F3
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=27&uid=75dceddf9fb94857879a4914&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=66&3pid=577306398447
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=66&3pid=577306398447
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:02 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://ce.lijit.com/merge?pid=66&3pid=577306398447
merge
ce.lijit.com/ Frame 43F3
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=reLeMpMclYqpO0dbclZB&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=reLeMpMclYqpO0dbclZB&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:03 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=reLeMpMclYqpO0dbclZB&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
pragma
no-cache
date
Thu, 06 May 2021 22:32:03 GMT, Thu, 06 May 2021 22:32:03 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
rtb.mfadsrvr.com/ Frame 43F3 		0
0
cm
p.rfihub.com/ Frame 43F3 		0
0
generic
data.adsrvr.org/track/cmf/ Frame 43F3 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
merge
ce.lijit.com/ Frame 43F3
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=KODGSI2V-1S-AOYY&gdpr=0
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=KODGSI2V-1S-AOYY&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:05 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ce.lijit.com/merge?pid=83&3pid=KODGSI2V-1S-AOYY&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
merge
ce.lijit.com/ Frame 43F3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=75dceddf9fb94857879a4914&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:02 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Thu, 06 May 2021 22:31:30 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 06 May 2021 22:31:29 GMT
merge
ce.lijit.com/ Frame 43F3
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=KODGSI2V-1S-AOYY&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=KODGSI2V-1S-AOYY&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:04 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ce.lijit.com/merge?pid=80&3pid=KODGSI2V-1S-AOYY&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
Expires
0
merge
ce.lijit.com/ Frame 43F3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=19f1618b-fd29-4fd8-9321-db36db1f52b1
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk283b88e3-c228-40ed-a42f-850e5680a19b&expires=7&user_group=5&ssp=fmx&bsw_param=19f1618b-fd29-4fd8-9321-db36db1f52b1
  • https://ce.lijit.com/merge?pid=26&3pid=19f1618b-fd29-4fd8-9321-db36db1f52b1
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=19f1618b-fd29-4fd8-9321-db36db1f52b1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:03 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=26&3pid=19f1618b-fd29-4fd8-9321-db36db1f52b1
date
Thu, 06 May 2021 22:32:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
iu3
aax-eu.amazon-adsystem.com/s/ Frame 43F3
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:02 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2D90 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ap.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1074=22956-e_2ec6d0c9-dee6-42bb-8480-72adfb575022; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&16736-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23019-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23114-uid:f34d6094-6e61-4400-b50c-3f9391941115; PugT=1620340321; KADUSERCOOKIE=3D16A8B2-6B0E-42C7-B409-977568EE93CF; SPugT=1620340321
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=76166
Expires
Fri, 07 May 2021 19:41:29 GMT
Date
Thu, 06 May 2021 22:32:03 GMT
Connection
keep-alive
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0115 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ap.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1074=22956-e_2ec6d0c9-dee6-42bb-8480-72adfb575022; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&16736-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23019-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23114-uid:f34d6094-6e61-4400-b50c-3f9391941115; PugT=1620340321; KADUSERCOOKIE=3D16A8B2-6B0E-42C7-B409-977568EE93CF; SPugT=1620340321
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=76166
Expires
Fri, 07 May 2021 19:41:29 GMT
Date
Thu, 06 May 2021 22:32:03 GMT
Connection
keep-alive
Vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame 6C81
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_c...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&g...
776 B
777 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
a2be4d1e700eaf4328549b773d1f9c6345dfafd916614b47c4a9ed40d28bd023

Request headers

:method
GET
:authority
us-u.openx.net
:scheme
https
:path
/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ap.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=f9485278-69b7-0b01-0f01-b10f97f9490f|1620340322
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=f9485278-69b7-0b01-0f01-b10f97f9490f|1620340322; Version=1; Expires=Fri, 06-May-2022 22:32:02 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620340322|gekin0vNiygu; Version=1; Expires=Fri, 21-May-2021 22:32:02 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 06 May 2021 22:32:02 GMT
content-type
text/html
content-length
474
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=f9485278-69b7-0b01-0f01-b10f97f9490f|1620340322; Version=1; Expires=Fri, 06-May-2022 22:32:02 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
date
Thu, 06 May 2021 22:32:02 GMT
content-length
0
via
1.1 google
alt-svc
clear
Cookie set merge
ce.lijit.com/ Frame 6631
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=4271185589018318154&gdpr=0&gdpr_consent=
43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=4271185589018318154&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host
ce.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ap.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
_ljtrtb_56=RX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003; ljt_reader=75dceddf9fb94857879a4914; ljtrtb=eJwVy9EKgjAUgOF32XWDs52dudOdmiEoYVIg3YRuGhFhYdBF9O6t6%2F%2F7P4KsWIu2k8SjDn5giWy8NGpi2fuB5DQ6PRAFrShIABQr4Uxc%2FNoEZWFyAdgyWkqo1yZScB6VJ%2BK%2FpCjTNHtxkWTVDtJ0Uyw0n%2B79JVaDsUKz3Y8hv3XloWZlFny2RcU1Hkus3Xt%2BgO2ac3LNxfcHoass2g%3D%3D; _ljtrtb_10=1871878969834174420; ljtrtbexp=eJxdkDkOwzAMBP%2BiOgXvI18z%2FHfLdoCAWw4l7Q51LF5fDiGTSJHPkgfZrfvGiMk6MXmyE8GECRgK8i2gNuebuzvnjT0pyACpgo4Cy7I%2Fs252YMgTfA9G8nPWUn845w4Keaazzxp%2BLea54740jc4LWnFVsQ%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

Server
nginx
Date
Thu, 06 May 2021 22:32:02 GMT
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
_ljtrtb_10=1871878969834174420;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_56=RX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None ljtrtb=eJwVzEFrwzAMhuH%2F4vMMsiXZVm9plxFIGFnYIOxSEjsZpYxsZNBD2X%2BfBro976e74WAOZhgty%2BJLnsWiULbkVrFTntmuS%2FIzc%2FGOiwVA82AS6SQfqLgAayogQTBw5MmTppAyusws%2FyVrWVXHH6njsX2Gqnqsd97eP6cPVQeqLkW9pD8SkotEHpQIlaB%2FelnK6To2r5042vF7qFvp8K3BLt22Lwhjf46Xk%2Fn9Ay7CMho%3D;Path=/;Domain=.lijit.com;Expires=Fri, 06-May-2022 22:32:02 GMT;Max-Age=31536000;Secure;SameSite=None _ljtrtb_1=4271185589018318154;Path=/;Domain=.lijit.com;Expires=Fri, 06-May-2022 22:32:02 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxdkDkOwzAMBP%2BiOgXvI18z%2FHfLdoCAWw4l7Q51LF5fDiGTSJHPkgfZrfvGiMk6MXmyE8GECRgK8i2gNuebuzvnjT0pyACpgo4Cy7I%2Fs252YMgTfA9G8nPWUn845w4Keaazzxp%2BLea54740jc4LWnFVsQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 06-May-2022 22:32:02 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=75dceddf9fb94857879a4914;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap6ams1

Redirect headers

p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
set-cookie
uid=4271185589018318154; Domain=.turn.com; Expires=Tue, 02-Nov-2021 22:32:02 GMT; Path=/; Secure; SameSite=None
location
https://ce.lijit.com/merge?pid=1&3pid=4271185589018318154&gdpr=0&gdpr_consent=
content-length
0
date
Thu, 06 May 2021 22:32:01 GMT
0608867b
rtb.gumgum.com/usync/ Frame 7C0E 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13392629&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d848b8739fca8cb05a91f34fa152719ad035b7a7caf7ffe45953d447e8818495

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ap.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_2ec6d0c9-dee6-42bb-8480-72adfb575022
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

date
Thu, 06 May 2021 22:32:02 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
etag
W/"0ae6151925d2fc96f1d7a7ad494dc1cc5"
timing-allow-origin
*
content-encoding
gzip
usersync
rtb.gumgum.com/ Frame 7C0E
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=3005018923156814124
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=3005018923156814124
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:02 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:02 GMT
X-Proxy-Origin
91.132.136.84; 91.132.136.84; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.105:80
AN-X-Request-Uuid
a515eb70-89ab-4d67-83c4-63f3ba6a76a4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=3005018923156814124
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 7C0E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_2ec6d0c9-dee6-42bb-8480-72adfb575022&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_2ec6d0c9-dee6-42bb-8480-72adfb575022&gdpr=0&gdpr_consent=&us_privacy=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5197838155464045137&ssp=gumgum2
  • https://rtb.gumgum.com/usersync?b=bsw&i=19f1618b-fd29-4fd8-9321-db36db1f52b1
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=19f1618b-fd29-4fd8-9321-db36db1f52b1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:02 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
//rtb.gumgum.com/usersync?b=bsw&i=19f1618b-fd29-4fd8-9321-db36db1f52b1
date
Thu, 06 May 2021 22:32:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookie-sync
sync.outbrain.com/ Frame 7C0E
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28oXeZ44Hb-1X3rVLjfMJ_f567piNoixkJHYP8p0g0DmnPPIeBC86EPofXGBpnLokf%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_2ec6d0c9-dee6-42bb-8480-72adfb575022&obuid=ENC(oXeZ44Hb-1X3rVLjfMJ_f567piNoixkJHYP8p0g0DmnPPIeBC86EPofXGBpnLokf)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=oXeZ44Hb-1X3rVLjfMJ_f567piNoixkJHYP8p0g0DmnPPIeBC86EPofXGBpnLokf
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=oXeZ44Hb-1X3rVLjfMJ_f567piNoixkJHYP8p0g0DmnPPIeBC86EPofXGBpnLokf
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=oXeZ44Hb-1X3rVLjfMJ_f567piNoixkJHYP8p0g0DmnPPIeBC86EPofXGBpnLokf
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:05 GMT
Cache-Control
no-cache
X-TraceId
b056f357df1365094485beafea993faf
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:05 GMT
X-Proxy-Origin
91.132.136.84; 91.132.136.84; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.53:80
AN-X-Request-Uuid
42e37d0d-6b7d-4389-bd92-be656e27ac18
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=oXeZ44Hb-1X3rVLjfMJ_f567piNoixkJHYP8p0g0DmnPPIeBC86EPofXGBpnLokf
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 7C0E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=ddd9c951-e825-0ca0-32ac-690a3b8e7bb4
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=ddd9c951-e825-0ca0-32ac-690a3b8e7bb4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:02 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Thu, 06 May 2021 22:32:02 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=ddd9c951-e825-0ca0-32ac-690a3b8e7bb4
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 7C0E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-128a0db3-6ccc-4ba7-6422-fa136f425730$ip$91.132.136.84
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-128a0db3-6ccc-4ba7-6422-fa136f425730$ip$91.132.136.84
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:03 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-128a0db3-6ccc-4ba7-6422-fa136f425730$ip$91.132.136.84
Date
Thu, 06 May 2021 22:32:03 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 7C0E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-xtoBfWRE2pfHDg8wUeeETnEohv9V0iF38jwv~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-xtoBfWRE2pfHDg8wUeeETnEohv9V0iF38jwv~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:02 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Thu, 06 May 2021 22:32:02 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-xtoBfWRE2pfHDg8wUeeETnEohv9V0iF38jwv~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 7C0E
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=e1a06f38-aeba-11eb-bc02-c149ea2be043
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=e1a06f38-aeba-11eb-bc02-c149ea2be043
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:03 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=e1a06f38-aeba-11eb-bc02-c149ea2be043
Date
Thu, 06 May 2021 22:32:03 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
e1a06f39-aeba-11eb-bc02-c149ea2be043
services
sync.technoratimedia.com/ Frame 7C0E 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:32:07 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
265591685
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 7C0E 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:32:01 GMT
content-length
0
server
a
/
b1sync.zemanta.com/usersync/gumgum/ Frame 7C0E 		0
0
usersync
rtb.gumgum.com/ Frame 7C0E
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=aabe7e09-fbbe-4f42-b8da-afaf14bbc01d
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=aabe7e09-fbbe-4f42-b8da-afaf14bbc01d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:02 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=aabe7e09-fbbe-4f42-b8da-afaf14bbc01d
date
Thu, 06 May 2021 22:32:02 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pug
simage2.pubmatic.com/AdServer/ Frame 7C0E
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8502742850
  • https://sync.1rx.io/usersync/tradedesk/22fe8aa1-4f8a-4049-8a52-8b2373e884a9
  • https://sync.targeting.unrulymedia.com/csync/RX-4f743916-283d-4466-931d-bfbcacf76400-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4f743916-283d-4466-931d-bfbcacf76400-003
42 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4f743916-283d-4466-931d-bfbcacf76400-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:05 GMT
X-lat
lhrpug016:0:537
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4f743916-283d-4466-931d-bfbcacf76400-003
date
Thu, 06 May 2021 22:32:03 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4f743916283d4466931dbfbcacf76400003
content-type
text/html
usersync
rtb.gumgum.com/ Frame 7C0E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=yk5KnuSNyFBd&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=yk5KnuSNyFBd&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:02 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=yk5KnuSNyFBd&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-vkc5h
expires
-1
merge
ce.lijit.com/ Frame 7C0E 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=36&3pid=e_2ec6d0c9-dee6-42bb-8480-72adfb575022
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:02 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 9F1D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_2ec6d0c9-dee6-42bb-8480-72adfb575022
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 06 May 2021 22:32:02 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Thu, 06 May 2021 22:31:30 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3709 11aaa92 master cdg-pixel-x29
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&gdpr=0&gdpr_consent=
Expires
Thu, 06 May 2021 22:31:29 GMT
usersync
rtb.gumgum.com/ Frame 9E2F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YJRuYgAAxwC5uwAC
  • https://rtb.gumgum.com/usersync?b=atm&i=YJRuYgAAxwC5uwAC&gdpr=0&gdpr_consent=&_test=YJRuYgAAxwC5uwAC
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YJRuYgAAxwC5uwAC&gdpr=0&gdpr_consent=&_test=YJRuYgAAxwC5uwAC
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YJRuYgAAxwC5uwAC&gdpr=0&gdpr_consent=&_test=YJRuYgAAxwC5uwAC
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_2ec6d0c9-dee6-42bb-8480-72adfb575022
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 06 May 2021 22:32:02 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YJRuYgAAxwC5uwAC&gdpr=0&gdpr_consent=&_test=YJRuYgAAxwC5uwAC
accept-ranges
bytes
date
Thu, 06 May 2021 22:32:02 GMT
via
1.1 varnish
x-served-by
cache-hhn4052-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1620340322.474776,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 083C 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yZWM2ZDBjOS1kZWU2LTQyYmItODQ4MC03MmFkZmI1NzUwMjI=&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV8yZWM2ZDBjOS1kZWU2LTQyYmItODQ4MC03MmFkZmI1NzUwMjI=&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmCbz2BOiMh3EY3LIZw-Al1aNQ0XPQJSaEcBXU1eOEV1GprgbkFKhSLVqEMjZA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Thu, 06 May 2021 22:32:02 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CA10 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rtb.gumgum.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1074=22956-e_2ec6d0c9-dee6-42bb-8480-72adfb575022; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&16736-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23019-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23114-uid:f34d6094-6e61-4400-b50c-3f9391941115; PugT=1620340321; KADUSERCOOKIE=3D16A8B2-6B0E-42C7-B409-977568EE93CF; SPugT=1620340321
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=76166
Expires
Fri, 07 May 2021 19:41:29 GMT
Date
Thu, 06 May 2021 22:32:03 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame D77E 		0
0
usersync
rtb.gumgum.com/ Frame 7685
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=22fe8aa1-4f8a-4049-8a52-8b2373e884a9&t=1622932322
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=22fe8aa1-4f8a-4049-8a52-8b2373e884a9&t=1622932322
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=ttd&i=22fe8aa1-4f8a-4049-8a52-8b2373e884a9&t=1622932322
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_2ec6d0c9-dee6-42bb-8480-72adfb575022
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 06 May 2021 22:32:02 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Thu, 06 May 2021 22:32:02 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=22fe8aa1-4f8a-4049-8a52-8b2373e884a9&t=1622932322
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
set-cookie
TDID=22fe8aa1-4f8a-4049-8a52-8b2373e884a9; domain=.adsrvr.org; expires=Fri, 06-May-2022 22:32:02 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwia9-SBsLrIORAFOAE.; domain=.adsrvr.org; expires=Fri, 06-May-2022 22:32:02 GMT; path=/; secure; SameSite=None
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame 6F3A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Thu, 06 May 2021 22:32:01 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 7DB5
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YJRua8Co5ucAAL3g7O0AAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YJRua8Co5ucAAL3g7O0AAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YJRua8Co5ucAAL3g7O0AAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 06 May 2021 22:32:11 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Thu, 06 May 2021 22:32:11 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YJRua8Co5ucAAL3g7O0AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Set-Cookie
SOC=YJRua8Co5ucAAL3g7O0AAAAA; path=/; expires=Sat, 6-May-23 22:32:11 GMT; domain=socdm.com; secure; SameSite=None
X-SO-Ads-Time
2
X-SO-HostName
m-ad36.dc4p.scaleout.jp
X-SO-LB-Hostname
a-tgng40016.dc2p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":1,"gdpr":false,"ipv4":"91.132.136.84","key":"YJRua8Co5ucAAL3g7O0AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad36"}
X-SO-Key
YJRua8Co5ucAAL3g7O0AAAAA
X-SO-IP
91.132.136.84
X-SO-Cluster-ID
1
X-SO-Upstream-ID
m-ad36
cm
p.rfihub.com/ Frame F307 		0
0
usersync
rtb.gumgum.com/ Frame 6069
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=reLeMpMclYqpO0dbclZB&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=reLeMpMclYqpO0dbclZB&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=reLeMpMclYqpO0dbclZB&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_2ec6d0c9-dee6-42bb-8480-72adfb575022
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 06 May 2021 22:32:03 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Thu, 06 May 2021 22:32:03 GMT Thu, 06 May 2021 22:32:03 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=reLeMpMclYqpO0dbclZB&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
merge
ce.lijit.com/ Frame 6C81 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=460ab3e1-2a84-0efb-126b-cf418b6f45a0&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:02 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 6C81
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:02 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 06 May 2021 22:31:30 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x3
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 06 May 2021 22:31:29 GMT
sd
us-u.openx.net/w/1.0/ Frame 6C81
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=5RtlfeVOanv-Hmwv50pxf7ESay_-Tm9x4hJtgty3
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=5RtlfeVOanv-Hmwv50pxf7ESay_-Tm9x4hJtgty3
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:02 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=5RtlfeVOanv-Hmwv50pxf7ESay_-Tm9x4hJtgty3
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 6C81
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3376588916070258701
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3376588916070258701
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:02 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:02 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3376588916070258701
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 6C81 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=2ae46d21-c030-34f6-55d7-79e7f3de7af2&gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.69.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 6C81 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDY4YmJlZWItMDk0Ny02YTUyLTQwMzctMjM1ZTM5M2NiNDky
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6C81
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPJlx9moQMKuPzvSg17di-s&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPJlx9moQMKuPzvSg17di-s&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:02 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPJlx9moQMKuPzvSg17di-s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042801&jk=3830630729570559&bg=!y8ilyIzNAAYP3QOmD907ACkAdvg8WqYf7HOy_3sY7-b9Vh-HPa_zHmbN1rjRnl37H86hprbZxpw10wIAAADSUgAAAAxoAQcKAO3q2JnMc7E72_MtVX--gvUFMpcihEaU0bOXa4J40L23KZHWRquwKAQQy3Y4n1C7MBQ4w2hWVk-3jotJaCJM1umABziyZ2Ly_tUhQFWaiq_A1zCcCHPOEKp7h0aVPj6w-cVUZBogKyYq3PG5QD_FO9Kd_EAAYnwjxzW_IULQWilL58B_EwT8xrlSgZ0OI51OZkE-UiXXyUugvG5DmIdsOejWJBXGwiKgNmyk7-r57AaIc1NL9hTcJT2cJendsrADpIQYBBVvPrCYG451G0Cjz1DrEb2mqWSg2K2t9DdzJBY-IHLazcBvCvQXH9SuCayZAkASH-PpRZEuSUHOvYnvnZJ2PqIqz-8GQcewLSZeVcMO0b9PZ1_h-bIe8IgRnnW-c2GfrFBlRkDHiGcMDKPZeo0LrYgnzLAKmM90SMGJDmfhUJ3AyW2TWus7BaivIvT30Hc3vqlzebYl9nn3bQ2eDEJJFzCR_2G0Cdp1xVbqSQuc-rF5yxuqvEeKXlD62Obk9wdm3ut74PgM-18CZbDv8RuMOYS9RxsNAGMFv4n4F-3lLO-vpGaSiDB0mm3cJeh5IeSoQL-_1qWpacYsvS8-7NmZ8UvHk1Fp4HU5H0M8NlbS-IiiQVWMmWbtUdzvKQaM56UMhw2UwZVWoXKd1gdBtxa1ZRfvnj5YY2K385MPiOnCiosb34wIKY2OGcdSoWAEMYpKeSPfZW7AjpyPy4MCto9ry9ORwQSzr53hAAJ86jfmhpFTXd0dO6CO4MZfdXVaMAeQhmpIfmAQ-RoulXGthIC5GBuL1mDomjSJIFXZumvFkd4jKODIwcrALji5ZUOsuE7MUOG7hLV9a4n1JB2qnKj4zc23XWM-1bGeFszjtKsKP79Pwzj_Q6IVPKslg09U5XSkd6mHl3SWyPqL2qNwH9WiZnxs1eZ_wp4XZjUZEd7tDnvOhcFRssYgSPv0km9_B2HBRGSQgU8QwhxkxqQd-xdilFspQFAGDYij6sKJiAVITNqgUhTWP6kz86mJnBk24mdmPwiRLI7_zMMZfCygWIFI4J5mdTATqPmlfENSVbggXBQtuDft8erAjgmLdvrjM1I
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8040 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1074=22956-e_2ec6d0c9-dee6-42bb-8480-72adfb575022; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&16736-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23019-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23114-uid:f34d6094-6e61-4400-b50c-3f9391941115; PugT=1620340321; KADUSERCOOKIE=3D16A8B2-6B0E-42C7-B409-977568EE93CF; SPugT=1620340321
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=89897
Expires
Fri, 07 May 2021 23:30:20 GMT
Date
Thu, 06 May 2021 22:32:03 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame A685 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1074=22956-e_2ec6d0c9-dee6-42bb-8480-72adfb575022; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&16736-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23019-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23114-uid:f34d6094-6e61-4400-b50c-3f9391941115; PugT=1620340321; KADUSERCOOKIE=3D16A8B2-6B0E-42C7-B409-977568EE93CF; SPugT=1620340321
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=89897
Expires
Fri, 07 May 2021 23:30:20 GMT
Date
Thu, 06 May 2021 22:32:03 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3699 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1074=22956-e_2ec6d0c9-dee6-42bb-8480-72adfb575022; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&16736-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23019-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23114-uid:f34d6094-6e61-4400-b50c-3f9391941115; PugT=1620340321; KADUSERCOOKIE=3D16A8B2-6B0E-42C7-B409-977568EE93CF; SPugT=1620340321
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=89897
Expires
Fri, 07 May 2021 23:30:20 GMT
Date
Thu, 06 May 2021 22:32:03 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 8040 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=51234348&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
2b010f07350ac14e9ec84110aae837135b707f050f8fdcbfe70e60e690704662

