blip.fm Open in urlscan Pro
54.163.233.121 Public Scan

URL:
https://blip.fm/bridgecase3
Submission: On June 18 via manual (June 18th 2021, 12:28:35 pm UTC) from US

Summary HTTP 192 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 55 IPs in 7 countries across 50 domains to perform 192 HTTP transactions. The main IP is 54.163.233.121, located in United States and belongs to AMAZON-AES, US. The main domain is blip.fm.
TLS certificate: Issued by R3 on June 1st 2021. Valid for: 3 months.

This is the only time blip.fm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	54.163.233.121 54.163.233.121	14618 (AMAZON-AES) (AMAZON-AES)
7	13.32.11.130 13.32.11.130	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:62:... 2a04:4e42:62::760	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.219.96.56 52.219.96.56	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:7::... 2606:4700:7::a29f:9804	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
3	13.32.5.125 13.32.5.125	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:210... 2600:9000:2104:ba00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 16	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:5... 2600:1901:0:524d::	15169 (GOOGLE) (GOOGLE)
18	2600:1901:1:c... 2600:1901:1:c36::	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
5 20	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 2	184.31.88.106 184.31.88.106	16625 (AKAMAI-AS) (AKAMAI-AS)
5	144.76.238.55 144.76.238.55	24940 (HETZNER-AS) (HETZNER-AS)
1 5	138.201.63.150 138.201.63.150	24940 (HETZNER-AS) (HETZNER-AS)
1 5	138.201.64.38 138.201.64.38	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
6	46.236.13.147 46.236.13.147	24931 (DEDIPOWER) (DEDIPOWER)
2 4	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
1	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
1 1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 1	65.9.77.72 65.9.77.72	16509 (AMAZON-02) (AMAZON-02)
2 2	18.197.99.6 18.197.99.6	16509 (AMAZON-02) (AMAZON-02)
3 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	216.52.2.19 216.52.2.19	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
1	88.99.65.215 88.99.65.215	24940 (HETZNER-AS) (HETZNER-AS)
1	65.9.77.81 65.9.77.81	16509 (AMAZON-02) (AMAZON-02)
2	81.29.72.47 81.29.72.47	24931 (DEDIPOWER) (DEDIPOWER)
4	54.73.127.151 54.73.127.151	16509 (AMAZON-02) (AMAZON-02)
1	99.86.242.87 99.86.242.87	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:800::2013	15169 (GOOGLE) (GOOGLE)
192	55

19 54.163.233.121 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-233-121.compute-1.amazonaws.com

blip.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.32.11.130 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-11-130.vie50.r.cloudfront.net

d1uswytv6491xe.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:62::760 (United States)

ASN54113 (FASTLY, US)

sdk.scdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.219.96.56 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com

empowerlocal-plugin-js.s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:7::a29f:9804 (United States)

ASN13335 (CLOUDFLARENET, US)

miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.5.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-5-125.vie50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2104:ba00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:524d:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

apresolve.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:1901:1:c36:: (United States)

ASN15169 (GOOGLE, US)

api.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.186.162 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.53 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.31.88.106 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-88-106.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 144.76.238.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.150 (Lingenfeld, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

hal90008.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.64.38 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

hal900011.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.77.72 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.99.6 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-99-6.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.44 (United Kingdom) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.65.215 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.215.65.99.88.clients.your-server.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.77.81 (United States)

ASN16509 (AMAZON-02, US)

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.29.72.47 (Croydon, United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net

diapi.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.73.127.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.242.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-242-87.vie50.r.cloudfront.net