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:02 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 8040
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJZb53_1D563pdXQYHOPwLg&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJZb53_1D563pdXQYHOPwLg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:04 GMT
X-lat
amspug020:0:402
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJZb53_1D563pdXQYHOPwLg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 8040 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:32:03 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 05 May 2021 22:32:03 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8040
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5197838155464045137
42 B
802 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5197838155464045137
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:04 GMT
X-lat
lhrpug005:0:3207
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:03 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5197838155464045137
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usersync.aspx
dis.criteo.com/dis/ Frame 2ACD 		43 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Thu, 06 May 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1135
date
Thu, 06 May 2021 22:32:03 GMT
content-length
43
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 191B
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5717983315047178940
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5717983315047178940
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1074=22956-e_2ec6d0c9-dee6-42bb-8480-72adfb575022; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&16736-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23019-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23114-uid:f34d6094-6e61-4400-b50c-3f9391941115; PugT=1620340321; KADUSERCOOKIE=3D16A8B2-6B0E-42C7-B409-977568EE93CF; SPugT=1620340321; chkChromeAb67Sec=1; DPSync3=1621468800%3A201_227_226_221; SyncRTB3=1620864000%3A223_67_15_2%7C1621123200%3A63%7C1621468800%3A189_230_176_222_21_13_165_55_220_81_88_161_99_22_204_56_3_8_234_54_7_71_166%7C1621555200%3A35%7C1622851200%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 06 May 2021 22:32:02 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-5717983315047178940; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 22:32:02 GMT; path=/ PugT=1620340322; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 22:32:02 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 04-Aug-2021 22:32:02 GMT; path=/
X-lat
amspug005:0:390
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5717983315047178940
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 8040
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=22fe8aa1-4f8a-4049-8a52-8b2373e884a9
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=22fe8aa1-4f8a-4049-8a52-8b2373e884a9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:05 GMT
X-lat
lhrpug011:0:424
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=22fe8aa1-4f8a-4049-8a52-8b2373e884a9
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 8040
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:04 GMT
X-lat
lhrpug016:0:654
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Thu, 06 May 2021 22:31:31 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 06 May 2021 22:31:30 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8040
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3005018923156814124&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3005018923156814124&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:03 GMT
X-lat
amspug013:0:293
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:04 GMT
X-Proxy-Origin
91.132.136.84; 91.132.136.84; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.76:80
AN-X-Request-Uuid
d00ad4e4-885e-4374-b742-9f936995b762
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3005018923156814124&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8040
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=r-vu6q--4ey07ue4rbr66Pvi4Li0vuTmqOKfDejO
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=r-vu6q--4ey07ue4rbr66Pvi4Li0vuTmqOKfDejO
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:04 GMT
X-lat
amspug009:0:430
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=r-vu6q--4ey07ue4rbr66Pvi4Li0vuTmqOKfDejO
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8040
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=6ba30be7-7b05-4d44-9517-42e5dbcb82af&ssp=pubmatic&user_group=1
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=19f1618b-fd29-4fd8-9321-db36db1f52b1&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=19f1618b-fd29-4fd8-9321-db36db1f52b1&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:05 GMT
X-lat
lhrpug010:0:485
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=19f1618b-fd29-4fd8-9321-db36db1f52b1&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 06 May 2021 22:32:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame D8D0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDTlJFN0JLTjBBQURITERUM3Eydw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACNRE7BKN0AADHLDT3q2w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACNRE7BKN0AADHLDT3q2w&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACNRE7BKN0AADHLDT3q2w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4186993798339832025
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACNRE7BKN0AADHLDT3q2w
42 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACNRE7BKN0AADHLDT3q2w
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1074=22956-e_2ec6d0c9-dee6-42bb-8480-72adfb575022; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&16736-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23019-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23114-uid:f34d6094-6e61-4400-b50c-3f9391941115; PugT=1620340321; KADUSERCOOKIE=3D16A8B2-6B0E-42C7-B409-977568EE93CF; SPugT=1620340321; chkChromeAb67Sec=1; DPSync3=1621468800%3A201_227_226_221; SyncRTB3=1620864000%3A223_67_15_2%7C1621123200%3A63%7C1621468800%3A189_230_176_222_21_13_165_55_220_81_88_161_99_22_204_56_3_8_234_54_7_71_166%7C1621555200%3A35%7C1622851200%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 06 May 2021 22:32:03 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_699=22727-AACNRE7BKN0AADHLDT3q2w; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 22:32:03 GMT; path=/ PugT=1620340323; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 22:32:03 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 04-Aug-2021 22:32:03 GMT; path=/
X-lat
amspug003:0:391
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Date
Thu, 06 May 2021 22:32:04 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACNRE7BKN0AADHLDT3q2w
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 72BB
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959308699979610263
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959308699979610263
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1074=22956-e_2ec6d0c9-dee6-42bb-8480-72adfb575022; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&16736-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23019-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23114-uid:f34d6094-6e61-4400-b50c-3f9391941115; PugT=1620340321; KADUSERCOOKIE=3D16A8B2-6B0E-42C7-B409-977568EE93CF; SPugT=1620340321; chkChromeAb67Sec=1; DPSync3=1621468800%3A201_227_226_221; SyncRTB3=1620864000%3A223_67_15_2%7C1621123200%3A63%7C1621468800%3A189_230_176_222_21_13_165_55_220_81_88_161_99_22_204_56_3_8_234_54_7_71_166%7C1621555200%3A35%7C1622851200%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 06 May 2021 22:32:04 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6959308699979610263; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 22:32:04 GMT; path=/ PugT=1620340324; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 22:32:04 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 04-Aug-2021 22:32:04 GMT; path=/
X-lat
lhrpug004:0:540
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Thu, 06 May 2021 22:32:04 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6959308699979610263; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959308699979610263
Pug
simage2.pubmatic.com/AdServer/ Frame 8040
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c9667447-5839-47b1-b2bd-e0735b0c1038&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c9667447-5839-47b1-b2bd-e0735b0c1038&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:05 GMT
X-lat
lhrpug011:0:376
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c9667447-5839-47b1-b2bd-e0735b0c1038&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 06 May 2021 22:32:04 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 8040
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=182e41fb-8a9c-4292-83b6-0c5cce7e7fe4-60946e62-4348&gdpr=0&gdpr_consent=
42 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=182e41fb-8a9c-4292-83b6-0c5cce7e7fe4-60946e62-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:03 GMT
X-lat
amspug014:0:321
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:03 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=182e41fb-8a9c-4292-83b6-0c5cce7e7fe4-60946e62-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
bridge
cm.adgrx.com/ Frame 0FFC 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Thu, 06 May 2021 22:32:04 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-5
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 9D2A
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2986547117
  • https://sync.1rx.io/usersync/tradedesk/22fe8aa1-4f8a-4049-8a52-8b2373e884a9
  • https://sync.targeting.unrulymedia.com/csync/RX-4f743916-283d-4466-931d-bfbcacf76400-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4f743916-283d-4466-931d-bfbcacf76400-003
42 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4f743916-283d-4466-931d-bfbcacf76400-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1074=22956-e_2ec6d0c9-dee6-42bb-8480-72adfb575022; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&16736-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23019-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23114-uid:f34d6094-6e61-4400-b50c-3f9391941115; PugT=1620340321; KADUSERCOOKIE=3D16A8B2-6B0E-42C7-B409-977568EE93CF; SPugT=1620340321; chkChromeAb67Sec=1; DPSync3=1621468800%3A201_227_226_221; SyncRTB3=1620864000%3A223_67_15_2%7C1621123200%3A63%7C1621468800%3A189_230_176_222_21_13_165_55_220_81_88_161_99_22_204_56_3_8_234_54_7_71_166%7C1621555200%3A35%7C1622851200%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 06 May 2021 22:32:04 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_594=17105-RX-4f743916-283d-4466-931d-bfbcacf76400-003&KRTB&17107-RX-4f743916-283d-4466-931d-bfbcacf76400-003; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 04-Aug-2021 22:32:04 GMT; path=/ PugT=1620340324; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 22:32:04 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 04-Aug-2021 22:32:04 GMT; path=/
X-lat
lhrpug003:0:354
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Thu, 06 May 2021 22:32:03 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-4f743916-283d-4466-931d-bfbcacf76400-003%22%7D; path=/; expires=Fri, 06 May 2022 22:32:03 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4f743916-283d-4466-931d-bfbcacf76400-003
etag
RX4f743916283d4466931dbfbcacf76400003
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame AF34
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=mJcndMYPjPKMJbAaaRGKWw2o
42 B
775 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=mJcndMYPjPKMJbAaaRGKWw2o
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1074=22956-e_2ec6d0c9-dee6-42bb-8480-72adfb575022; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&16736-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23019-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23114-uid:f34d6094-6e61-4400-b50c-3f9391941115; PugT=1620340321; KADUSERCOOKIE=3D16A8B2-6B0E-42C7-B409-977568EE93CF; SPugT=1620340321; chkChromeAb67Sec=1; DPSync3=1621468800%3A201_227_226_221; SyncRTB3=1620864000%3A223_67_15_2%7C1621123200%3A63%7C1621468800%3A189_230_176_222_21_13_165_55_220_81_88_161_99_22_204_56_3_8_234_54_7_71_166%7C1621555200%3A35%7C1622851200%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 06 May 2021 22:32:03 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-mJcndMYPjPKMJbAaaRGKWw2o; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 22:32:03 GMT; path=/ PugT=1620340323; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 22:32:03 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 04-Aug-2021 22:32:03 GMT; path=/
X-lat
amspug017:0:306
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Thu, 06 May 2021 22:32:03 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=mJcndMYPjPKMJbAaaRGKWw2o; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=mJcndMYPjPKMJbAaaRGKWw2o
strict-transport-security
max-age=0; includeSubDomains;
Pug
simage2.pubmatic.com/AdServer/ Frame 8040
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3005018923156814124
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3005018923156814124
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:06 GMT
X-lat
lhrpug011:0:353
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:06 GMT
X-Proxy-Origin
91.132.136.84; 91.132.136.84; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.107:80
AN-X-Request-Uuid
b537ea36-79b3-4826-83b3-93c35dd8c614
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3005018923156814124
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dpe
ad4m.at/ad/ Frame E041 		42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c03b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 06 May 2021 22:32:03 GMT
content-type
image/gif
content-length
42
set-cookie
__cfduid=de34bdd5e55ecda20919c00a657eeba701620340323; expires=Sat, 05-Jun-21 22:32:03 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
09e5684d1000002bf205b7e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64b5a98e781e2bf2-FRA
Pug
simage2.pubmatic.com/AdServer/ Frame 625B
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1074=22956-e_2ec6d0c9-dee6-42bb-8480-72adfb575022; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&16736-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23019-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23114-uid:f34d6094-6e61-4400-b50c-3f9391941115; PugT=1620340321; KADUSERCOOKIE=3D16A8B2-6B0E-42C7-B409-977568EE93CF; SPugT=1620340321; chkChromeAb67Sec=1; DPSync3=1621468800%3A201_227_226_221; SyncRTB3=1620864000%3A223_67_15_2%7C1621123200%3A63%7C1621468800%3A189_230_176_222_21_13_165_55_220_81_88_161_99_22_204_56_3_8_234_54_7_71_166%7C1621555200%3A35%7C1622851200%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 06 May 2021 22:32:04 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-lat
lhrpug017:2:275
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Encoding
gzip

Redirect headers

set-cookie
viewer_token=97d210f3-0a80-448a-8000-effda5fd8b4c; path=/; domain=csync.loopme.me; Expires=Sun, 06-Jun-2021 22:32:03 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Thu, 06 May 2021 22:32:03 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 8040
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2ec6d0c9-dee6-42bb-8480-72adfb575022
42 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2ec6d0c9-dee6-42bb-8480-72adfb575022
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:04 GMT
X-lat
lhrpug016:0:375
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2ec6d0c9-dee6-42bb-8480-72adfb575022
date
Thu, 06 May 2021 22:32:03 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
i.match
s.tribalfusion.com/z/ Frame DAD1
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aJnoeUp26Ur8e4OEcR9XJQRbjwTcP1eptZbOWPxbf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 06 May 2021 22:32:03 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=d3abdd92230bd27f6b7adf863e012dc621620340323; expires=Sat, 05-Jun-21 22:32:03 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=amnseFy4ZawEBA9MAJP7gD5sS7s5xNscZbZdIVtuV7EOBA7jnOUvJGrVApNDCliTwTAKjmSUe0uXZbY1flf4Kl4F; path=/; domain=.tribalfusion.com; expires=Wed, 04-Aug-2021 22:32:03 GMT; SameSite=None; Secure; ANON_ID_old=amnseFy4ZawEBA9MAJP7gD5sS7s5xNscZbZdIVtuV7EOBA7jnOUvJGrVApNDCliTwTAKjmSUe0uXZbY1flf4Kl4F; path=/; domain=.tribalfusion.com; expires=Wed, 04-Aug-2021 22:32:03 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
09e5684dc400004e32c8b5d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64b5a98f99d34e32-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Thu, 06 May 2021 22:32:03 GMT
content-type
text/html
set-cookie
__cfduid=d3abdd92230bd27f6b7adf863e012dc621620340323; expires=Sat, 05-Jun-21 22:32:03 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aJnoeUp26Ur8e4OEcR9XJQRbjwTcP1eptZbOWPxbf; path=/; domain=.tribalfusion.com; expires=Wed, 04-Aug-2021 22:32:03 GMT; SameSite=None; Secure; ANON_ID_old=aJnoeUp26Ur8e4OEcR9XJQRbjwTcP1eptZbOWPxbf; path=/; domain=.tribalfusion.com; expires=Wed, 04-Aug-2021 22:32:03 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
274
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
09e5684d1300004e32b194f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64b5a98e8faa4e32-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 2A21
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=yk5KnuSNyFBd&pid=557219
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=yk5KnuSNyFBd&pid=557219
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1074=22956-e_2ec6d0c9-dee6-42bb-8480-72adfb575022; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&16736-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23019-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23114-uid:f34d6094-6e61-4400-b50c-3f9391941115; PugT=1620340321; KADUSERCOOKIE=3D16A8B2-6B0E-42C7-B409-977568EE93CF; SPugT=1620340321; chkChromeAb67Sec=1; DPSync3=1621468800%3A201_227_226_221; SyncRTB3=1620864000%3A223_67_15_2%7C1621123200%3A63%7C1621468800%3A189_230_176_222_21_13_165_55_220_81_88_161_99_22_204_56_3_8_234_54_7_71_166%7C1621555200%3A35%7C1622851200%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 06 May 2021 22:32:04 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 04-Aug-2021 22:32:04 GMT; path=/
X-lat
lhrpug004:0:501
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-7c488d4f5b-vkc5h
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
set-cookie
V=yk5KnuSNyFBd;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sun, 01-May-2022 22:32:03 GMT;Max-Age=31104000;SameSite=None
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=yk5KnuSNyFBd&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 9256
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=4bf6dfe7-8304-4a92-b383-5051e3339845-tuct78df3e0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=4bf6dfe7-8304-4a92-b383-5051e3339845-tuct78df3e0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=4bf6dfe7-8304-4a92-b383-5051e3339845-tuct78df3e0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=4bf6dfe7-8304-4a92-b383-5051e3339845-tuct78df3e0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 06 May 2021 22:32:03 GMT
via
1.1 varnish
x-served-by
cache-fra19146-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1620340324.711967,VS0,VE9
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=4bf6dfe7-8304-4a92-b383-5051e3339845-tuct78df3e0;Version=1;Path=/;Domain=.taboola.com;Expires=Fri, 06-May-2022 22:32:03 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=4bf6dfe7-8304-4a92-b383-5051e3339845-tuct78df3e0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Thu, 06 May 2021 22:32:03 GMT
via
1.1 varnish
x-served-by
cache-fra19146-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1620340324.623875,VS0,VE58
x-vcl-time-ms
58
content-length
0
Cookie set merge
ce.lijit.com/ Frame B4FB 		43 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=3D16A8B2-6B0E-42C7-B409-977568EE93CF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host
ce.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
_ljtrtb_56=RX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003; ljt_reader=75dceddf9fb94857879a4914; _ljtrtb_10=1871878969834174420; ljtrtbexp=eJxdkDkOwzAMBP%2BiOgXvI18z%2FHfLdoCAWw4l7Q51LF5fDiGTSJHPkgfZrfvGiMk6MXmyE8GECRgK8i2gNuebuzvnjT0pyACpgo4Cy7I%2Fs252YMgTfA9G8nPWUn845w4Keaazzxp%2BLea54740jc4LWnFVsQ%3D%3D; _ljtrtb_1=4271185589018318154; _ljtrtb_2=92A3FB32CF24423295B57FEF7DADC14C; _ljtrtb_12=3005018923156814124; _ljtrtb_66=577306398447; _ljtrtb_49=yk5KnuSNyFBd; _ljtrtb_76=460ab3e1-2a84-0efb-126b-cf418b6f45a0; _ljtrtb_16=182e41fb-8a9c-4292-83b6-0c5cce7e7fe4-60946e62-4348; _ljtrtb_5001=570137fbd57db8fc31612670fa0c36ce; _ljtrtb_36=e_2ec6d0c9-dee6-42bb-8480-72adfb575022; _ljtrtb_3=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3; _ljtrtb_26=19f1618b-fd29-4fd8-9321-db36db1f52b1; ljtrtb=eJwdkUlrVUEQhf%2FLXVtQYw%2FZvekSeI8Qo0JwE25PIkGjRJEg%2FnerH%2FSq%2BpyqU1%2F9XUJYbhaLUTBITqpxebcQe00QDSllFrKQSInVv2zKHx7BcudWSwbJWkFpZNhqMRg9cTFrTNYAUdwi09KfuNfQsGZovQdQLgWSJoTIWxvFoiHzHIBI10RIEkdpFltJowoF4hBxbFgl1O5Knn0pD%2F9JBUbjDDpagixM0IqEVmgYF5obXbWJuyf1uVv2zJwZkpQAWK3WHnscXSFg1tADg4omd2p259uznb%2F%2F%2FnD3tu7b7OYl5UiUzFJ2SEKJbOKZ4DLvZN0LH1ZWZeFse4vraY3H3fFAephIXFZDHHMY%2BDQCVUTI3TaQDUdqRl3HpJd0am%2B0UZh1zCFLcFobO0LD5GSqWZ5Kc%2BVut%2F%2BVT3F%2FvsPd7nh6tZfP37YvMzNeCUR%2FyXskUYoeD%2BeKMw7er%2B97Ozw%2F3n68ZNJX%2BflwOueLfLqVS%2Frz8gPD4%2F1T%2FDrTxwlTA25FOgFvSQG7Y%2FUDFahD%2FRxhqG24%2FPsPRf%2BSWw%3D%3D; _ljtrtb_86=reLeMpMclYqpO0dbclZB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 06 May 2021 22:32:03 GMT
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
_ljtrtb_5001=570137fbd57db8fc31612670fa0c36ce;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_36=e_2ec6d0c9-dee6-42bb-8480-72adfb575022;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_26=19f1618b-fd29-4fd8-9321-db36db1f52b1;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_49=yk5KnuSNyFBd;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_16=182e41fb-8a9c-4292-83b6-0c5cce7e7fe4-60946e62-4348;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_3=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_2=92A3FB32CF24423295B57FEF7DADC14C;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_1=4271185589018318154;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_86=reLeMpMclYqpO0dbclZB;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_10=1871878969834174420;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_76=460ab3e1-2a84-0efb-126b-cf418b6f45a0;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_66=577306398447;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_56=RX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_12=3005018923156814124;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None ljtrtb=eJwdkUtrVEEQhf%2FLrC2oZz%2Byu3dmLoGZxBgVxmzC7ZdIopkYRYL43%2B0O9KrqVJ1TX%2F%2FdOLe52Jj3gk5iUPWbdxviXhNEQwqRhcwFUmLtLRvy2xNYrFxyiiBRMyi1CGtOBq0GTmaFyQogSh%2BRMVLvuWZXMEcotTpQTgmCBgTPa2nJvCHzMECkt0RI4lsq5ksKLQs5YuexrZjF5dqVPPZSbL0TErTCEbSVAFGYoCRxJVEzTjQuetMGrj1p911jz8yRIUhygNlyrr76VhUcRnXVMaho6JMa%2B%2BTrgx1%2B%2FP54%2FbrMZWzrJWVPFMxC7JCEAtnAM8BFnmSZhbcLq7JwtNn8sl%2F8btptSbcDSZdl59swg%2B5GoIoIsdoKsmILxahqG%2FSCDu2FFnKjjtFFcZ3Wyh2hYehkslkcSuvKaZp%2Fxb2fD9c4Tbv9iz3dfV%2B%2Fju4g8LMe69X5Kj9%2BeT6%2Fx5Ly49087sE3Or6%2F0PcHUfI9Oo7zR1S8WT7Usn04XX46RtIXeb7dH%2BJRPl%2FKMfx5OqM73dz7b%2BMyP2zU4ZqkEvAaFLB25P3zEuSm%2FatcU1tx8%2B8%2FgV%2BbAg%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 06-May-2022 22:32:03 GMT;Max-Age=31536000;Secure;SameSite=None _ljtrtb_71=3D16A8B2-6B0E-42C7-B409-977568EE93CF;Path=/;Domain=.lijit.com;Expires=Fri, 06-May-2022 22:32:03 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxdkDkOwzAMBP%2BiOgXvI18z%2FHfLdoCAWw4l7Q51LF5fDiGTSJHPkgfZrfvGiMk6MXmyE8GECRgK8i2gNuebuzvnjT0pyACpgo4Cy7I%2Fs252YMgTfA9G8nPWUn845w4Keaazzxp%2BLea54740jc4LWnFVsQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 06-May-2022 22:32:03 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=75dceddf9fb94857879a4914;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap6ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8040
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PRaosmsOQse0CZd1aO6Tzw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=76165
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Fri, 07 May 2021 19:41:29 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 8040 		95 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=3D16A8B2-6B0E-42C7-B409-977568EE93CF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:32:03 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
64b5a98e89294e1f-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09e5684d1400004e1f4cbea000000001
info
uipglob.semasio.net/pubmatic/1/ Frame 8040 		42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3D16A8B2-6B0E-42C7-B409-977568EE93CF&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Hjørring, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:01 GMT
frontend-id
3
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 8040
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3D16A8B2-6B0E-42C7-B409-977568EE93CF&gdpr=
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3D16A8B2-6B0E-42C7-B409-977568EE93CF&addseg=31
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3D16A8B2-6B0E-42C7-B409-977568EE93CF&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:06 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Thu, 06 May 2021 22:32:03 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3D16A8B2-6B0E-42C7-B409-977568EE93CF&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 8040
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0QxNkE4QjItNkIwRS00MkM3LUI0MDktOTc3NTY4RUU5M0NG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:03 GMT
X-lat
amspug012:0:261
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3D16A8B2-6B0E-42C7-B409-977568EE93CF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 8040 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/3D16A8B2-6B0E-42C7-B409-977568EE93CF?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:32:03 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 8040
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3D16A8B2-6B0E-42C7-B409-977568EE93CF&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-PDlO9rZE2uWC5hRYtgNrOokZG3_sa4I-~A&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-PDlO9rZE2uWC5hRYtgNrOokZG3_sa4I-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:06 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 06 May 2021 22:32:06 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-PDlO9rZE2uWC5hRYtgNrOokZG3_sa4I-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8040
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4271185589018318154&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4271185589018318154&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:05 GMT
X-lat
lhrpug013:0:400
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4271185589018318154&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 06 May 2021 22:32:03 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 8040
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJRuYgAAxwC5uwAC&gdpr=0&gdpr_consent=
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJRuYgAAxwC5uwAC&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:05 GMT
X-lat
lhrpug012:0:330
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1620340325.899962,VS0,VE0
x-served-by
cache-hhn4033-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJRuYgAAxwC5uwAC&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 8040 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3D16A8B2-6B0E-42C7-B409-977568EE93CF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:04 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 8040 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156212&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:05 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
showad.js
ads.pubmatic.com/AdServer/js/ Frame A685 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1074=22956-e_2ec6d0c9-dee6-42bb-8480-72adfb575022; PUBMDCID=3; KADUSERCOOKIE=3D16A8B2-6B0E-42C7-B409-977568EE93CF; chkChromeAb67Sec=1; DPSync3=1621468800%3A201_227_226_221; SyncRTB3=1620864000%3A223_67_15_2%7C1621123200%3A63%7C1621468800%3A189_230_176_222_21_13_165_55_220_81_88_161_99_22_204_56_3_8_234_54_7_71_166%7C1621555200%3A35%7C1622851200%3A203; KRTBCOOKIE_409=22966-mJcndMYPjPKMJbAaaRGKWw2o; KRTBCOOKIE_336=5844-5717983315047178940; KRTBCOOKIE_699=22727-AACNRE7BKN0AADHLDT3q2w; KRTBCOOKIE_153=1923-r-vu6q--4ey07ue4rbr66Pvi4Li0vuTmqOKfDejO&KRTB&19420-r-vu6q--4ey07ue4rbr66Pvi4Li0vuTmqOKfDejO&KRTB&22979-r-vu6q--4ey07ue4rbr66Pvi4Li0vuTmqOKfDejO; KRTBCOOKIE_594=17105-RX-4f743916-283d-4466-931d-bfbcacf76400-003&KRTB&17107-RX-4f743916-283d-4466-931d-bfbcacf76400-003; KRTBCOOKIE_188=3189-182e41fb-8a9c-4292-83b6-0c5cce7e7fe4-60946e62-4348; KRTBCOOKIE_1101=23040-6959308699979610263; KRTBCOOKIE_80=16514-CAESEJZb53_1D563pdXQYHOPwLg&KRTB&22987-CAESEJZb53_1D563pdXQYHOPwLg&KRTB&23025-CAESEJZb53_1D563pdXQYHOPwLg; KRTBCOOKIE_27=16735-uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&KRTB&16736-uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&KRTB&23019-uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&KRTB&23114-uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3; KRTBCOOKIE_57=22776-3005018923156814124; KRTBCOOKIE_391=22924-5197838155464045137&KRTB&23263-5197838155464045137; KRTBCOOKIE_377=6810-22fe8aa1-4f8a-4049-8a52-8b2373e884a9&KRTB&22918-22fe8aa1-4f8a-4049-8a52-8b2373e884a9&KRTB&23031-22fe8aa1-4f8a-4049-8a52-8b2373e884a9; PugT=1620340325; KRTBCOOKIE_22=14911-4271185589018318154; KRTBCOOKIE_218=22978-YJRuYgAAxwC5uwAC&KRTB&23194-YJRuYgAAxwC5uwAC&KRTB&23209-YJRuYgAAxwC5uwAC&KRTB&23244-YJRuYgAAxwC5uwAC; KRTBCOOKIE_466=16530-19f1618b-fd29-4fd8-9321-db36db1f52b1; SPugT=1620340325; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=89894
Expires
Fri, 07 May 2021 23:30:20 GMT
Date
Thu, 06 May 2021 22:32:06 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3699 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1074=22956-e_2ec6d0c9-dee6-42bb-8480-72adfb575022; PUBMDCID=3; KADUSERCOOKIE=3D16A8B2-6B0E-42C7-B409-977568EE93CF; chkChromeAb67Sec=1; DPSync3=1621468800%3A201_227_226_221; SyncRTB3=1620864000%3A223_67_15_2%7C1621123200%3A63%7C1621468800%3A189_230_176_222_21_13_165_55_220_81_88_161_99_22_204_56_3_8_234_54_7_71_166%7C1621555200%3A35%7C1622851200%3A203; KRTBCOOKIE_409=22966-mJcndMYPjPKMJbAaaRGKWw2o; KRTBCOOKIE_336=5844-5717983315047178940; KRTBCOOKIE_699=22727-AACNRE7BKN0AADHLDT3q2w; KRTBCOOKIE_153=1923-r-vu6q--4ey07ue4rbr66Pvi4Li0vuTmqOKfDejO&KRTB&19420-r-vu6q--4ey07ue4rbr66Pvi4Li0vuTmqOKfDejO&KRTB&22979-r-vu6q--4ey07ue4rbr66Pvi4Li0vuTmqOKfDejO; KRTBCOOKIE_594=17105-RX-4f743916-283d-4466-931d-bfbcacf76400-003&KRTB&17107-RX-4f743916-283d-4466-931d-bfbcacf76400-003; KRTBCOOKIE_188=3189-182e41fb-8a9c-4292-83b6-0c5cce7e7fe4-60946e62-4348; KRTBCOOKIE_1101=23040-6959308699979610263; KRTBCOOKIE_80=16514-CAESEJZb53_1D563pdXQYHOPwLg&KRTB&22987-CAESEJZb53_1D563pdXQYHOPwLg&KRTB&23025-CAESEJZb53_1D563pdXQYHOPwLg; KRTBCOOKIE_27=16735-uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&KRTB&16736-uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&KRTB&23019-uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&KRTB&23114-uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3; KRTBCOOKIE_57=22776-3005018923156814124; KRTBCOOKIE_391=22924-5197838155464045137&KRTB&23263-5197838155464045137; KRTBCOOKIE_377=6810-22fe8aa1-4f8a-4049-8a52-8b2373e884a9&KRTB&22918-22fe8aa1-4f8a-4049-8a52-8b2373e884a9&KRTB&23031-22fe8aa1-4f8a-4049-8a52-8b2373e884a9; PugT=1620340325; KRTBCOOKIE_22=14911-4271185589018318154; KRTBCOOKIE_218=22978-YJRuYgAAxwC5uwAC&KRTB&23194-YJRuYgAAxwC5uwAC&KRTB&23209-YJRuYgAAxwC5uwAC&KRTB&23244-YJRuYgAAxwC5uwAC; KRTBCOOKIE_466=16530-19f1618b-fd29-4fd8-9321-db36db1f52b1; SPugT=1620340325; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=89894
Expires
Fri, 07 May 2021 23:30:20 GMT
Date
Thu, 06 May 2021 22:32:06 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame A685 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=71991117&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1dac9d0bbfe49d364e499947b6031879b9a58b62a17667c66d318bcad98de1be

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:05 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2019
Content-Type
text/html; charset=UTF-8
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 8CE8 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C3154W26UYKKhC5rl-gaKwID4C9yNmcVix8nkvuINsJAfEAEg0pbmOGD1lc6B4ASgAe3xtdoDyAEFqQKZ6G7ZRneyPuACAKgDAZgEAKoEpAJP0PWFkLZ4hiSwvcK_AJ1VX32oyRHEdxiXNuk1MLcOWxs4PzS4ozhvIyWL6t6BtrdftOklDopYZDCvT7FcQA0Wd4KXmnreni2Qw4N_e81LxGcIYiNo9OUSJW7ZbfSAgmGKVuhq8xDv8_fKRNd7eRKvOGR1rMUHgFvyVs5XtP6qwZptV7Uh_bORRIIbjljswOz30AWCu8D4W9JaoIzclJ5qxFu04FE6-izj2A7394DeS53ABMC3YCFQxOQSNVFV9SZ-buL9rxq0oY1inCDwjCCnRsUuUjbmCXnGeI3S5vXxnFgPOj2dVDf1ywD06o-x9tJHEhiQwEky7XhZx7v4UXCD96xAF1BhHwTxXWSF3WzkggAlTQrnpSB-4Sn9XKgcpT-AlHypwATG-_KHuwPgBAGgBlSAB7C58SmoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIIBwiAYRABGB3yCBthZHgtc3Vic3luLTY1MDg1NzM4NTQwOTg2ODaACgPICwHYEw3QFQHiFgIIAYAXAQ&sigh=fZPmrJobJ8k&cmd=Ch1jYS12aWRlby1wdWItMTkyOTYxNTY5NDM3MzEwMxAAGAI&label=videoplaytime50&ad_mt=9701&acvw=sv%3D894%26cb%3Dj%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D585,516,838,966%26tos%3D10230,0,0,0,0%26mtos%3D10230,10230,10230,10230,10230%26amtos%3D0,0,0,0,0%26mcvt%3D10230%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D10230%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2398%26pst%3D554%26dur%3D19017%26vmtime%3D9700%26dtos%3D4752%26dtoss%3D3%26dvs%3D4752%26dfvs%3D4752%26dvpt%3D4752%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4752,4752,4752,4752,4752%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1159%26femvt%3D0%26emc%3D52%26emuc%3D0%26emb%3D52,0,0,0,0%26avms%3Dexc%26qi%3D679419909%26psm%3D-2147482625%26psv%3D-2147482625%26psfv%3D-2147482625%26psa%3D0%26ptlt%3D1620340326590%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10230&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1620340315545&sdkv=h.3.454.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3MzExNDk0NDcxMTIMNTE4MDU1MjUxOTcwQNwCUiAQDyUAAMBBKAE6B3Vua25vd25CB3Vua25vd25I1ARQABgB
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aq
capi.connatix.com/tr/ Frame D9A3 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/aq?v=116015
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.99.24 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 06 May 2021 22:32:06 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://start.mybluelight.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
match
c1.adform.net/serving/cookie/ Frame 0DE4 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=3D16A8B2-6B0E-42C7-B409-977568EE93CF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=3D16A8B2-6B0E-42C7-B409-977568EE93CF
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=5197838155464045137
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 06 May 2021 22:32:06 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=5197838155464045137; expires=Mon, 05 Jul 2021 22:32:06 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
141
match.deepintent.com/usersync/ Frame 98B5 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Thu, 06 May 2021 22:32:06 GMT
server
b
check
pixel.tapad.com/idsync/ex/receive/ Frame E6AC
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1620340326828; TapAd_DID=7fe36c97-d880-4007-955e-68ec174945d3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 06 May 2021 22:32:06 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.36.v20210114)
via
1.1 google
alt-svc
clear

Redirect headers

date
Thu, 06 May 2021 22:32:06 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1620340326828;Expires=Mon, 05 Jul 2021 22:32:06 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=7fe36c97-d880-4007-955e-68ec174945d3;Expires=Mon, 05 Jul 2021 22:32:06 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.36.v20210114)
via
1.1 google
alt-svc
clear
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 63F6
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:XoKneRYm1LEMxo5&gdpr=0&gdpr_consent=
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:XoKneRYm1LEMxo5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1074=22956-e_2ec6d0c9-dee6-42bb-8480-72adfb575022; PUBMDCID=3; KADUSERCOOKIE=3D16A8B2-6B0E-42C7-B409-977568EE93CF; KRTBCOOKIE_409=22966-mJcndMYPjPKMJbAaaRGKWw2o; KRTBCOOKIE_336=5844-5717983315047178940; KRTBCOOKIE_699=22727-AACNRE7BKN0AADHLDT3q2w; KRTBCOOKIE_153=1923-r-vu6q--4ey07ue4rbr66Pvi4Li0vuTmqOKfDejO&KRTB&19420-r-vu6q--4ey07ue4rbr66Pvi4Li0vuTmqOKfDejO&KRTB&22979-r-vu6q--4ey07ue4rbr66Pvi4Li0vuTmqOKfDejO; KRTBCOOKIE_594=17105-RX-4f743916-283d-4466-931d-bfbcacf76400-003&KRTB&17107-RX-4f743916-283d-4466-931d-bfbcacf76400-003; KRTBCOOKIE_188=3189-182e41fb-8a9c-4292-83b6-0c5cce7e7fe4-60946e62-4348; KRTBCOOKIE_1101=23040-6959308699979610263; KRTBCOOKIE_80=16514-CAESEJZb53_1D563pdXQYHOPwLg&KRTB&22987-CAESEJZb53_1D563pdXQYHOPwLg&KRTB&23025-CAESEJZb53_1D563pdXQYHOPwLg; KRTBCOOKIE_27=16735-uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&KRTB&16736-uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&KRTB&23019-uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&KRTB&23114-uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3; KRTBCOOKIE_57=22776-3005018923156814124; KRTBCOOKIE_391=22924-5197838155464045137&KRTB&23263-5197838155464045137; KRTBCOOKIE_377=6810-22fe8aa1-4f8a-4049-8a52-8b2373e884a9&KRTB&22918-22fe8aa1-4f8a-4049-8a52-8b2373e884a9&KRTB&23031-22fe8aa1-4f8a-4049-8a52-8b2373e884a9; KRTBCOOKIE_22=14911-4271185589018318154; KRTBCOOKIE_218=22978-YJRuYgAAxwC5uwAC&KRTB&23194-YJRuYgAAxwC5uwAC&KRTB&23209-YJRuYgAAxwC5uwAC&KRTB&23244-YJRuYgAAxwC5uwAC; KRTBCOOKIE_466=16530-19f1618b-fd29-4fd8-9321-db36db1f52b1; SPugT=1620340325; chkChromeAb67Sec=2; DPSync3=1620345600%3A174%7C1621468800%3A226_221_219_197_232_201_227; SyncRTB3=1621123200%3A63%7C1621468800%3A230_21_99_204_166_78_161_56_5_222_13_55_104_233_22_71_81_8_7_231_189_176_54_165_220_3_88_234_57%7C1620864000%3A15_223_67_2%7C1621555200%3A35%7C1622851200%3A203%7C1625443200%3A69; KRTBCOOKIE_860=16335-EooNs2zMS6dkIvoTb0JXMFuEiFQ; PugT=1620340326; KRTBCOOKIE_279=22890-e1a06f38-aeba-11eb-bc02-c149ea2be043&KRTB&23011-e1a06f38-aeba-11eb-bc02-c149ea2be043
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 06 May 2021 22:32:06 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_107=1471-uid:XoKneRYm1LEMxo5; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 04-Aug-2021 22:32:06 GMT; path=/ PugT=1620340326; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 22:32:06 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 04-Aug-2021 22:32:06 GMT; path=/
X-lat
lhrpug018:0:405
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Thu, 06 May 2021 22:32:06 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:XoKneRYm1LEMxo5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-0a1405953f2666354@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=XoKneRYm1LEMxo5; Domain=.w55c.net; Expires=Mon, 06-Jun-2022 22:32:06 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sat, 05-Jun-2021 22:32:06 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame B11F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=EooNs2zMS6dkIvoTb0JXMFuEiFQ
42 B
778 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=EooNs2zMS6dkIvoTb0JXMFuEiFQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1074=22956-e_2ec6d0c9-dee6-42bb-8480-72adfb575022; PUBMDCID=3; KADUSERCOOKIE=3D16A8B2-6B0E-42C7-B409-977568EE93CF; KRTBCOOKIE_409=22966-mJcndMYPjPKMJbAaaRGKWw2o; KRTBCOOKIE_336=5844-5717983315047178940; KRTBCOOKIE_699=22727-AACNRE7BKN0AADHLDT3q2w; KRTBCOOKIE_153=1923-r-vu6q--4ey07ue4rbr66Pvi4Li0vuTmqOKfDejO&KRTB&19420-r-vu6q--4ey07ue4rbr66Pvi4Li0vuTmqOKfDejO&KRTB&22979-r-vu6q--4ey07ue4rbr66Pvi4Li0vuTmqOKfDejO; KRTBCOOKIE_594=17105-RX-4f743916-283d-4466-931d-bfbcacf76400-003&KRTB&17107-RX-4f743916-283d-4466-931d-bfbcacf76400-003; KRTBCOOKIE_188=3189-182e41fb-8a9c-4292-83b6-0c5cce7e7fe4-60946e62-4348; KRTBCOOKIE_1101=23040-6959308699979610263; KRTBCOOKIE_80=16514-CAESEJZb53_1D563pdXQYHOPwLg&KRTB&22987-CAESEJZb53_1D563pdXQYHOPwLg&KRTB&23025-CAESEJZb53_1D563pdXQYHOPwLg; KRTBCOOKIE_27=16735-uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&KRTB&16736-uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&KRTB&23019-uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&KRTB&23114-uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3; KRTBCOOKIE_57=22776-3005018923156814124; KRTBCOOKIE_391=22924-5197838155464045137&KRTB&23263-5197838155464045137; KRTBCOOKIE_377=6810-22fe8aa1-4f8a-4049-8a52-8b2373e884a9&KRTB&22918-22fe8aa1-4f8a-4049-8a52-8b2373e884a9&KRTB&23031-22fe8aa1-4f8a-4049-8a52-8b2373e884a9; PugT=1620340325; KRTBCOOKIE_22=14911-4271185589018318154; KRTBCOOKIE_218=22978-YJRuYgAAxwC5uwAC&KRTB&23194-YJRuYgAAxwC5uwAC&KRTB&23209-YJRuYgAAxwC5uwAC&KRTB&23244-YJRuYgAAxwC5uwAC; KRTBCOOKIE_466=16530-19f1618b-fd29-4fd8-9321-db36db1f52b1; SPugT=1620340325; chkChromeAb67Sec=2; DPSync3=1620345600%3A174%7C1621468800%3A226_221_219_197_232_201_227; SyncRTB3=1621123200%3A63%7C1621468800%3A230_21_99_204_166_78_161_56_5_222_13_55_104_233_22_71_81_8_7_231_189_176_54_165_220_3_88_234_57%7C1620864000%3A15_223_67_2%7C1621555200%3A35%7C1622851200%3A203%7C1625443200%3A69
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 06 May 2021 22:32:06 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_860=16335-EooNs2zMS6dkIvoTb0JXMFuEiFQ; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 04-Aug-2021 22:32:06 GMT; path=/ PugT=1620340326; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 05-Jun-2021 22:32:06 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 04-Aug-2021 22:32:06 GMT; path=/
X-lat
lhrpug002:0:645
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Thu, 06 May 2021 22:32:06 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=EooNs2zMS6dkIvoTb0JXMFuEiFQ
Content-Length
159
Connection
keep-alive
usersync
match.bnmla.com/ Frame 3171 		0
112 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.126 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 06 May 2021 22:32:08 GMT
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 3D08
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:92A3FB32CF24423295B57FEF7DADC14C
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:92A3FB32CF24423295B57FEF7DADC14C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1074=22956-e_2ec6d0c9-dee6-42bb-8480-72adfb575022; PUBMDCID=3; KADUSERCOOKIE=3D16A8B2-6B0E-42C7-B409-977568EE93CF; KRTBCOOKIE_409=22966-mJcndMYPjPKMJbAaaRGKWw2o; KRTBCOOKIE_336=5844-5717983315047178940; KRTBCOOKIE_699=22727-AACNRE7BKN0AADHLDT3q2w; KRTBCOOKIE_153=1923-r-vu6q--4ey07ue4rbr66Pvi4Li0vuTmqOKfDejO&KRTB&19420-r-vu6q--4ey07ue4rbr66Pvi4Li0vuTmqOKfDejO&KRTB&22979-r-vu6q--4ey07ue4rbr66Pvi4Li0vuTmqOKfDejO; KRTBCOOKIE_594=17105-RX-4f743916-283d-4466-931d-bfbcacf76400-003&KRTB&17107-RX-4f743916-283d-4466-931d-bfbcacf76400-003; KRTBCOOKIE_188=3189-182e41fb-8a9c-4292-83b6-0c5cce7e7fe4-60946e62-4348; KRTBCOOKIE_1101=23040-6959308699979610263; KRTBCOOKIE_80=16514-CAESEJZb53_1D563pdXQYHOPwLg&KRTB&22987-CAESEJZb53_1D563pdXQYHOPwLg&KRTB&23025-CAESEJZb53_1D563pdXQYHOPwLg; KRTBCOOKIE_27=16735-uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&KRTB&16736-uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&KRTB&23019-uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3&KRTB&23114-uid:c67f6094-6e61-4400-9e5a-3a0f8d51e4f3; KRTBCOOKIE_57=22776-3005018923156814124; KRTBCOOKIE_391=22924-5197838155464045137&KRTB&23263-5197838155464045137; KRTBCOOKIE_377=6810-22fe8aa1-4f8a-4049-8a52-8b2373e884a9&KRTB&22918-22fe8aa1-4f8a-4049-8a52-8b2373e884a9&KRTB&23031-22fe8aa1-4f8a-4049-8a52-8b2373e884a9; KRTBCOOKIE_22=14911-4271185589018318154; KRTBCOOKIE_218=22978-YJRuYgAAxwC5uwAC&KRTB&23194-YJRuYgAAxwC5uwAC&KRTB&23209-YJRuYgAAxwC5uwAC&KRTB&23244-YJRuYgAAxwC5uwAC; KRTBCOOKIE_466=16530-19f1618b-fd29-4fd8-9321-db36db1f52b1; SPugT=1620340325; chkChromeAb67Sec=2; DPSync3=1620345600%3A174%7C1621468800%3A226_221_219_197_232_201_227; SyncRTB3=1621123200%3A63%7C1621468800%3A230_21_99_204_166_78_161_56_5_222_13_55_104_233_22_71_81_8_7_231_189_176_54_165_220_3_88_234_57%7C1620864000%3A15_223_67_2%7C1621555200%3A35%7C1622851200%3A203%7C1625443200%3A69; KRTBCOOKIE_860=16335-EooNs2zMS6dkIvoTb0JXMFuEiFQ; PugT=1620340326; KRTBCOOKIE_279=22890-e1a06f38-aeba-11eb-bc02-c149ea2be043&KRTB&23011-e1a06f38-aeba-11eb-bc02-c149ea2be043; KRTBCOOKIE_107=1471-uid:XoKneRYm1LEMxo5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 06 May 2021 22:32:07 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 04-Aug-2021 22:32:07 GMT; path=/
X-lat
lhrpug001:0:383
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
nginx
date
Thu, 06 May 2021 22:32:07 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:92A3FB32CF24423295B57FEF7DADC14C
expires
Wed, 05 May 2021 22:32:07 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Cookie set merge
ce.lijit.com/ Frame 438E 		43 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=3D16A8B2-6B0E-42C7-B409-977568EE93CF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host
ce.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
_ljtrtb_56=RX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003; ljt_reader=75dceddf9fb94857879a4914; _ljtrtb_10=1871878969834174420; ljtrtbexp=eJxdkDkOwzAMBP%2BiOgXvI18z%2FHfLdoCAWw4l7Q51LF5fDiGTSJHPkgfZrfvGiMk6MXmyE8GECRgK8i2gNuebuzvnjT0pyACpgo4Cy7I%2Fs252YMgTfA9G8nPWUn845w4Keaazzxp%2BLea54740jc4LWnFVsQ%3D%3D; _ljtrtb_1=4271185589018318154; _ljtrtb_2=92A3FB32CF24423295B57FEF7DADC14C; _ljtrtb_12=3005018923156814124; _ljtrtb_66=577306398447; _ljtrtb_49=yk5KnuSNyFBd; _ljtrtb_76=460ab3e1-2a84-0efb-126b-cf418b6f45a0; _ljtrtb_16=182e41fb-8a9c-4292-83b6-0c5cce7e7fe4-60946e62-4348; _ljtrtb_5001=570137fbd57db8fc31612670fa0c36ce; _ljtrtb_36=e_2ec6d0c9-dee6-42bb-8480-72adfb575022; _ljtrtb_3=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3; _ljtrtb_26=19f1618b-fd29-4fd8-9321-db36db1f52b1; _ljtrtb_86=reLeMpMclYqpO0dbclZB; _ljtrtb_71=3D16A8B2-6B0E-42C7-B409-977568EE93CF; _ljtrtb_80=KODGSI2V-1S-AOYY; ljtrtb=eJwdksluVEEMRf%2Bl11iyXXYN2b3XA0HdGUgDSrKJXk0IJZCEgFCE%2BHdckWplX%2Fvax%2FV35f3qZKUhOPQuRZGwercitphDVKSY2JH6SEIsltIhv7oGTY1ryQlckgJCPcFSskJvkbNqZdIKiM5K3Chpd9yKr1gS1NY8COcMUSJC4KX2rEGReRgg0ttESC70XDXUHHtx5Il9wL5gcb40U%2FLoS6lbJmbolRNIrxGSY4Kana%2BZunKmsdGbNnKzSc13STYzJ4bosgcsWkoLLfQm4DGJb55BnESrlGSVr%2Fe6%2F%2FH7eP66m%2BvoZiHhQBRVYzJIjiLpwDPAJZ7cbna83rEIO046a9htd2EzbdYk64HEZMWHPszA3AhEECE1XcAt2GNVatIHvYim3V9s3h8%2F8BegI0wXNzcWD2MItyE%2FxZnBz7i1jdYBZsEEKQS72Xab3Ho3esjwO5FKfvTG5JPzRnxhO4NiNLpFNQ2lmnKa5l9pG%2Bb9OU7TZvuij7ffl68jOyj%2BbId29nRWHm6eny6w5vJwOw8m%2BEY42IvWPzqhYOvjQDjWxcvdx1bX99ennw6J5MU9X2336eA%2Bn7pD%2FPP4hP768i58G3TCsBGPS3aNgJcogM3OZh8gQ%2Bli5%2FZddMHVv%2F%2BhCqoL; _ljtrtb_83=KODGSI2V-1S-AOYY
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 06 May 2021 22:32:06 GMT
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
_ljtrtb_80=KODGSI2V-1S-AOYY;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_5001=570137fbd57db8fc31612670fa0c36ce;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_36=e_2ec6d0c9-dee6-42bb-8480-72adfb575022;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_26=19f1618b-fd29-4fd8-9321-db36db1f52b1;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_49=yk5KnuSNyFBd;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_16=182e41fb-8a9c-4292-83b6-0c5cce7e7fe4-60946e62-4348;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_71=3D16A8B2-6B0E-42C7-B409-977568EE93CF;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_83=KODGSI2V-1S-AOYY;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_3=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_2=92A3FB32CF24423295B57FEF7DADC14C;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_1=4271185589018318154;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_86=reLeMpMclYqpO0dbclZB;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_10=1871878969834174420;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_76=460ab3e1-2a84-0efb-126b-cf418b6f45a0;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_66=577306398447;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_56=RX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_12=3005018923156814124;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None ljtrtb=eJxtkltPVUEMhf%2FLebZJ22nnwtve5yLmHC6CGuCF7LkZAwqIxhDjf7fDM8k8dVa71nydvyvvV0crDcGhdymKhNW7FbHVHKIixcSO1EcSYrErHfKLK9DUuJacwCUpINQTLCUr9BY5q1YmrYDorMWNlnbLrfiKJUFtzYNwzhAlIgReas8aFJmHASK9JkJyoeeqoebYiyNP7AP2BYvzpZmSx1xK3W5ihl45gfQaITkmqNn5mqkrZxovetVGbpbUfJdkmTkxRJc9YNFSWmihNwGPSXzzDOIkWqck63y50%2F2P35enL7u5jmlWEg5EUTUmg%2BQokg48A1ziye1mx%2Bsdi7DjpLOG3XYXNtNmTbIeSExWfOjDDMyNQAQRUtMF3II9VqUmfdCLaNr92eb95Qf%2BAnQJ09n1tdXDCOE25Kc4M%2FgZt%2FaidYBZMEEKwXa23Sa33o0Z7u0ZUUaOI6nkhycmn5y3TSxs61GMRr2opqFUU07T%2FCttw7w%2FxWnabJ%2F14eb78nXcDro%2F26GdPJ6U%2B%2BunxzOsudzfzIMVvpIPdqLNj04oGBYcaEcsPN99bHV9d3X86ZBInt3TxXafDu7zsTvEPw%2BP6K%2FOb8O3QS0MG%2FG4ZNcIeIkC2Gyd9jEylC72DXwXXXD17z97x6%2FN;Path=/;Domain=.lijit.com;Expires=Fri, 06-May-2022 22:32:06 GMT;Max-Age=31536000;Secure;SameSite=None _ljtrtb_58=3D16A8B2-6B0E-42C7-B409-977568EE93CF;Path=/;Domain=.lijit.com;Expires=Fri, 06-May-2022 22:32:06 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxdkDkOwzAMBP%2BiOgXvI18z%2FHfLdoCAWw4l7Q51LF5fDiGTSJHPkgfZrfvGiMk6MXmyE8GECRgK8i2gNuebuzvnjT0pyACpgo4Cy7I%2Fs252YMgTfA9G8nPWUn845w4Keaazzxp%2BLea54740jc4LWnFVsQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 06-May-2022 22:32:06 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=75dceddf9fb94857879a4914;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap6ams1
/
spl.zeotap.com/ Frame A685
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=3D16A8B2-6B0E-42C7-B409-977568EE93CF
  • https://spl.zeotap.com/?zdid=1332&zcluid=a781b521c9eb9b04
95 B
810 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=a781b521c9eb9b04
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:32:08 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
64b5a9aa78042b89-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09e5685e8900002b893f9b4000000001

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=a781b521c9eb9b04
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame A685
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:06 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 06 May 2021 22:31:34 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x30
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c67f6094-6e61-4400-9e5a-3a0f8d51e4f3
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 06 May 2021 22:31:33 GMT
/
loadm.exelator.com/load/ Frame A685 		0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=3D16A8B2-6B0E-42C7-B409-977568EE93CF&gdpr=0&gdpr_consent=&j=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 22:32:07 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
Pug
simage2.pubmatic.com/AdServer/ Frame A685
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e1a06f38-aeba-11eb-bc02-c149ea2be043&gdpr=0&gdpr_consent=
1 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e1a06f38-aeba-11eb-bc02-c149ea2be043&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 06 May 2021 22:32:06 GMT
X-lat
lhrpug006:0:533
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e1a06f38-aeba-11eb-bc02-c149ea2be043&gdpr=0&gdpr_consent=
Date
Thu, 06 May 2021 22:32:06 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
e36d40c1-aeba-11eb-bf8c-fd2d11bdbf97
aclk
www.googleadservices.com/pagead/ Frame 8CE8
Redirect Chain
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=CtziRW26UYKKhC5rl-gaKwID4C9yNmcVix8nkvuINsJAfEAEg0pbmOGD1lc6B4ASgAe3xtdoDyAEFqQKZ6G7ZRneyPuACAKgDAZgEAKoEpwJP0PWFkLZ4hiSwvcK_AJ1VX32oyRHEdxiXNuk1MLc...
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=C7Pc9W26UYKKhC5rl-gaKwID4C9yNmcVix8nkvuINsJAfEAEg0pbmOGD1lc6B4ASgAe3xtdoDyAEFqQKZ6G7ZRneyPuACAKgDAZgEAKoEpwJP0PWFkLZ4hiSwvcK_AJ1VX32oyRHEdxiXNuk...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleadservices.com/pagead/aclk?sa=L&ai=C7Pc9W26UYKKhC5rl-gaKwID4C9yNmcVix8nkvuINsJAfEAEg0pbmOGD1lc6B4ASgAe3xtdoDyAEFqQKZ6G7ZRneyPuACAKgDAZgEAKoEpwJP0PWFkLZ4hiSwvcK_AJ1VX32oyRHEdxiXNuk1MLcOWxs4PzS4ozhvIyWL6t6BtrdftOklDopYZDCvT7FcQA0Wd4KXmnreni2Qw4N_e81LxGcIYiNo9OUSJW7ZbfSAgmGKVuhq8xDv8_fKRNd7eRKvOGR1rMUHgFvyVs5XtP6qwZptV7Uh_bORRIIbjljswOz30AWCu8D4W9JaoIzclJ5qxFu04FE6-izj2A7394DeS53ABMC3YCFQxOQSNVFV9SZ-buL9rxq0oY1inCDwjCCnRsUuUjbmCXnGeI3S5vXxnFgPOj2dVDf1ywD06o-x9tJHEhiQwEky7XhZx7v4UXCD96xAF1BhHwTxXWSF3TTlOBQtb5TpN4CYdAoCyczjN0pzLjex9reYwATG-_KHuwPgBAHABW6gBlSAB7C58SmoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIIBwiAYRABGB3yCBthZHgtc3Vic3luLTY1MDg1NzM4NTQwOTg2ODaaCaQBaHR0cHM6Ly93d3cuaW50ZXJkaXNjb3VudC5jaC9kZS9tb2JpbHRlbGVmb24tdGFibGV0LXdlYXJhYmxlcy9tb2JpbHRlbGVmb24vbW9iaWx0ZWxlZm9uZS0tYzQxMTAwMC9zYW1zdW5nLWdhbGF4eS1hNTEtNi01LTEyOC1nYi00OC1tcC1wcmlzbS1jcnVzaC1ibGFjay0tcDAwMDIxMDk5OTKxCYAwQivRJz32gAoDyAsB0AsO4AsBuAwB2BMN0BUB4hYCCAGAFwE&num=1&client=ca-pub-7379978810940306&ctype=110&label=video_10s_engaged_view&ad_mt=10198&acvw=sv%3D894%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D585,516,838,966%26p0%3D585,516,838,966%26p1%3D585,516,838,966%26p2%3D585,516,838,966%26tos%3D10727,0,0,0,0%26mtos%3D10727,10727,10727,10727,10727%26amtos%3D0,0,0,0,0%26mtos1%3D5478,0,0%26mtos2%3D4752,0,0%26mcvt%3D10727%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10727%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2599%26pst%3D554%26dur%3D19017%26vmtime%3D10198%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26cs%3D16782099%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D497,497,497,497,497%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1159%26femvt%3D0%26emc%3D54%26emuc%3D0%26emb%3D54,0,0,0,0%26avms%3Dexc%26qi%3D679419909%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D1620340327088%26pngs%3D9s,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10727%26ss0%3D0.05%26ss1%3D0.05%26ss2%3D0.05&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.05%26t%3D1620340315545&cid=CAQSKQCNIrLMkp2WXD4qRRUy7qT7TLrqNfQegCHIoHm35-XLKBTL7Jq_gigV&dblrd=1&val=ChAyMjQ2M2M0YzBhYzgwMDUxEODc0YQGGgjUxXwugXKkKSABKAE&sig=AOD64_3NjH91dIglQBq2OaMYlvQwfWiZUQ&adurl=http://clickserve.dartsearch.net/link/click%3F%26ds_a_cid%3D85922208%26ds_a_caid%3D12897681005%26ds_a_agid%3D118933470662%26ds_a_fiid%3D%26ds_a_lid%3D%26%26ds_e_adid%3D518055251970%26ds_e_matchtype%3Dcontent%26ds_e_device%3Dc%26ds_e_network%3Dvp%26%26ds_url_v%3D2%26ds_dest_url%3Dhttps://www.interdiscount.ch/de/mobiltelefon-tablet-wearables/mobiltelefon/mobiltelefone--c411000/samsung-galaxy-a51-6-5-128-gb-48-mp-prism-crush-black--p0002109992%3Fgclsrc%3Daw.ds%26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:07 GMT
x-content-type-options
nosniff
server
adclick_server
p3p
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.googleadservices.com/pagead/aclk?sa=L&ai=C7Pc9W26UYKKhC5rl-gaKwID4C9yNmcVix8nkvuINsJAfEAEg0pbmOGD1lc6B4ASgAe3xtdoDyAEFqQKZ6G7ZRneyPuACAKgDAZgEAKoEpwJP0PWFkLZ4hiSwvcK_AJ1VX32oyRHEdxiXNuk1MLcOWxs4PzS4ozhvIyWL6t6BtrdftOklDopYZDCvT7FcQA0Wd4KXmnreni2Qw4N_e81LxGcIYiNo9OUSJW7ZbfSAgmGKVuhq8xDv8_fKRNd7eRKvOGR1rMUHgFvyVs5XtP6qwZptV7Uh_bORRIIbjljswOz30AWCu8D4W9JaoIzclJ5qxFu04FE6-izj2A7394DeS53ABMC3YCFQxOQSNVFV9SZ-buL9rxq0oY1inCDwjCCnRsUuUjbmCXnGeI3S5vXxnFgPOj2dVDf1ywD06o-x9tJHEhiQwEky7XhZx7v4UXCD96xAF1BhHwTxXWSF3TTlOBQtb5TpN4CYdAoCyczjN0pzLjex9reYwATG-_KHuwPgBAHABW6gBlSAB7C58SmoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIIBwiAYRABGB3yCBthZHgtc3Vic3luLTY1MDg1NzM4NTQwOTg2ODaaCaQBaHR0cHM6Ly93d3cuaW50ZXJkaXNjb3VudC5jaC9kZS9tb2JpbHRlbGVmb24tdGFibGV0LXdlYXJhYmxlcy9tb2JpbHRlbGVmb24vbW9iaWx0ZWxlZm9uZS0tYzQxMTAwMC9zYW1zdW5nLWdhbGF4eS1hNTEtNi01LTEyOC1nYi00OC1tcC1wcmlzbS1jcnVzaC1ibGFjay0tcDAwMDIxMDk5OTKxCYAwQivRJz32gAoDyAsB0AsO4AsBuAwB2BMN0BUB4hYCCAGAFwE&num=1&client=ca-pub-7379978810940306&ctype=110&label=video_10s_engaged_view&ad_mt=10198&acvw=sv%3D894%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D585,516,838,966%26p0%3D585,516,838,966%26p1%3D585,516,838,966%26p2%3D585,516,838,966%26tos%3D10727,0,0,0,0%26mtos%3D10727,10727,10727,10727,10727%26amtos%3D0,0,0,0,0%26mtos1%3D5478,0,0%26mtos2%3D4752,0,0%26mcvt%3D10727%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10727%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2599%26pst%3D554%26dur%3D19017%26vmtime%3D10198%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26cs%3D16782099%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D497,497,497,497,497%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1159%26femvt%3D0%26emc%3D54%26emuc%3D0%26emb%3D54,0,0,0,0%26avms%3Dexc%26qi%3D679419909%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D1620340327088%26pngs%3D9s,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10727%26ss0%3D0.05%26ss1%3D0.05%26ss2%3D0.05&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.05%26t%3D1620340315545&cid=CAQSKQCNIrLMkp2WXD4qRRUy7qT7TLrqNfQegCHIoHm35-XLKBTL7Jq_gigV&dblrd=1&val=ChAyMjQ2M2M0YzBhYzgwMDUxEODc0YQGGgjUxXwugXKkKSABKAE&sig=AOD64_3NjH91dIglQBq2OaMYlvQwfWiZUQ&adurl=http://clickserve.dartsearch.net/link/click%3F%26ds_a_cid%3D85922208%26ds_a_caid%3D12897681005%26ds_a_agid%3D118933470662%26ds_a_fiid%3D%26ds_a_lid%3D%26%26ds_e_adid%3D518055251970%26ds_e_matchtype%3Dcontent%26ds_e_device%3Dc%26ds_e_network%3Dvp%26%26ds_url_v%3D2%26ds_dest_url%3Dhttps://www.interdiscount.ch/de/mobiltelefon-tablet-wearables/mobiltelefon/mobiltelefone--c411000/samsung-galaxy-a51-6-5-128-gb-48-mp-prism-crush-black--p0002109992%3Fgclsrc%3Daw.ds%26
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
watchtime
s.youtube.com/api/stats/ Frame 6E59 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/watchtime?rti=10&st=0.000&et=10.198&rtn=19.017&ns=yt&fexp=21064201&el=adunit&cpn=tASCC0TeQHF1peuk&docid=vrSkrZv08sk&ver=2&cmt=10.198&fmt=18&rt=10.000&adformat=2_2_1&euri=https%3A%2F%2Fstart.mybluelight.com%2F&len=19.017&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::71 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
st
capi.connatix.com/tr/ Frame D9A3 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=116015
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.99.24 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 06 May 2021 22:32:08 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://start.mybluelight.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ Frame 3F06 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=d193576c47c95f2f27dd8c743b13acd7&pvId=d193576c47c95f2f27dd8c743b13acd7&sid=2422423&pid=10278&idx=0&wId=833&pad=4&org=0&tm=15871&eT=9&cnsnt=no_consent&wRV=2000339&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://start.mybluelight.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 May 2021 22:32:09 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
290a4dbaa41366a3cab3de9f0ed9abc8
Content-Length
4
Expires
0
90b64bdc05e626dc71af907aefda3bbd.png
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/ Frame 87E7 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/90b64bdc05e626dc71af907aefda3bbd.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC76whWm6UYMKRF9abgQe3_L2ABZP5pdBisLmbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_Q4PfwSrMG9f4K9Xnyjj5yBwyBLdMLJoqXoEO4j0_iXLqxa_klistxC7PUCYkb4u4OwEPEFX4Ae22o22C3iqVX2oAghRIpJKEB2SnxBqJmtJ1kisVeDqwdnW9K33NJcJS86FHOwAca-Ixl-cDUJFudqrjUm-xMrsAj4Vn6L-s7Jk7ltKdc07rCpa5YJfKeSuCYx3FqzewtLX_pOuAdePhjdAH9Tz7uhcpfky3Y_rYmJE1txVD6LFs9svveZ4iBEzcJ0S4KDL4sK6LAdO2UkVmIzsZie3zJnI0wAaT6sL_GR4QHiebU5SxsYv0qd2-yjUVl-qw8wATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoN3BBSeC1Z9KHhfFStb6WYg%26sig%3DAOD64_1oUPa_UsKVutRCTGKGw-8M1c_oAg%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-B3YA4nc4zIBsipOpoMrPjF-VPjizEERjb77cV_RJfcks1PJ5u5XGzbtprI0of6Dygtq88J-_RGz7MPpDVbtWOxjLZYBgG9po4OHtmDVy4sYY2W_WN7ZU6URBkhuGRrykR6Rp2KopkggJQTQEqLKZCpLKCsUA%26cry%3D1%26dbm_d%3DAKAmf-DPTrGIHTba5yRbZag0-wDK6PzJgwAucHr7KPCU9FD6uJF0-_cAzRrSq1BtMTY6_9BRGmX5S8V9kkXz1nj3v5G-vyBoHoA-XX3EnR_ThAUhzvul69yPiPiqTIa2OqL7yM1P-N89PrRBlDV2l20OKJfqx-ZWxUA_kRtyIsG4Ui8roI4d6HJQe03N4ZO0BTvoqQemuO8aqfMsIZrnSFkvg2eq8A9KfP_3mpMYx6buYnyMRbUa2r3So0kzQ0l_eAgvJA3dwreItfYCmTm0bXM4ChylFgPTC4EleQruf3vxz49lVO6vUtxjV_x2phRM_kITlD8mK1znY320pEauC0aLxM0XhvV4n6cUnv472niiIg4do_yLH3Q8LRqaNOoq0eswm4ECufgz95C5HGB5MDgk-JjqpviQPKh9bztqwB1LzQw1m_F_2nY%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
683927ce48904f371f977c1240e074816187cbb6f96d66525a39f26230b7254c

Request headers

Referer
https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC76whWm6UYMKRF9abgQe3_L2ABZP5pdBisLmbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_Q4PfwSrMG9f4K9Xnyjj5yBwyBLdMLJoqXoEO4j0_iXLqxa_klistxC7PUCYkb4u4OwEPEFX4Ae22o22C3iqVX2oAghRIpJKEB2SnxBqJmtJ1kisVeDqwdnW9K33NJcJS86FHOwAca-Ixl-cDUJFudqrjUm-xMrsAj4Vn6L-s7Jk7ltKdc07rCpa5YJfKeSuCYx3FqzewtLX_pOuAdePhjdAH9Tz7uhcpfky3Y_rYmJE1txVD6LFs9svveZ4iBEzcJ0S4KDL4sK6LAdO2UkVmIzsZie3zJnI0wAaT6sL_GR4QHiebU5SxsYv0qd2-yjUVl-qw8wATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoN3BBSeC1Z9KHhfFStb6WYg%26sig%3DAOD64_1oUPa_UsKVutRCTGKGw-8M1c_oAg%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-B3YA4nc4zIBsipOpoMrPjF-VPjizEERjb77cV_RJfcks1PJ5u5XGzbtprI0of6Dygtq88J-_RGz7MPpDVbtWOxjLZYBgG9po4OHtmDVy4sYY2W_WN7ZU6URBkhuGRrykR6Rp2KopkggJQTQEqLKZCpLKCsUA%26cry%3D1%26dbm_d%3DAKAmf-DPTrGIHTba5yRbZag0-wDK6PzJgwAucHr7KPCU9FD6uJF0-_cAzRrSq1BtMTY6_9BRGmX5S8V9kkXz1nj3v5G-vyBoHoA-XX3EnR_ThAUhzvul69yPiPiqTIa2OqL7yM1P-N89PrRBlDV2l20OKJfqx-ZWxUA_kRtyIsG4Ui8roI4d6HJQe03N4ZO0BTvoqQemuO8aqfMsIZrnSFkvg2eq8A9KfP_3mpMYx6buYnyMRbUa2r3So0kzQ0l_eAgvJA3dwreItfYCmTm0bXM4ChylFgPTC4EleQruf3vxz49lVO6vUtxjV_x2phRM_kITlD8mK1znY320pEauC0aLxM0XhvV4n6cUnv472niiIg4do_yLH3Q8LRqaNOoq0eswm4ECufgz95C5HGB5MDgk-JjqpviQPKh9bztqwB1LzQw1m_F_2nY%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 13:26:04 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 13:46:17 GMT
server
AmazonS3
age
32767
etag
"90b64bdc05e626dc71af907aefda3bbd"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
71178
x-amz-cf-id
EL-i91H2K4HtkhRUar6nGWc60hCPHSUs20dLWBl0n1NdKAvtPk2O_Q==
be124a930734a3f1be09a1924dc7348f.png
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/ Frame 87E7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/be124a930734a3f1be09a1924dc7348f.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC76whWm6UYMKRF9abgQe3_L2ABZP5pdBisLmbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_Q4PfwSrMG9f4K9Xnyjj5yBwyBLdMLJoqXoEO4j0_iXLqxa_klistxC7PUCYkb4u4OwEPEFX4Ae22o22C3iqVX2oAghRIpJKEB2SnxBqJmtJ1kisVeDqwdnW9K33NJcJS86FHOwAca-Ixl-cDUJFudqrjUm-xMrsAj4Vn6L-s7Jk7ltKdc07rCpa5YJfKeSuCYx3FqzewtLX_pOuAdePhjdAH9Tz7uhcpfky3Y_rYmJE1txVD6LFs9svveZ4iBEzcJ0S4KDL4sK6LAdO2UkVmIzsZie3zJnI0wAaT6sL_GR4QHiebU5SxsYv0qd2-yjUVl-qw8wATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoN3BBSeC1Z9KHhfFStb6WYg%26sig%3DAOD64_1oUPa_UsKVutRCTGKGw-8M1c_oAg%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-B3YA4nc4zIBsipOpoMrPjF-VPjizEERjb77cV_RJfcks1PJ5u5XGzbtprI0of6Dygtq88J-_RGz7MPpDVbtWOxjLZYBgG9po4OHtmDVy4sYY2W_WN7ZU6URBkhuGRrykR6Rp2KopkggJQTQEqLKZCpLKCsUA%26cry%3D1%26dbm_d%3DAKAmf-DPTrGIHTba5yRbZag0-wDK6PzJgwAucHr7KPCU9FD6uJF0-_cAzRrSq1BtMTY6_9BRGmX5S8V9kkXz1nj3v5G-vyBoHoA-XX3EnR_ThAUhzvul69yPiPiqTIa2OqL7yM1P-N89PrRBlDV2l20OKJfqx-ZWxUA_kRtyIsG4Ui8roI4d6HJQe03N4ZO0BTvoqQemuO8aqfMsIZrnSFkvg2eq8A9KfP_3mpMYx6buYnyMRbUa2r3So0kzQ0l_eAgvJA3dwreItfYCmTm0bXM4ChylFgPTC4EleQruf3vxz49lVO6vUtxjV_x2phRM_kITlD8mK1znY320pEauC0aLxM0XhvV4n6cUnv472niiIg4do_yLH3Q8LRqaNOoq0eswm4ECufgz95C5HGB5MDgk-JjqpviQPKh9bztqwB1LzQw1m_F_2nY%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63aa2fbb8b33647f08118e73651eb17f48dbc2d6da58d7868013d3ef083d5904

Request headers

Referer
https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC76whWm6UYMKRF9abgQe3_L2ABZP5pdBisLmbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_Q4PfwSrMG9f4K9Xnyjj5yBwyBLdMLJoqXoEO4j0_iXLqxa_klistxC7PUCYkb4u4OwEPEFX4Ae22o22C3iqVX2oAghRIpJKEB2SnxBqJmtJ1kisVeDqwdnW9K33NJcJS86FHOwAca-Ixl-cDUJFudqrjUm-xMrsAj4Vn6L-s7Jk7ltKdc07rCpa5YJfKeSuCYx3FqzewtLX_pOuAdePhjdAH9Tz7uhcpfky3Y_rYmJE1txVD6LFs9svveZ4iBEzcJ0S4KDL4sK6LAdO2UkVmIzsZie3zJnI0wAaT6sL_GR4QHiebU5SxsYv0qd2-yjUVl-qw8wATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoN3BBSeC1Z9KHhfFStb6WYg%26sig%3DAOD64_1oUPa_UsKVutRCTGKGw-8M1c_oAg%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-B3YA4nc4zIBsipOpoMrPjF-VPjizEERjb77cV_RJfcks1PJ5u5XGzbtprI0of6Dygtq88J-_RGz7MPpDVbtWOxjLZYBgG9po4OHtmDVy4sYY2W_WN7ZU6URBkhuGRrykR6Rp2KopkggJQTQEqLKZCpLKCsUA%26cry%3D1%26dbm_d%3DAKAmf-DPTrGIHTba5yRbZag0-wDK6PzJgwAucHr7KPCU9FD6uJF0-_cAzRrSq1BtMTY6_9BRGmX5S8V9kkXz1nj3v5G-vyBoHoA-XX3EnR_ThAUhzvul69yPiPiqTIa2OqL7yM1P-N89PrRBlDV2l20OKJfqx-ZWxUA_kRtyIsG4Ui8roI4d6HJQe03N4ZO0BTvoqQemuO8aqfMsIZrnSFkvg2eq8A9KfP_3mpMYx6buYnyMRbUa2r3So0kzQ0l_eAgvJA3dwreItfYCmTm0bXM4ChylFgPTC4EleQruf3vxz49lVO6vUtxjV_x2phRM_kITlD8mK1znY320pEauC0aLxM0XhvV4n6cUnv472niiIg4do_yLH3Q8LRqaNOoq0eswm4ECufgz95C5HGB5MDgk-JjqpviQPKh9bztqwB1LzQw1m_F_2nY%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 13:26:04 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 13:46:17 GMT
server
AmazonS3
age
32767
etag
"be124a930734a3f1be09a1924dc7348f"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
1801
x-amz-cf-id
NIdCL3jOQXXf0co1hxa0dLTik07fTcuaPRRV4JkPJ0PXzEZDSHo4Wg==
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 87E7 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:900
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://live-tag.bannersnack.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 22:35:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:30 GMT
server
sffe
age
172594
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22572
x-xss-protection
0
expires
Wed, 04 May 2022 22:35:36 GMT
a2cff8615a63998ce9034cf542a708f3.png
live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/media/ Frame 3C99 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/media/a2cff8615a63998ce9034cf542a708f3.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4H5dWm6UYMGRF9abgQe3_L2ABZP5pdBiqLWbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_QzeWgi_Z0c29mbW2xF3rK9M4De5lrtXP6m1wKTK2rT4MWBth30j6k-Ra4FvVtxa95RU12Hjr4iiYGB64C03aOsYS8tEnJPrhtlCGV3cZY0umwXVV6NFb8Q0MkKJ0Xxcyfg0fmeWsWsAL0CkDxyXgYUz8TVKXqS9Rm0UmCvAuD4-mfCfqmRyPCePME0B3GiC1Q2yPwZycQCw_L1fcJDzJmhLpztez99tm6mvLnQ4U9bgdHUrdaluUtyhsxRnbyIOVjNZwEHJFGtIS6QRTUhRoLbmw2ocU83dS_ozLCUV6ShkJachhHatIqOGuOXfV-liglCMfpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopA5rDjHBkcTzvxbzbkv4dA%26sig%3DAOD64_0jOZYwbX-BHoC2D8tng9K4yhpSiw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-AsKV_G9Qmfi8F1iXMVr2bUQRawsJNef_qPTyfAwfjG6M-JQ1NL50YmLTQIo5RBLKp4hBqhFbFqVVAb8oXwxUxl25sfIuwadSSnXBhZ_ghpVu5rtW0fKwLa7LOMyWRywnOOHIU10DvFy7peMu42W-ixq4pkgA%26cry%3D1%26dbm_d%3DAKAmf-D7ATsnersCdrpAxQVZH74YiN__v6R-LA0yQahIxwmuRUxSCHzFEzA1ajkEe8k-MnNvGGe9DfKWAiPwK7UReKtbM1Dp2lfS_uglSg7440C3qLKmhMDx3v5Naau3vz6c72fn4imoWubwcOR0SKYAdEPQsjbn55j_9QWEBpGd_HMFxo9Qp7n1JI8LkhDgZsyh5aCRGUaBdqcVP92wLZkG3hvKfspPh98Fi78XKnASVdhYKhnIcsLLKSdZYdmAEyJJmP15IwOMxrGoXgKtJL6lOVXLNhGBCu1peur35GeuJy50CpbTVrT03E26u6N62lIScbEhxyFmG1dX8g_soTFCOtcqsY4fGId75gSpTAxTPTEBWC-whPHm3wqKcyd75qgvoOSOAZq2FFhLqLk3h5W6Eu1LmCVH1ZbXTuJJdYt8b5PqtLNflAs%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4146cb33b13cbf63e7955f6a726ee15e584d1e64e13967910c77e8520376cc71

Request headers

Referer
https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4H5dWm6UYMGRF9abgQe3_L2ABZP5pdBiqLWbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_QzeWgi_Z0c29mbW2xF3rK9M4De5lrtXP6m1wKTK2rT4MWBth30j6k-Ra4FvVtxa95RU12Hjr4iiYGB64C03aOsYS8tEnJPrhtlCGV3cZY0umwXVV6NFb8Q0MkKJ0Xxcyfg0fmeWsWsAL0CkDxyXgYUz8TVKXqS9Rm0UmCvAuD4-mfCfqmRyPCePME0B3GiC1Q2yPwZycQCw_L1fcJDzJmhLpztez99tm6mvLnQ4U9bgdHUrdaluUtyhsxRnbyIOVjNZwEHJFGtIS6QRTUhRoLbmw2ocU83dS_ozLCUV6ShkJachhHatIqOGuOXfV-liglCMfpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopA5rDjHBkcTzvxbzbkv4dA%26sig%3DAOD64_0jOZYwbX-BHoC2D8tng9K4yhpSiw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-AsKV_G9Qmfi8F1iXMVr2bUQRawsJNef_qPTyfAwfjG6M-JQ1NL50YmLTQIo5RBLKp4hBqhFbFqVVAb8oXwxUxl25sfIuwadSSnXBhZ_ghpVu5rtW0fKwLa7LOMyWRywnOOHIU10DvFy7peMu42W-ixq4pkgA%26cry%3D1%26dbm_d%3DAKAmf-D7ATsnersCdrpAxQVZH74YiN__v6R-LA0yQahIxwmuRUxSCHzFEzA1ajkEe8k-MnNvGGe9DfKWAiPwK7UReKtbM1Dp2lfS_uglSg7440C3qLKmhMDx3v5Naau3vz6c72fn4imoWubwcOR0SKYAdEPQsjbn55j_9QWEBpGd_HMFxo9Qp7n1JI8LkhDgZsyh5aCRGUaBdqcVP92wLZkG3hvKfspPh98Fi78XKnASVdhYKhnIcsLLKSdZYdmAEyJJmP15IwOMxrGoXgKtJL6lOVXLNhGBCu1peur35GeuJy50CpbTVrT03E26u6N62lIScbEhxyFmG1dX8g_soTFCOtcqsY4fGId75gSpTAxTPTEBWC-whPHm3wqKcyd75qgvoOSOAZq2FFhLqLk3h5W6Eu1LmCVH1ZbXTuJJdYt8b5PqtLNflAs%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 13:25:55 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 14:06:42 GMT
server
AmazonS3
age
32776
etag
"a2cff8615a63998ce9034cf542a708f3"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
90817
x-amz-cf-id
tfoCk5koAgpBjRmdsHv1FegYrUm1BN5FnFJMWn2pJQhdUQughS_bHQ==
be124a930734a3f1be09a1924dc7348f.png
live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/media/ Frame 3C99 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/media/be124a930734a3f1be09a1924dc7348f.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4H5dWm6UYMGRF9abgQe3_L2ABZP5pdBiqLWbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_QzeWgi_Z0c29mbW2xF3rK9M4De5lrtXP6m1wKTK2rT4MWBth30j6k-Ra4FvVtxa95RU12Hjr4iiYGB64C03aOsYS8tEnJPrhtlCGV3cZY0umwXVV6NFb8Q0MkKJ0Xxcyfg0fmeWsWsAL0CkDxyXgYUz8TVKXqS9Rm0UmCvAuD4-mfCfqmRyPCePME0B3GiC1Q2yPwZycQCw_L1fcJDzJmhLpztez99tm6mvLnQ4U9bgdHUrdaluUtyhsxRnbyIOVjNZwEHJFGtIS6QRTUhRoLbmw2ocU83dS_ozLCUV6ShkJachhHatIqOGuOXfV-liglCMfpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopA5rDjHBkcTzvxbzbkv4dA%26sig%3DAOD64_0jOZYwbX-BHoC2D8tng9K4yhpSiw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-AsKV_G9Qmfi8F1iXMVr2bUQRawsJNef_qPTyfAwfjG6M-JQ1NL50YmLTQIo5RBLKp4hBqhFbFqVVAb8oXwxUxl25sfIuwadSSnXBhZ_ghpVu5rtW0fKwLa7LOMyWRywnOOHIU10DvFy7peMu42W-ixq4pkgA%26cry%3D1%26dbm_d%3DAKAmf-D7ATsnersCdrpAxQVZH74YiN__v6R-LA0yQahIxwmuRUxSCHzFEzA1ajkEe8k-MnNvGGe9DfKWAiPwK7UReKtbM1Dp2lfS_uglSg7440C3qLKmhMDx3v5Naau3vz6c72fn4imoWubwcOR0SKYAdEPQsjbn55j_9QWEBpGd_HMFxo9Qp7n1JI8LkhDgZsyh5aCRGUaBdqcVP92wLZkG3hvKfspPh98Fi78XKnASVdhYKhnIcsLLKSdZYdmAEyJJmP15IwOMxrGoXgKtJL6lOVXLNhGBCu1peur35GeuJy50CpbTVrT03E26u6N62lIScbEhxyFmG1dX8g_soTFCOtcqsY4fGId75gSpTAxTPTEBWC-whPHm3wqKcyd75qgvoOSOAZq2FFhLqLk3h5W6Eu1LmCVH1ZbXTuJJdYt8b5PqtLNflAs%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63aa2fbb8b33647f08118e73651eb17f48dbc2d6da58d7868013d3ef083d5904

Request headers

Referer
https://live-tag.bannersnack.com/banners/bxnig8san/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4H5dWm6UYMGRF9abgQe3_L2ABZP5pdBiqLWbp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgT1AU_QzeWgi_Z0c29mbW2xF3rK9M4De5lrtXP6m1wKTK2rT4MWBth30j6k-Ra4FvVtxa95RU12Hjr4iiYGB64C03aOsYS8tEnJPrhtlCGV3cZY0umwXVV6NFb8Q0MkKJ0Xxcyfg0fmeWsWsAL0CkDxyXgYUz8TVKXqS9Rm0UmCvAuD4-mfCfqmRyPCePME0B3GiC1Q2yPwZycQCw_L1fcJDzJmhLpztez99tm6mvLnQ4U9bgdHUrdaluUtyhsxRnbyIOVjNZwEHJFGtIS6QRTUhRoLbmw2ocU83dS_ozLCUV6ShkJachhHatIqOGuOXfV-liglCMfpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHYAKA5gLAcgLAYAMAbATrYu3C9ATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRopA5rDjHBkcTzvxbzbkv4dA%26sig%3DAOD64_0jOZYwbX-BHoC2D8tng9K4yhpSiw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-AsKV_G9Qmfi8F1iXMVr2bUQRawsJNef_qPTyfAwfjG6M-JQ1NL50YmLTQIo5RBLKp4hBqhFbFqVVAb8oXwxUxl25sfIuwadSSnXBhZ_ghpVu5rtW0fKwLa7LOMyWRywnOOHIU10DvFy7peMu42W-ixq4pkgA%26cry%3D1%26dbm_d%3DAKAmf-D7ATsnersCdrpAxQVZH74YiN__v6R-LA0yQahIxwmuRUxSCHzFEzA1ajkEe8k-MnNvGGe9DfKWAiPwK7UReKtbM1Dp2lfS_uglSg7440C3qLKmhMDx3v5Naau3vz6c72fn4imoWubwcOR0SKYAdEPQsjbn55j_9QWEBpGd_HMFxo9Qp7n1JI8LkhDgZsyh5aCRGUaBdqcVP92wLZkG3hvKfspPh98Fi78XKnASVdhYKhnIcsLLKSdZYdmAEyJJmP15IwOMxrGoXgKtJL6lOVXLNhGBCu1peur35GeuJy50CpbTVrT03E26u6N62lIScbEhxyFmG1dX8g_soTFCOtcqsY4fGId75gSpTAxTPTEBWC-whPHm3wqKcyd75qgvoOSOAZq2FFhLqLk3h5W6Eu1LmCVH1ZbXTuJJdYt8b5PqtLNflAs%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 13:25:56 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 14:06:42 GMT
server
AmazonS3
age
32776
etag
"be124a930734a3f1be09a1924dc7348f"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
1801
x-amz-cf-id
aDX9D8w8FlrChaGMEDed03n_fbSB12hrOk0mVb-BtHivE0Dt-B1VIw==
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 3C99 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:900
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://live-tag.bannersnack.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 22:35:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:30 GMT
server
sffe
age
172595
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22572
x-xss-protection
0
expires
Wed, 04 May 2022 22:35:36 GMT
d65e79bd5e532a2ed627f2f1070fb1b9.png
live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/ Frame 83D0 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/d65e79bd5e532a2ed627f2f1070fb1b9.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsXbcWm6UYMCRF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTxAU_QldOKkl5vj1rePCUIZ_iezJurMotthR6XrWLnMdkI-zAa8YjnRvTaBkSzilXozbaUPYs-3RbpOj9WEky5EV-B3SJGFi--Tnc9pxBe9WO0ADEOudaMFNdULAhJ5g1VCDUKloxUEWrLlyTeEHLHvLsgVqpyIVBaG-Jy3j5Nb8l-r99_lHQw_EW3nZfBRowH5E-cxvoR-82MwmYat1kWWv5dK2AEsSd6SFuE7jEbdGxyl9d3sKrD1ADY-2TdqVH5i_fVauCPxx9is3kKsAL255VAmwLbgA9oULune5si4mEwfecDJ4FGmZXhcRgsstZuZV7ABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyNDecGgnwBI669VZLQBo2Q%26sig%3DAOD64_0g4YmrpUhmcr8mbkX3JY4bbRoDGw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-APxEViDHoqe08WsdpfTvgXbvb_u0978C8NjA6QwEy_RAPb9WEYcAuAYdwsfJkyitWuWLiGXD-Uk1mtpi3ro8f6e6sMmXGtIiJgC77rUN0BQXk5-p5YGMgexlDxTz8vsFasgL-iweklfDW0Zd9PwXXnoT9WKQ%26cry%3D1%26dbm_d%3DAKAmf-CpagjvtdQdr8PnA_oYByU5jiTPyd3rqpH84SDOKLy6B3pWCLa7bK2CB4YN9bS3rdGojCOM878IHVb5CFAyHh25K8NxdiMPtdquI4wQtgJ7fA68pdPVbR4MyhA3JBtyADr0xtDQr3uQOX_MLDCSCyiTMEb1EKNArF7wIVXc3kQmKEL9i49bqX2NPy4smwWITxM5jAUfPsGFqAD_GpNkTLAx5iBupHHJrDrsUEVpkMr2jvgKvUw9LxNZ2kA4XEqV3BUJlgJiI67adlUT_9MZTqrJc0Y0WSTP3oHEglnxQgx80wqj4t9wBbpUPNRcXv5Wj7pZ7BL0Y0D-kXtG6k_8EbnXnBtW5Vze2rSj7IIkSFsAfc9MVs9RN2Uq-Z7891dbJa8TcL4Vc1XWQ5ViMD1rB0gAlxNSWvUBUUnhUf0elMXMtyJ1FqQ%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
854bce7721bca315b8f6b096a0ffec2498ea7fa2e096fb9d8920f18a327a01bc

Request headers

Referer
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsXbcWm6UYMCRF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTxAU_QldOKkl5vj1rePCUIZ_iezJurMotthR6XrWLnMdkI-zAa8YjnRvTaBkSzilXozbaUPYs-3RbpOj9WEky5EV-B3SJGFi--Tnc9pxBe9WO0ADEOudaMFNdULAhJ5g1VCDUKloxUEWrLlyTeEHLHvLsgVqpyIVBaG-Jy3j5Nb8l-r99_lHQw_EW3nZfBRowH5E-cxvoR-82MwmYat1kWWv5dK2AEsSd6SFuE7jEbdGxyl9d3sKrD1ADY-2TdqVH5i_fVauCPxx9is3kKsAL255VAmwLbgA9oULune5si4mEwfecDJ4FGmZXhcRgsstZuZV7ABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyNDecGgnwBI669VZLQBo2Q%26sig%3DAOD64_0g4YmrpUhmcr8mbkX3JY4bbRoDGw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-APxEViDHoqe08WsdpfTvgXbvb_u0978C8NjA6QwEy_RAPb9WEYcAuAYdwsfJkyitWuWLiGXD-Uk1mtpi3ro8f6e6sMmXGtIiJgC77rUN0BQXk5-p5YGMgexlDxTz8vsFasgL-iweklfDW0Zd9PwXXnoT9WKQ%26cry%3D1%26dbm_d%3DAKAmf-CpagjvtdQdr8PnA_oYByU5jiTPyd3rqpH84SDOKLy6B3pWCLa7bK2CB4YN9bS3rdGojCOM878IHVb5CFAyHh25K8NxdiMPtdquI4wQtgJ7fA68pdPVbR4MyhA3JBtyADr0xtDQr3uQOX_MLDCSCyiTMEb1EKNArF7wIVXc3kQmKEL9i49bqX2NPy4smwWITxM5jAUfPsGFqAD_GpNkTLAx5iBupHHJrDrsUEVpkMr2jvgKvUw9LxNZ2kA4XEqV3BUJlgJiI67adlUT_9MZTqrJc0Y0WSTP3oHEglnxQgx80wqj4t9wBbpUPNRcXv5Wj7pZ7BL0Y0D-kXtG6k_8EbnXnBtW5Vze2rSj7IIkSFsAfc9MVs9RN2Uq-Z7891dbJa8TcL4Vc1XWQ5ViMD1rB0gAlxNSWvUBUUnhUf0elMXMtyJ1FqQ%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 22:50:12 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 14:06:43 GMT
server
AmazonS3
age
85320
etag
"d65e79bd5e532a2ed627f2f1070fb1b9"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
39663
x-amz-cf-id
ijX4PmcDu0tbbOpiIZ_T04K8xzv6Qjd1gJjiidUzK1wQaqMwaUXvqg==
a705a07561259f8d533887aa81956c88.png
live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/ Frame 83D0 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/a705a07561259f8d533887aa81956c88.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsXbcWm6UYMCRF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTxAU_QldOKkl5vj1rePCUIZ_iezJurMotthR6XrWLnMdkI-zAa8YjnRvTaBkSzilXozbaUPYs-3RbpOj9WEky5EV-B3SJGFi--Tnc9pxBe9WO0ADEOudaMFNdULAhJ5g1VCDUKloxUEWrLlyTeEHLHvLsgVqpyIVBaG-Jy3j5Nb8l-r99_lHQw_EW3nZfBRowH5E-cxvoR-82MwmYat1kWWv5dK2AEsSd6SFuE7jEbdGxyl9d3sKrD1ADY-2TdqVH5i_fVauCPxx9is3kKsAL255VAmwLbgA9oULune5si4mEwfecDJ4FGmZXhcRgsstZuZV7ABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyNDecGgnwBI669VZLQBo2Q%26sig%3DAOD64_0g4YmrpUhmcr8mbkX3JY4bbRoDGw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-APxEViDHoqe08WsdpfTvgXbvb_u0978C8NjA6QwEy_RAPb9WEYcAuAYdwsfJkyitWuWLiGXD-Uk1mtpi3ro8f6e6sMmXGtIiJgC77rUN0BQXk5-p5YGMgexlDxTz8vsFasgL-iweklfDW0Zd9PwXXnoT9WKQ%26cry%3D1%26dbm_d%3DAKAmf-CpagjvtdQdr8PnA_oYByU5jiTPyd3rqpH84SDOKLy6B3pWCLa7bK2CB4YN9bS3rdGojCOM878IHVb5CFAyHh25K8NxdiMPtdquI4wQtgJ7fA68pdPVbR4MyhA3JBtyADr0xtDQr3uQOX_MLDCSCyiTMEb1EKNArF7wIVXc3kQmKEL9i49bqX2NPy4smwWITxM5jAUfPsGFqAD_GpNkTLAx5iBupHHJrDrsUEVpkMr2jvgKvUw9LxNZ2kA4XEqV3BUJlgJiI67adlUT_9MZTqrJc0Y0WSTP3oHEglnxQgx80wqj4t9wBbpUPNRcXv5Wj7pZ7BL0Y0D-kXtG6k_8EbnXnBtW5Vze2rSj7IIkSFsAfc9MVs9RN2Uq-Z7891dbJa8TcL4Vc1XWQ5ViMD1rB0gAlxNSWvUBUUnhUf0elMXMtyJ1FqQ%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57c864927d9c581cba66b9e26ee948842cc77e1cf211d13d845f6c6ce0daf7be

Request headers

Referer
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsXbcWm6UYMCRF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTxAU_QldOKkl5vj1rePCUIZ_iezJurMotthR6XrWLnMdkI-zAa8YjnRvTaBkSzilXozbaUPYs-3RbpOj9WEky5EV-B3SJGFi--Tnc9pxBe9WO0ADEOudaMFNdULAhJ5g1VCDUKloxUEWrLlyTeEHLHvLsgVqpyIVBaG-Jy3j5Nb8l-r99_lHQw_EW3nZfBRowH5E-cxvoR-82MwmYat1kWWv5dK2AEsSd6SFuE7jEbdGxyl9d3sKrD1ADY-2TdqVH5i_fVauCPxx9is3kKsAL255VAmwLbgA9oULune5si4mEwfecDJ4FGmZXhcRgsstZuZV7ABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyNDecGgnwBI669VZLQBo2Q%26sig%3DAOD64_0g4YmrpUhmcr8mbkX3JY4bbRoDGw%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-APxEViDHoqe08WsdpfTvgXbvb_u0978C8NjA6QwEy_RAPb9WEYcAuAYdwsfJkyitWuWLiGXD-Uk1mtpi3ro8f6e6sMmXGtIiJgC77rUN0BQXk5-p5YGMgexlDxTz8vsFasgL-iweklfDW0Zd9PwXXnoT9WKQ%26cry%3D1%26dbm_d%3DAKAmf-CpagjvtdQdr8PnA_oYByU5jiTPyd3rqpH84SDOKLy6B3pWCLa7bK2CB4YN9bS3rdGojCOM878IHVb5CFAyHh25K8NxdiMPtdquI4wQtgJ7fA68pdPVbR4MyhA3JBtyADr0xtDQr3uQOX_MLDCSCyiTMEb1EKNArF7wIVXc3kQmKEL9i49bqX2NPy4smwWITxM5jAUfPsGFqAD_GpNkTLAx5iBupHHJrDrsUEVpkMr2jvgKvUw9LxNZ2kA4XEqV3BUJlgJiI67adlUT_9MZTqrJc0Y0WSTP3oHEglnxQgx80wqj4t9wBbpUPNRcXv5Wj7pZ7BL0Y0D-kXtG6k_8EbnXnBtW5Vze2rSj7IIkSFsAfc9MVs9RN2Uq-Z7891dbJa8TcL4Vc1XWQ5ViMD1rB0gAlxNSWvUBUUnhUf0elMXMtyJ1FqQ%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 13:26:16 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 14:06:43 GMT
server
AmazonS3
age
32756
etag
"a705a07561259f8d533887aa81956c88"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
3708
x-amz-cf-id
YbftdYvqxLo9KknnKkS4HArgFB5PBoYB0wqK7FJAaJ_TeUxlOoH7nA==
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 83D0 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:900
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://live-tag.bannersnack.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 22:35:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:30 GMT
server
sffe
age
172595
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22572
x-xss-protection
0
expires
Wed, 04 May 2022 22:35:36 GMT
d65e79bd5e532a2ed627f2f1070fb1b9.png
live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/ Frame 65E5 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/d65e79bd5e532a2ed627f2f1070fb1b9.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAa7GWm6UYL-RF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTuAU_Qn26a3csvo5Uwz7SUWZOa9fMu92-0D4LguiZtb-J5TW290vwfSotkzuiDkM_zX2CFAtRfGhVLtwjVIp-sgBo7fScovZbNGTNnOVRRBUfuBh0-PRYhJBY5Lp76dkl4A1Vp09P8RqnQoM1woNTfI-sWRmadNI77W6mhgbF64YJHNSFXNnfQS5l4tGXngsKy_FAiCUKtBm-7zmKST3YNv8gjVQkKgGEc-bq6epJ39eIpw8Rv-Cm_sSc7AbIf84jSrYManqmDEfcrfcPK0pLA13_51VmGafL4B42i4qL8DqcPS4ItSAFa5cwDcH4pb8TABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2B42yRIHYTnql7LZDFeweA%26sig%3DAOD64_1IDDT88AgBX6nkbhKbrF8PUGegbQ%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-BZFOc8VK2sUpmFWlJuWh_ZZfMjJt6r0LICqJEc1neZgi6gVRM90Vp5Q3886sxrX-DlQwTgMGCbCjDpj5e-FfKMJSOKvvxLzXgBT5hT0e_dB_nLqP_1SkcOvPOpX0PsMxEoX0uROT3mkLO_7ZsjXkNeM5dnYQ%26cry%3D1%26dbm_d%3DAKAmf-C45xxJVMle2Y0zXyVO2ObVzdRlv05nLIPEX9neH_lxh36kBdYuQnsocFaze6i-6RZLvPv0sRCTZ30ReOwO0E6oYnWtLDlU6sl4ngbuF6Hkw38AXWx4Cksf73cI9ltIa7rpfgvwsZoN8QTY3W2ngoVt0jwZJEZNnvgRSvuUgar03i83WOyI09RF_3d9w3SMcRWW0jXaN9-jkjoYnesue2JiTnQpgKCsboUbgJaNb10fGrggKDlvScwylh_zdGTx8YWakPcqmy1po13dkEu58CZCHMNtVqbc1ESeNMJJmCQvSHEWMAnA-VI75f2uqeEH-OSDGv7siEAj3px5IKhHTSeYNf02Lbo-fLfQ4qIsPwSb1cFe5hBbnc8QLFpTlpwk0X-mCXi7-WbXxY_A2wQLIR0rw1n2Pb_3ExJs3BhXVKinfraFlaE%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
854bce7721bca315b8f6b096a0ffec2498ea7fa2e096fb9d8920f18a327a01bc

Request headers

Referer
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAa7GWm6UYL-RF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTuAU_Qn26a3csvo5Uwz7SUWZOa9fMu92-0D4LguiZtb-J5TW290vwfSotkzuiDkM_zX2CFAtRfGhVLtwjVIp-sgBo7fScovZbNGTNnOVRRBUfuBh0-PRYhJBY5Lp76dkl4A1Vp09P8RqnQoM1woNTfI-sWRmadNI77W6mhgbF64YJHNSFXNnfQS5l4tGXngsKy_FAiCUKtBm-7zmKST3YNv8gjVQkKgGEc-bq6epJ39eIpw8Rv-Cm_sSc7AbIf84jSrYManqmDEfcrfcPK0pLA13_51VmGafL4B42i4qL8DqcPS4ItSAFa5cwDcH4pb8TABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2B42yRIHYTnql7LZDFeweA%26sig%3DAOD64_1IDDT88AgBX6nkbhKbrF8PUGegbQ%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-BZFOc8VK2sUpmFWlJuWh_ZZfMjJt6r0LICqJEc1neZgi6gVRM90Vp5Q3886sxrX-DlQwTgMGCbCjDpj5e-FfKMJSOKvvxLzXgBT5hT0e_dB_nLqP_1SkcOvPOpX0PsMxEoX0uROT3mkLO_7ZsjXkNeM5dnYQ%26cry%3D1%26dbm_d%3DAKAmf-C45xxJVMle2Y0zXyVO2ObVzdRlv05nLIPEX9neH_lxh36kBdYuQnsocFaze6i-6RZLvPv0sRCTZ30ReOwO0E6oYnWtLDlU6sl4ngbuF6Hkw38AXWx4Cksf73cI9ltIa7rpfgvwsZoN8QTY3W2ngoVt0jwZJEZNnvgRSvuUgar03i83WOyI09RF_3d9w3SMcRWW0jXaN9-jkjoYnesue2JiTnQpgKCsboUbgJaNb10fGrggKDlvScwylh_zdGTx8YWakPcqmy1po13dkEu58CZCHMNtVqbc1ESeNMJJmCQvSHEWMAnA-VI75f2uqeEH-OSDGv7siEAj3px5IKhHTSeYNf02Lbo-fLfQ4qIsPwSb1cFe5hBbnc8QLFpTlpwk0X-mCXi7-WbXxY_A2wQLIR0rw1n2Pb_3ExJs3BhXVKinfraFlaE%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 22:50:12 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 14:06:43 GMT
server
AmazonS3
age
85320
etag
"d65e79bd5e532a2ed627f2f1070fb1b9"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
39663
x-amz-cf-id
ZqDXmNM1TGQEaS3LLFR8z4qbV7SCD1arBRzbuZ15oVohj3i7fQqVgg==
a705a07561259f8d533887aa81956c88.png
live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/ Frame 65E5 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/media/a705a07561259f8d533887aa81956c88.png
Requested by
Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAa7GWm6UYL-RF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTuAU_Qn26a3csvo5Uwz7SUWZOa9fMu92-0D4LguiZtb-J5TW290vwfSotkzuiDkM_zX2CFAtRfGhVLtwjVIp-sgBo7fScovZbNGTNnOVRRBUfuBh0-PRYhJBY5Lp76dkl4A1Vp09P8RqnQoM1woNTfI-sWRmadNI77W6mhgbF64YJHNSFXNnfQS5l4tGXngsKy_FAiCUKtBm-7zmKST3YNv8gjVQkKgGEc-bq6epJ39eIpw8Rv-Cm_sSc7AbIf84jSrYManqmDEfcrfcPK0pLA13_51VmGafL4B42i4qL8DqcPS4ItSAFa5cwDcH4pb8TABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2B42yRIHYTnql7LZDFeweA%26sig%3DAOD64_1IDDT88AgBX6nkbhKbrF8PUGegbQ%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-BZFOc8VK2sUpmFWlJuWh_ZZfMjJt6r0LICqJEc1neZgi6gVRM90Vp5Q3886sxrX-DlQwTgMGCbCjDpj5e-FfKMJSOKvvxLzXgBT5hT0e_dB_nLqP_1SkcOvPOpX0PsMxEoX0uROT3mkLO_7ZsjXkNeM5dnYQ%26cry%3D1%26dbm_d%3DAKAmf-C45xxJVMle2Y0zXyVO2ObVzdRlv05nLIPEX9neH_lxh36kBdYuQnsocFaze6i-6RZLvPv0sRCTZ30ReOwO0E6oYnWtLDlU6sl4ngbuF6Hkw38AXWx4Cksf73cI9ltIa7rpfgvwsZoN8QTY3W2ngoVt0jwZJEZNnvgRSvuUgar03i83WOyI09RF_3d9w3SMcRWW0jXaN9-jkjoYnesue2JiTnQpgKCsboUbgJaNb10fGrggKDlvScwylh_zdGTx8YWakPcqmy1po13dkEu58CZCHMNtVqbc1ESeNMJJmCQvSHEWMAnA-VI75f2uqeEH-OSDGv7siEAj3px5IKhHTSeYNf02Lbo-fLfQ4qIsPwSb1cFe5hBbnc8QLFpTlpwk0X-mCXi7-WbXxY_A2wQLIR0rw1n2Pb_3ExJs3BhXVKinfraFlaE%26adurl%3D&userId=41947456&networkId=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57c864927d9c581cba66b9e26ee948842cc77e1cf211d13d845f6c6ce0daf7be

Request headers

Referer
https://live-tag.bannersnack.com/banners/bumfrsqem/adtag/embed/25/index.html?t=1607347652&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAa7GWm6UYL-RF9abgQe3_L2ABZP5pdBi8Labp44N8C4QASCtsashYPWVzoHgBKABjM-R3gHIAQmpApnobtlGd7I-qAMBqgTuAU_Qn26a3csvo5Uwz7SUWZOa9fMu92-0D4LguiZtb-J5TW290vwfSotkzuiDkM_zX2CFAtRfGhVLtwjVIp-sgBo7fScovZbNGTNnOVRRBUfuBh0-PRYhJBY5Lp76dkl4A1Vp09P8RqnQoM1woNTfI-sWRmadNI77W6mhgbF64YJHNSFXNnfQS5l4tGXngsKy_FAiCUKtBm-7zmKST3YNv8gjVQkKgGEc-bq6epJ39eIpw8Rv-Cm_sSc7AbIf84jSrYManqmDEfcrfcPK0pLA13_51VmGafL4B42i4qL8DqcPS4ItSAFa5cwDcH4pb8TABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2B42yRIHYTnql7LZDFeweA%26sig%3DAOD64_1IDDT88AgBX6nkbhKbrF8PUGegbQ%26client%3Dca-pub-6365448587002371%26dbm_c%3DAKAmf-BZFOc8VK2sUpmFWlJuWh_ZZfMjJt6r0LICqJEc1neZgi6gVRM90Vp5Q3886sxrX-DlQwTgMGCbCjDpj5e-FfKMJSOKvvxLzXgBT5hT0e_dB_nLqP_1SkcOvPOpX0PsMxEoX0uROT3mkLO_7ZsjXkNeM5dnYQ%26cry%3D1%26dbm_d%3DAKAmf-C45xxJVMle2Y0zXyVO2ObVzdRlv05nLIPEX9neH_lxh36kBdYuQnsocFaze6i-6RZLvPv0sRCTZ30ReOwO0E6oYnWtLDlU6sl4ngbuF6Hkw38AXWx4Cksf73cI9ltIa7rpfgvwsZoN8QTY3W2ngoVt0jwZJEZNnvgRSvuUgar03i83WOyI09RF_3d9w3SMcRWW0jXaN9-jkjoYnesue2JiTnQpgKCsboUbgJaNb10fGrggKDlvScwylh_zdGTx8YWakPcqmy1po13dkEu58CZCHMNtVqbc1ESeNMJJmCQvSHEWMAnA-VI75f2uqeEH-OSDGv7siEAj3px5IKhHTSeYNf02Lbo-fLfQ4qIsPwSb1cFe5hBbnc8QLFpTlpwk0X-mCXi7-WbXxY_A2wQLIR0rw1n2Pb_3ExJs3BhXVKinfraFlaE%26adurl%3D&userId=41947456&networkId=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 13:26:16 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 14:06:43 GMT
server
AmazonS3
age
32756
etag
"a705a07561259f8d533887aa81956c88"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
3708
x-amz-cf-id
M-6jxx2B6zWuCc2t3eZMgw5ZoPtae34E0usqsrxwGIhKN0i8IJtlCA==
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 65E5 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:900
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://live-tag.bannersnack.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 22:35:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:30 GMT
server
sffe
age
172595
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22572
x-xss-protection
0
expires
Wed, 04 May 2022 22:35:36 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 8CE8 		42 B
642 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C3154W26UYKKhC5rl-gaKwID4C9yNmcVix8nkvuINsJAfEAEg0pbmOGD1lc6B4ASgAe3xtdoDyAEFqQKZ6G7ZRneyPuACAKgDAZgEAKoEpAJP0PWFkLZ4hiSwvcK_AJ1VX32oyRHEdxiXNuk1MLcOWxs4PzS4ozhvIyWL6t6BtrdftOklDopYZDCvT7FcQA0Wd4KXmnreni2Qw4N_e81LxGcIYiNo9OUSJW7ZbfSAgmGKVuhq8xDv8_fKRNd7eRKvOGR1rMUHgFvyVs5XtP6qwZptV7Uh_bORRIIbjljswOz30AWCu8D4W9JaoIzclJ5qxFu04FE6-izj2A7394DeS53ABMC3YCFQxOQSNVFV9SZ-buL9rxq0oY1inCDwjCCnRsUuUjbmCXnGeI3S5vXxnFgPOj2dVDf1ywD06o-x9tJHEhiQwEky7XhZx7v4UXCD96xAF1BhHwTxXWSF3WzkggAlTQrnpSB-4Sn9XKgcpT-AlHypwATG-_KHuwPgBAGgBlSAB7C58SmoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIIBwiAYRABGB3yCBthZHgtc3Vic3luLTY1MDg1NzM4NTQwOTg2ODaACgPICwHYEw3QFQHiFgIIAYAXAQ&sigh=fZPmrJobJ8k&cmd=Ch1jYS12aWRlby1wdWItMTkyOTYxNTY5NDM3MzEwMxAAGAI&label=videoplaytime75&ad_mt=14448&acvw=sv%3D894%26cb%3Dj%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D585,516,838,966%26tos%3D14978,0,0,0,0%26mtos%3D14978,14978,14978,14978,14978%26amtos%3D0,0,0,0,0%26mcvt%3D14978%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D14978%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D3607%26pst%3D554%26dur%3D19017%26vmtime%3D14448%26dtos%3D4748%26dtoss%3D4%26dvs%3D4748%26dfvs%3D4748%26dvpt%3D4748%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4748,4748,4748,4748,4748%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1159%26femvt%3D0%26emc%3D76%26emuc%3D0%26emb%3D76,0,0,0,0%26avms%3Dexc%26qi%3D679419909%26psm%3D-2147450881%26psv%3D-2147450881%26psfv%3D-2147450881%26psa%3D0%26ptlt%3D1620340331338%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,14978&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1620340315545&sdkv=h.3.454.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3MzExNDk0NDcxMTIMNTE4MDU1MjUxOTcwQNwCUiAQDyUAAMBBKAE6B3Vua25vd25CB3Vua25vd25I1ARQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 May 2021 22:32:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aq
capi.connatix.com/tr/ Frame D9A3 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/aq?v=116015
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.99.24 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 06 May 2021 22:32:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://start.mybluelight.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.deezer.com
URL
https://api.deezer.com/playlist/5106688248/tracks?limit=100&output=jsonp&callback=jQuery2140509967834300761_1620340313606&_=1620340313607
Domain
images.outbrainimg.com
URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImYxOTNjNzFkYjY0YzdkNzk3NTlhOWIwYjYzNzYwYTY1YTE0YWNmZjM0MWI2Y2FjZWNlM2VkZTE0NWM0YThjMjAiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Domain
images.outbrainimg.com
URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjZhNDA5MmNlOTc1MjRhYzcyY2NjYTVlNzY5NzI5ZGVkMDE4N2Q2NDg3MzA2MWM4NTYxYjYyMWRmZWRmNDczNzgiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Domain
images.outbrainimg.com
URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjhhYmVjMTkwODI1NWRiZjAzY2I5NWUyMDkxYzM1NzFkY2Q1NmJhNGE2OTEwZDEzODkyMzFkODlhMjA2NDNkMTMiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Domain
images.outbrainimg.com
URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjFhODE0YmM4ZGVmNjVjZDFlYzhiN2JiOGE2MjcxOWZjMjRjMGMyZGE0YjYwMDI2ZGM0MDVlZTMxNzkzNTU0MjMiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Domain
images.outbrainimg.com
URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjZhNDA5MmNlOTc1MjRhYzcyY2NjYTVlNzY5NzI5ZGVkMDE4N2Q2NDg3MzA2MWM4NTYxYjYyMWRmZWRmNDczNzgiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Domain
images.outbrainimg.com
URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImYxOTNjNzFkYjY0YzdkNzk3NTlhOWIwYjYzNzYwYTY1YTE0YWNmZjM0MWI2Y2FjZWNlM2VkZTE0NWM0YThjMjAiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Domain
images.outbrainimg.com
URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjhhYmVjMTkwODI1NWRiZjAzY2I5NWUyMDkxYzM1NzFkY2Q1NmJhNGE2OTEwZDEzODkyMzFkODlhMjA2NDNkMTMiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Domain
images.outbrainimg.com
URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImM1ZGU2YzU5ZGJiMGY2ZDM4ZmQwNGYxNGZjODZkOGYwMTY5YWM5MWVjNjczMDRlMTdlYTZmOWVkOGUyODUyNWEiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Domain
images.outbrainimg.com
URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjZhNDA5MmNlOTc1MjRhYzcyY2NjYTVlNzY5NzI5ZGVkMDE4N2Q2NDg3MzA2MWM4NTYxYjYyMWRmZWRmNDczNzgiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Domain
images.outbrainimg.com
URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImM1ZGU2YzU5ZGJiMGY2ZDM4ZmQwNGYxNGZjODZkOGYwMTY5YWM5MWVjNjczMDRlMTdlYTZmOWVkOGUyODUyNWEiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Domain
images.outbrainimg.com
URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjhhYmVjMTkwODI1NWRiZjAzY2I5NWUyMDkxYzM1NzFkY2Q1NmJhNGE2OTEwZDEzODkyMzFkODlhMjA2NDNkMTMiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Domain
images.outbrainimg.com
URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjZhNmIwMmQ1OTNkY2ZlNmRjNmY2Njc3ZmY4MGQyYWJjZWE3MmVmYWY0ZDJiNzkzZjYwOWY0NzlkMDgxNWI0YTUiLCJ3IjoyMjAsImgiOjE4NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Domain
prebid.digitru.st
URL
https://prebid.digitru.st/id/v1
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/gumgum/?puid=e_2ec6d0c9-dee6-42bb-8480-72adfb575022&gdpr=0&gdpr_consent=&us_privacy=
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=42796&in=1

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| MobileDetect function| $ function| jQuery string| userLoggedOn string| brandNameLC string| envDomain boolean| isLoggedIn function| getUnreadEmailCount function| getAbsDimension function| isDivFixed function| pointerPos function| positionTips function| showCustErrors object| spTips function| showTip function| removeStaticHeader function| updateStaticHeader function| setStaticHeader function| staticHeader string| href string| loc boolean| iseyeblaster boolean| ispopup object| last_popup boolean| bShownOverlay function| getCookie function| getCookieValue function| getCookieDomain function| setCookieValue function| setHostCookie function| areCookiesEnabled function| getURLValue function| isEmpty function| setfocus function| popup function| popnoscroll function| PopUp function| popunder function| image function| popLayer function| rights object| errImg function| myErrorHandler function| logPageViewData function| eow_login function| eow_overlay_check function| getPageSize function| callback function| set_domain_cookie function| run function| set_untd_cookie function| exec function| send_http_request function| pause object| BandwidthChecker string| CONNECTION_TYPE_COOKIE_NAME number| EXPIRATION_INTERVAL string| COOKIE_PATH string| destination_url string| cookie_domain number| _throughput string| _connection_type boolean| _semaphoreCT boolean| _semaphoreRDB number| count function| onlyCaptcha function| validateUserId function| logonValidate function| setTakeATourCookie function| setDontShowCookie function| setKeepMeSignin function| setToolTipShown function| getPhoneNumber function| userConsentForAdsCookie function| showUserConsentOverlay string| scheme string| webmailServer string| myServer string| contentServer string| feedServer string| capid string| pname boolean| isDialupFlag function| logout object| ourDate number| beginTime object| ctcookie number| randid object| trkImg string| url number| toph function| callAjax function| getWeatherInfo function| json_weathercallback function| getPhrase undefined| jsoncallback function| getCarouselFeedLink function| getImageFeedLink string| topSearchKeywords function| topSearches number| endTime string| p string| CONNECTION_TYPE_BROADBAND string| CONNECTION_TYPE_DIALUP string| CONNECTION_TYPE_UNKNOWN number| CONNECTION_SPEED_THRESHOLD number| screenHeight string| accelUser string| memberNumber object| CT object| __asInfo function| getAsPageName function| getPosList object| imgObj string| GoogleAnalyticsObject function| ga function| sendTracking object| jQuery112302609550595662353 object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| city_Name string| state_Name string| weatherIcon object| __as function| __uspapi object| ats object| apntag object| googletag number| nearestNumber number| elapsedTime number| sizeInKBits number| kbps string| cType object| ggeac object| google_js_reporting_queue object| criteo_pubtag object| criteo_pubtag_106 object| Criteo object| Criteo_106 boolean| apstagLOADED object| apstag object| sovrn function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| _33Across object| cnx_usr_storage object| _tynt_jp number| hc number| _tynt_gpt_iframe_id object| _tynt_fixed_offset_parent object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins number| google_global_correlator object| closure_lm_814396 object| ampInaboxIframes object| ampInaboxPendingMessages object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager string| currentTagSRC object| GoogleGcLKhOms object| google_image_requests function| cnxAddEventListener

15 Cookies

Domain/Path Name / Value
.taboola.com/ Name: t_gid
Value: 4bf6dfe7-8304-4a92-b383-5051e3339845-tuct78df3e0
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrIwUbIyNDMyNDWxtDQ01lGyMEXlm5qh8g0NUPkmxsj8WgCbkRBY
.lijit.com/ Name: _ljtrtb_56
Value: RX-59e2dcb9-394c-41f9-acb5-fe82b55d215d-003
.doubleclick.net/ Name: IDE
Value: AHWqTUmCbz2BOiMh3EY3LIZw-Al1aNQ0XPQJSaEcBXU1eOEV1GprgbkFKhSLVqEMjZA
.lijit.com/ Name: ljt_reader
Value: 75dceddf9fb94857879a4914
.pubmatic.com/ Name: SPugT
Value: 1620340321
.lijit.com/ Name: _ljtrtb_10
Value: 1871878969834174420
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3D16A8B2-6B0E-42C7-B409-977568EE93CF
.pubmatic.com/ Name: PugT
Value: 1620340321
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&16736-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23019-uid:f34d6094-6e61-4400-b50c-3f9391941115&KRTB&23114-uid:f34d6094-6e61-4400-b50c-3f9391941115
.rubiconproject.com/ Name: khaos
Value: KODGSI2V-1S-AOYY
.rubiconproject.com/ Name: audit
Value: 1|xgBM5lU22n9DJRLo+7YlFVU/Xans9JLwm9EFl7noO6PUO011+CdIngwPAQ92h1Vxfbh4RfKdJ50wHTRO1/p4iOjzaPPEMpu/gAvqt9yXqoBh0mYo3IaOqYddAQvmsR8P6glTSr/VUG97zt8Q/D4mbxtLohvcKqYe8Bwe+VL5/WsuQRjXJ6pIhA==
.lijit.com/ Name: ljtrtb
Value: eJwVy9EKgjAUgOF32XWDs52dudOdmiEoYVIg3YRuGhFhYdBF9O6t6%2F%2F7P4KsWIu2k8SjDn5giWy8NGpi2fuB5DQ6PRAFrShIABQr4Uxc%2FNoEZWFyAdgyWkqo1yZScB6VJ%2BK%2FpCjTNHtxkWTVDtJ0Uyw0n%2B79JVaDsUKz3Y8hv3XloWZlFny2RcU1Hkus3Xt%2BgO2ac3LNxfcHoass2g%3D%3D
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_1074
Value: 22956-e_2ec6d0c9-dee6-42bb-8480-72adfb575022

4 Console Messages

Source Level URL
Text
console-api info URL: https://acdn.adnxs.com/ast/ast.js(Line 1)
Message:
AST library loaded: 0.37.1
console-api info URL: https://acdn.adnxs.com/ast/ast.js(Line 1)
Message:
AST library loaded: 0.37.1
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://start.mybluelight.com/start/sp.do?cf=EOW
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://start.mybluelight.com/start/sp.do?cf=EOW

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
a.rfihub.com
a.tribalfusion.com
a9da6642da90908de4f1cdce1b3b3aae.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
ads.yahoo.com
adservice.google.ch
adservice.google.com
amazon-tam-match.dotomi.com
aorta.clickagy.com
ap.lijit.com
api.deezer.com
api.rlcdn.com
assets-jpcust.jwpsrv.com
aud.pubmatic.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c.eu1.dyntrk.com
c1.adform.net
c2shb.ssp.yahoo.com
capi.connatix.com
cd.connatix.com
cdn-sic.33across.com
cdn.ampproject.org
cdn.jwplayer.com
cdn.tynt.com
cds.connatix.com
ce.lijit.com
clarium.global.ssl.fastly.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
content.uolstatic.com
contextual.media.net
creativecdn.com
cs.chocolateplatform.com
cs.emxdgt.com
csi.gstatic.com
csync.loopme.me
d.turn.com
d5p.de17a.com
data.adsrvr.org
dc71fd501c84c295ee443e136c9ec39e.safeframe.googlesyndication.com
de.tynt.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.adkernel.com
dsum-sec.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
event.clientgear.com
f.hubspotusercontent00.net
fastlane.rubiconproject.com
feed.untd.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
google-sync.rutarget.ru
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
imasdk.googleapis.com
img.connatix.com
live-tag.bannersnack.com
loadm.exelator.com
log.outbrainimg.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
mcdp-chidc2.outbrain.com
mwzeom.zeotap.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
p.rfihub.com
pagead2.googlesyndication.com
partners.tremorhub.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.digitru.st
prod.perf-serving.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.turn.com
r1---sn-1gieen7e.googlevideo.com
r2---sn-4g5ednld.googlevideo.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s.youtube.com
s0.2mdn.net
sb.scorecardresearch.com
sc.tynt.com
secure.adnxs.com
securepubads.g.doubleclick.net
sic.33across.com
simage2.pubmatic.com
simage4.pubmatic.com
sm.rtb.mts.ru
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssp.adriver.ru
ssum-sec.casalemedia.com
start.mybluelight.com
static.criteo.net
static.traversedlp.com
static.uolcontent.com
stats-api.bannersnack.com
stats.bannersnack.com
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
tcheck.outbrainimg.com
tech.rtb.mts.ru
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
track.mybluelight.com
track.untd.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
uol-d.openx.net
ups.analytics.yahoo.com
us-u.openx.net
vid.connatix.com
visitor.fiftyt.com
web.hb.ad.cpe.dotomi.com
webmail.netzero.net
webmaila.mybluelight.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagservices.com
x.bidswitch.net
yummy.consumable.com
api.deezer.com
b1sync.zemanta.com
images.outbrainimg.com
p.rfihub.com
prebid.digitru.st
rtb.mfadsrvr.com
ssc-cms.33across.com
104.111.230.142
104.111.242.245
104.16.39.14
104.16.88.26
13.225.74.107
142.250.186.162
143.204.98.66
150.136.26.45
151.101.1.194
151.101.114.137
151.101.114.49
151.101.13.108
151.101.13.44
151.101.14.132
151.101.14.137
154.59.122.79
159.253.128.188
159.65.196.12
162.55.6.210
169.197.150.7
172.105.232.22
172.217.23.98
174.137.133.49
178.162.133.149
178.250.0.163
178.250.2.131
18.159.187.109
18.195.155.181
18.204.252.247
185.184.8.30
185.29.135.234
185.33.221.14
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.80
185.86.137.122
185.86.137.132
188.165.137.78
193.0.160.129
198.148.27.139
2.18.232.28
2.18.233.180
2.18.234.190
2.18.234.21
2.18.235.93
2.21.111.28
2001:4860:4802:32::3
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
202.241.208.55
208.100.17.187
208.100.17.190
213.155.156.181
213.19.147.45
213.19.162.61
213.87.44.207
216.52.2.30
216.52.2.39
216.58.212.162
217.66.147.169
2600:1f18:612b:4264:b4a0:a8db:4a1b:4b37
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
2600:9000:2104:c600:1:a3fa:7cc0:93a1
2606:4700:10::6816:1857
2606:4700:10::6816:1957
2606:4700:3039::6815:c03b
2606:4700::6810:c172
2606:4700::6812:d05
2620:116:800d:21:f916:5049:f87f:108e
2620:119:50e3:101::6cae:b45
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:5d::7
2a00:1450:4001:800::2002
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2006
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:812::2016
2a00:1450:4001:813::2001
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a00:1450:400a:8::6
2a00:1450:400c:c07::71
2a02:2638:1::13
2a02:2638:1::3
2a02:fa8:8806:13::1400
2a02:fa8:8806:13::1460
2a04:4e42:1b::626
3.124.33.142
3.126.56.137
3.127.166.11
3.21.99.24
34.120.133.55
34.196.207.72
34.205.3.24
34.254.122.11
34.96.105.8
34.98.107.212
35.156.217.79
35.157.246.167
35.186.193.173
35.201.96.126
35.212.101.174
35.227.248.159
35.244.159.8
35.244.174.68
37.157.6.252
38.27.122.126
47.252.78.131
50.31.142.31
51.178.20.139
51.222.80.231
52.18.91.199
52.208.69.189
52.21.173.249
52.4.51.239
52.45.248.59
52.48.137.92
52.49.40.147
52.58.146.86
52.95.124.165
54.78.254.47
62.113.194.12
64.136.44.17
64.136.44.49
64.136.45.33
64.136.53.30
64.136.53.44
64.136.53.59
64.136.53.83
64.202.112.63
65.9.73.3
65.9.73.58
65.9.73.74
65.9.73.79
65.9.86.127
66.155.71.149
67.202.110.24
69.173.144.138
69.173.144.165
72.21.206.140
72.251.241.196
76.223.111.131
77.243.60.138
8.43.72.97
80.64.106.148
81.222.128.216
85.114.159.118
0123e9bc7a53fbeca38312713282fe939bc22a8baeb449a3217ac2c37d85df62
01a6bfadd0b3f21d224ec036d91b69e64fb17dd5f30c6e374986809e965509c9
02c26b6ef5d8f82cd0876a49ef25a6946bdb56d39db132c5e2913dc5a77a7f9c
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08e7af151e5e199c955ba59ab95b00bbbc34a2ff9a5b1ffc649cb05b5b43871b
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0a5a9579fb139ab98ecdafe7258605745508de23ce307ff22b0151e82eb37c6e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd525a199ef705111c4f54be61caa037e880afeae01776567d87b0bda08d0dc
0bd6d21ff95b42fa7bb0132bce824ea7dd68f7743c9526b64389b06a172f758a
0d7606a48d4c12cc2d0ef09401ec46db53d8424be1d0805534d7712441dbef20
0e4c1bd42e97617bc7f374a7694f589744bb36d8f5aadddb3cdd0bc5aa37a539
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
118a6ae711bf7dd4fb1ccab36fb393455c65c1731cc2f891c180b29227d176d7
11c74aed50911d54c04455fe1d9c04f42c5f6cf438a94976f890f25f2a59f699
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12e71bc2c0146f162f4576466a6afe965f56e6226ae2cacd0e9e5195d0cdf4f4
14444e67faad8282ef044b591f9341b5275450dcf94ad3cbaa12e14303a8ac05
1680cef5511941e32a03b76fd612b97220908c5c774f163d7908ca145c062b25
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18c517ee8646c295ecee64db1300fbc76648c6e8f39459cd4deace234b26a27f
1b2c34342ddaf03ab00f9251888556ff0b026d22094cdb0c40527f2c47ee746b
1bc13a75564c6146f9ecde68e8ce49a345d225fdf663c8486dad373e06d5fcd8
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
1c33abaf9f5aa6a3183ce6f7c76cfb0820e2cdc1098c7845dec0214fbd2342e0
1dac9d0bbfe49d364e499947b6031879b9a58b62a17667c66d318bcad98de1be
1db969871c252b37b3b7e5e5e37289a810a1c50cde47c2baf91239acb35f7fd4
1de0329efc2318d33d0465562faa725975a514327d7c5e01b23e45d9501cb494
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
21010503bd5a4dc8a583e1cad55900988baf2078eac48f47f2fc2bd309a8369d
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
226ec1329e62a38391ba1a0ac74149638bef28a4b719c7ed3a8aa0da6cd71953
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
24542722400062f6587a69daec97eec648ccef60bae33f4de35a07ea6e0cb07d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2779960fddcd6bae4547affd9d4eac6d557ae7e2e3a756afb8b46f21a6a00133
293a55ecf8395b41ce9f3520d72cfc943bf09807aac64595855a8a380f76f19e
296e700243c64d5219a26e409e45646f0ec82eee4e87c83c973b5c8ff2ec29cd
2b010f07350ac14e9ec84110aae837135b707f050f8fdcbfe70e60e690704662
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e4b9cd929a11b17e0e60bd59847ed9415873288642b2954a726ade34a75e2eb
2e78ffdd3c17b33f4c5393f6dc5a7871f975325c75b9c9aa9e1f965dd33dbd25
30232afad469007331a231fc6c57b5af5ab3021cb3c2099310dd1e3c98c3eaa6
30654defc778040ccd8fae70f843909f7949b50f367edf1feab456f7d5e52b77
30b250c89aa882cdf15a274e8e754f9b1f8106191180cfa81cd3c0d005f4cca7
31cc8bec04e7785b9ec1b885fc80298d22913e91f6675e91caaf0b9bc66de507
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33447b1fc76cec3cba308358ce3b18ba6d20cc051429123d085aedeff6d6ef1e
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
35233737150ccafa09688c70fb8319ce78bf20c53524b536bd1d46c639c1a4e1
35d54aea0904a49c26427aa821f53f9d5c5297a5b9455ab526164f48f836d4d3
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36ccdaf06e49eeb09afa15b1562bbe513dbc7fb4fba5046cea08c9d36e65bff2
36e801960d2570c3570d1efdef631b93f48a7692daf0c7b4543f2fbbc86fe94a
3822b9dbd21db190c087148b8e8ccc9961054a4941c9eb11637c64ece99139d8
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3ccf3ad0ae317d94ded082b5053c9a9f2cd2df63960978777a0c27e53e314afd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f7af8a28d0e50d683729a8060c5bc5bfe416b589a68d34c19f19ff31a98b261
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4146cb33b13cbf63e7955f6a726ee15e584d1e64e13967910c77e8520376cc71
4231df8fb4004a36075df72d7ab5978e4505c535071e34f37b82eadadcdd536d
42e5fc7bef62c7e8bec2c699e6d48cb9ba52e2de0bf92d23648b27a1cb8f57a5
4515efa506e7eef88a2a03193a1d8524618b56886d9929ccf3029b7685688a89
459409c580090cce4725084cab76a0314405ad2ebac07868fb1581e69fcc8230
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
4848007d24b12b03e2fb92095133138ad19fc228f786e27258b39e0e6f3f7cee
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49634a980a79d0a176f84f72f1c874904624ad90bb531df5586541a516018650
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c
4def9488fbd893619efff7718077c8521d0c9530c9256e8579db40338cafd823
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f65c38ed3681b49cf4f86c0e1fcd4143fa78015121b20e69e11c1c422dd0bfa
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5071917eca43e25495e51915afc517a05ef1a07bf1d62be4fee5ba91449c5599
51e693464802def15c11c473adf9e56ad2d9e48ae0080f01970967a79f96d5c7
530a7ec85c99a87c16767bea53210c18c3ec6c45449c931931276271d5b58bbc
5318e840176e55b911ac8b7e854b9d597cc41edd46e85b862e0262269ac16bf6
53e22408f0b5477c711dce11f452d5850c6f13b0d3cc46a916ac6da8453e84d8
548698a86d8383297555d927d88a52db704d64f53deaaac3c6bb6c5ff4a28903
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
551b935a77c004908939b75f18bad914aeb49d0d66eff7708c6dfce8586ba34e
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
55ec182ca829ac1d563ae550d998c3897adaf7796039ad04c05d651f959eb530
57c864927d9c581cba66b9e26ee948842cc77e1cf211d13d845f6c6ce0daf7be
57f11b2992a94d65f5b588f416b1af3161954bc2503941c09ec42c26de4e9d19
58471a2ef554df8a455cd050e725a2e3b6507ebc81e5e64eda08692d21f7c457
59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070
59b3db4b0458583d71e103e1f29b25d7bab634df12a0f31e5f1096a93ef5668a
5b39e6bc8c914a4c1a02fb556f0c84e2b4baa4d45c04a00039e4548da480574d
5b796c9a64100ed8fa396c46f1aa202af78bada81dabb8f9a52a8e23d6a3aca3
5c3a10c31c4c834647d34f017301ebd19dd29d6ec366169236d7de4e4a596a91
5efe0ae4bed58db3f3d879e1ee19e2cefbd95795fc1b8d6fa4cdfd19382b275b
5fdaa349d7c6604c4b5215c9335cf142c3d4e5c43b737b20876d5e82bb3f6a04
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
621c104d4e3f1de7d5244e3c8fd4509d59716d2dd53b8fe8306a074edaa0bdbe
62c51fbde161d009953daecb2e19983d2ac158ccfa64aad24bcab6ba1db46c4e
63aa2fbb8b33647f08118e73651eb17f48dbc2d6da58d7868013d3ef083d5904
65fb4af05f44d6853cd36e4c88ec6b4f449784a85205609e7543537f0bca361c
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
683927ce48904f371f977c1240e074816187cbb6f96d66525a39f26230b7254c
68ceee2bd53966ab642387037a12e55ac2315bf1dd353005b33c54f5ef0a4256
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ba6cfb901156845a6d571c65a55728e59509155f4c05f49a9fc42c2682ee367
6cb4884d70212e14ae7395c4181769f6f19ce89d10055b513f766a655bc5e1f2
6e42eb7f22d641ef8a61e4eb669df3370ecd74dc0c9c4865841f57037c508659
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
70deb9da89eb540d2fa684a9306a1bbceb600fb6e4d83bb348b8d4387fb53efa
711e6895c1e81a4ba7a3ea582360a538c178a49be8472c5119f50345ea597ea7
712e522aa363e7e1e24d3b5637d39d93977c1a7536408f856fe52996a43e1ab5
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3
724430b3648c7ae68f5208e22c67a56b632f6299c4c25ad457f8424fb4e911ac
72cd1c0961c5e83168f998c70150c39d60a5113be957be004cad03ada6539fee
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
744dd8e2599d64ffca3f986dc0eec9b06a30d937b7eb36aaa2ab42aca5feb383
76f2dfb68489d6baf38601ad7f69d22374b530370bff89ed6ad60faa2890f5b5
7729a1e838d2bd0839f9d367d81d24116b8b99e1bef09c094afddf445f01f34d
783b19ce6e3caa738691d51adf23d6280c4046739a34a6e8cc4c16ec985a6c21
7afda841e3abde56b0cfda49f53150ce15d814cb8bf949d3a2fd170c45efe48e
7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fed343e409c8fed4497bf726aba31f49710aa088b534acd821f188f7bcefb48
80cb8b77c2e22b243800225d70f207fef4900b9bb61a7847769d099bfe82a23c
8271f85ade371e892640ee4a692554c83298cdb194dd358b62b2ba94dbe0a071
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
854bce7721bca315b8f6b096a0ffec2498ea7fa2e096fb9d8920f18a327a01bc
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
86f84762dbc511e4c949982921c7a7e649036d9a942392a28881e8dab17e6b5d
8713322a5eaef2c29558258a138a0be0d24c0badeaba46f8cec8419b2e486440
873836fba496d5a674f96960ae28c14f052d5bd15919b93c00d3cb0643033e7a
8786ea05fcdb361c9f5bf875ad59965c141a27fcc7b99c6462a76ab35180dc5e
89d8b796a471df6e63ffe88be81dfaf656ecbb57a2ac802d604f697c06b20da8
8ad3241e0660687718c6c548ba357ec4ecd8791d43bb3e11d4ffd18c94007a3a
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e3ea8af93fabac9410d8ef45f25162c360e4f3be26b7cc304dc4000ce3cd733
8ec2aa4cf59bc0c7f0e39c7b2ef1c982f040478c9d3c3cbb9f6bf3e510831c87
8eec042900d799bfe65a2455927946f3bcdc6c2282b4a4e7ba749c95ec579770
8f479d5fcbf0dfe9d2c861288bae3467b3063bde2a767ba2da6ef4de0c14b76c
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
909701f338c95b37e912e5a5c7b87d7ea9c253b893a464352c8fbaba236e4f92
90cb6519104e8399a6e7feea9f3b825afc73c87eb9017581da07bef4c584f8ee
91881ad7d4097fba9b028ed7a8802f47fafc80481b7672edfa33ad5977c3bf3b
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
9365d1378568455d4ceacb9d6ca1699bb3318d564d46ba2f9d2acf683ab35440
943143268deefecc556f378eea4ab1f0a6c576da0d776310d8068b1954b763f7
944caf7dcb1b06f433f1dfca88ef55d52546ca2f99ebf5027890957fb1d325b7
95557e4b4b2aa0101cbf163cf32b97fd663b0b10db5e52f66a50d653725d4be1
972335fd3c0870bc4b15685e71260f07d959d779d302a0869145bf446892ea26
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cd58fce5ff7afd625c8e887719242e31afdc0bbfd418eb34d1eb8c9789b84a4
9e3b9ecf3258afd899081e6cf645e09ae51a031aeac11a0d0f59ea3b5ff8595b
9e915db7e7b939baa2f601d36b96b2638ece7d9b703fa1bc1bbe893f36dddc25
9ff75b07b679b038da08955f58b2c32940a82005f22d4f7138259dfe9fe80635
a048a9a193caa54661781d13db545442912a1ac76492acb4a4b2e936ef5810b4
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0bbe5990274f939f4e90f0bd0da003e6485edd3e553c3120e085e89931f9f0f
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1e4d181fe3c347b68134636dd500d294e60dbe66357a83bfa32c78a957cd34d
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2be4d1e700eaf4328549b773d1f9c6345dfafd916614b47c4a9ed40d28bd023
a30a4a350b665415cb951d678d4d3d24afbe2dce719abf4e7b97128ba03cfdb3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a628979bbae350718233d3a7bca320732305a1b56187a2d61ef43510de5c4825
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8ef3ac7657f304a7f6ecd13213289a1014a2e6421224c9c20d98b3f2867f47c
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
b0ac6a3c5c74f465fc9821d312afa62b12e87983e4264db699d35311ccbcd601
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1612dc8c7b4a366340bfbd1f7dc21759ba0ed8b9912add21238468ce19665b1
b2b279ece006b0e9d263bf7bed8f9c0a1435738db4dff2c57e13d1efe98900a9
b3587f3fd7ba020037a928372ed6080f0f36fd5aab5300811e5eca31d5a74d81
b3c95078f581f7252c3894266c07132443db49466b78642faca28f18e8614f8b
b583ac1a3d3916bbb7be40021cac162fe65f3ad9dddc93317a4e0d0000ef0b2d
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b83531b52ab388ca2e41c92b3e5916127ed04b6286cbe1192c802640beeb078a
b91f676bed98332eb3f886d320446ddc68d2872d9af542a1ffaec182cf90ef77
b9517f28fb51171cbcace1fbc240edbaa95a935aa6eede6379f6d1d0057e8857
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb5ff41b830d18a69aa2fad2570ff9c34130430d3d8d7e183567c253e22aae8d
bec558803cf18dc8e707f1c98a5d6903988dd250ae909ec27b37bdd2114a16d6
befecbb3ee2737f4ce352fabb9721cc083002ddb875ff63fb787113421a41deb
bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63
c134a62536fcfbd3017774119bbcbd5365432911d8763e43e9583cef68768d05
c1fc732fb5f1253f540711777e5fb90703a1a6ea1520ec27eedab51361744e38
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c23ebfdfbad6823ba4002465ad8d0dfbfbabb09e93f4084cd971896386660c74
c2857dfa0c52ff3b5dd84b6af375e6cf15964972b26f9b7c015a5b4fda085ce9
c2e6d9bb16c312f695a12201f9002cf231ffa3f49445cb0bb629bfbcef5695e4
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c668b0c96accf4a56efc53a4a81fd926e98826c0f2babfc7a6debbd1468c71df
c76775dea2af7bbf373076de2864a319e917e18d219923ddcf1125777af28878
c78c0b34dd7efde9294129cabaac1cf502f9d99a097e7706eb7120c48e42b677
c8dd6eab03b23e069d9086f9a17f8bd6f53f373fe18278ac9a60b88dd8af9a25
c9c58e2aea98de3196b45cfbed9c7b2e91b5384ed6d64f86d35be8c4ba73bccb
cc36ae6b63777193d07a34c3c3e192a3302ce00a8a2e35efc871ddfa1a6d2b55
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd43e2ff94fccb39f756a6a4e87eeec4a2be6f40ce297fb8e122ac87d72a0355
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf8bea8a81da7dade0056dae24e1ba506930812f1248364c445be02f8f43483c
cf9e1feca5d1df9a85b3647d8f55978c11cf9461cc74a1e505b87bead2645bd9
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d26038195ab27931c1d7b7ea8c9b2d893624a9d028e688116f0328f5d691ad89
d46049fef836e911d6bc24de9faefb4aaf51904ff500a988926a3af531ad4634
d565ea94d0c69827276438316106be3fb0291cf2a30211634b99adb27bded566
d762c0ab92d46134c186e1a5c1c21ed4484836560ad255af4d3937c30dc983e7
d848b8739fca8cb05a91f34fa152719ad035b7a7caf7ffe45953d447e8818495
dadb0fbe548c7f93abe6c3b34ea76492273060c55e5f0799f7a98d0a2d40469b
db19328dc1a4880732e831fe19e72a132b989ba777d221521d766e93172c1376
db823713172af39a01c2a7c3dc3d5bea1d41acf9b5f001ce28420293e548a331
e15a93834f6ff26c0d7f39445fbd3220ddcb5643e6fcc78df0cd9ce4953c52e2
e2c32e5f25f6c2c7f79bf963ede635d2d1d420d58f23413c68a419e3de9db05d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f5bcb7f8edef1979e6de5a327ed393f167230dba2f40c71b4f6a4e6507ea60
e790f51c3078bfd9d2a92640d3e884b00206e6aa932f12ffed16f01eeb0bcb54
e7d49cca61290be8f37223db523fef0f0b39fc9f894f75143c8784077fde395d
e7d9862600738e86e113c8b52c9b52cefe413cdc8d7178c48acd3c5cce9ca4f6
e89e112dabd3964ab457435f97cc6f90d4f93dd0eb2f3d519f783a538370d590
e9c692bd0c30a7bbc17154b2be4e32f407c11db5098a9a4a02ff148dc4754eed
ea4adc7bca7ea4343c5a9c3d146970155a149f41fc70f47cf0977860d76e9d85
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c022aff023cba27a95c593e440595dfb6f16413a18483866e74a56e2563db5
f237dbce70a08310ddb180c0d0ea077e07d6b9efd19d9c990aa174be0a569343
f2e3d7f89251325b4d8918d46a2d569fd3340df1ce6d453c43459d6e54818bd7
f4236591748038ce6b9c43827bd8f862c51aa550525d6c5fd2443a0c89234766
f6d17e9013bae788509b25803c0e1d09c13bcd6ee62fbed2c76a1de08ec0c0c3
f849286e80a1fc9cee783eb24520b0d27e7086cf3a96d5071f249e49e4da015b
f8a504a4dd65ff18b978b7bfb1d43a60dc8b17c09ed5429ff54decfa45a52d46
fa21121e62cdbfb40b4c81f67428faeea8ed0d9af4943f285019645c9fd90f85
fac315f36acbafe16ba7f6700cb28dd13be5b5624176cc2a5b40a61db63f0cd5
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fcfa6aee5d982d83a5f5cdec3c3a0783b23b45cd665658935d2cea33317aef67
fd34ec8ffdb9c1ff366bfff307840b945bf3df04ae324fc8a25af4c47bbae918
fda66347f754500639a66bd23e4bb776ff697494961e6c6c369a7354fdba137a
fdac25284d6e12e8ad48ca8d9d2c8fc9b59682bc14c169bd702efb5b548e21f9
fe4cf4be31252f80b04b22bbddb86819cc2f18998e059fd11597f431807b708d
ffdbea2a5a9959ea5f9809139a0178c725fa9474a88f1cfe10f702bdb35c3cc0