analytics-wg.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

w-it.m-t.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	doubleclick.net 8 redirects stats.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net 5994599.fls.doubleclick.net	217 KB
28	googlesyndication.com 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	123 KB
19	spotify.com apresolve.spotify.com api.spotify.com	2 KB
19	blip.fm blip.fm	709 KB
15	redintelligence.net 2 redirects hal9000.redintelligence.net hal90008.redintelligence.net hal900011.redintelligence.net	67 KB
10	youtube.com www.youtube.com	684 KB
8	webgains.com track.webgains.com diapi.webgains.com	30 KB
7	cloudfront.net d1uswytv6491xe.cloudfront.net	18 KB
6	webgains.io analytics.webgains.io api.webgains.io analytics-wg.webgains.io	105 KB
5	google.com adservice.google.com www.google.com	1 KB
4	openx.net 3 redirects us-u.openx.net rtb.openx.net	1 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
4	googletagservices.com www.googletagservices.com	123 KB
3	m-t.io w-it.m-t.io	490 B
3	yahoo.com 3 redirects ups.analytics.yahoo.com	3 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	37 KB
3	amazon-adsystem.com c.amazon-adsystem.com	36 KB
3	google-analytics.com 1 redirects ssl.google-analytics.com www.google-analytics.com	37 KB
3	quantserve.com secure.quantserve.com pixel.quantserve.com	10 KB
3	scdn.co sdk.scdn.co	120 KB
3	googleapis.com ajax.googleapis.com fonts.googleapis.com	32 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com	938 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	teads.tv 1 redirects sync.teads.tv	414 B
2	jsdelivr.net cdn.jsdelivr.net	311 KB
2	quantcount.com rules.quantcount.com	874 B
2	amazonaws.com empowerlocal-plugin-js.s3.us-east-2.amazonaws.com	13 KB
1	contentspread.net cdn.contentspread.net	45 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	582 B
1	1rx.io 1 redirects sync.1rx.io	697 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	457 B
1	travelaudience.com 1 redirects ads.travelaudience.com	612 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com	480 B
1	2mdn.net s0.2mdn.net	413 B
1	smaato.net 1 redirects s.ad.smaato.net	428 B
1	blismedia.com tr.blismedia.com	136 B
1	googletagmanager.com www.googletagmanager.com	32 KB
1	awin1.com www.awin1.com	702 B
1	office-partner.de adv.office-partner.de	1 KB
1	google.de adservice.google.de	853 B
1	addthisedge.com v1.addthisedge.com	325 B
1	moatads.com z.moatads.com	1 KB
1	addthis.com s7.addthis.com	114 KB
1	ampproject.org cdn.ampproject.org	21 KB
1	medium.com miro.medium.com	36 KB
1	cloudflare.com cdnjs.cloudflare.com	13 KB
0	netmng.com Failed google2waycm.netmng.com Failed
192	50

	Domain	Requested by
20	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
19	blip.fm	blip.fm
18	api.spotify.com	sdk.scdn.co
15	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	tpc.googlesyndication.com	7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net tpc.googlesyndication.com
10	www.youtube.com	blip.fm www.youtube.com
7	d1uswytv6491xe.cloudfront.net	blip.fm
6	track.webgains.com	blip.fm 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com analytics.webgains.io
6	googleads.g.doubleclick.net	1 redirects www.youtube.com 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com blip.fm
5	hal900011.redintelligence.net	1 redirects 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com hal900011.redintelligence.net
5	hal90008.redintelligence.net	1 redirects 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com hal90008.redintelligence.net
5	hal9000.redintelligence.net	7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com hal90008.redintelligence.net
4	api.webgains.io	analytics.webgains.io
4	5994599.fls.doubleclick.net	2 redirects blip.fm
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	empowerlocal-plugin-js.s3.us-east-2.amazonaws.com securepubads.g.doubleclick.net 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
3	w-it.m-t.io	analytics-wg.webgains.io
3	ups.analytics.yahoo.com	3 redirects
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	adservice.google.com	securepubads.g.doubleclick.net 5994599.fls.doubleclick.net
3	c.amazon-adsystem.com	empowerlocal-plugin-js.s3.us-east-2.amazonaws.com c.amazon-adsystem.com
3	sdk.scdn.co	blip.fm sdk.scdn.co
2	diapi.webgains.com	track.webgains.com
2	ap.lijit.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	pixel.advertising.com	2 redirects
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	www.google.com	7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com tpc.googlesyndication.com
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	cdn.jsdelivr.net	empowerlocal-plugin-js.s3.us-east-2.amazonaws.com
2	pixel.quantserve.com	blip.fm
2	rules.quantcount.com	secure.quantserve.com
2	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	ssl.google-analytics.com	1 redirects blip.fm
2	fonts.googleapis.com	blip.fm hal90008.redintelligence.net
2	empowerlocal-plugin-js.s3.us-east-2.amazonaws.com	blip.fm
1	analytics-wg.webgains.io	analytics.webgains.io
1	analytics.webgains.io	track.webgains.com
1	cdn.contentspread.net	hal900011.redintelligence.net
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.1rx.io	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	s0.2mdn.net	7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
1	s.ad.smaato.net	1 redirects
1	rtb.openx.net	1 redirects
1	tr.blismedia.com	7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
1	s.tribalfusion.com	7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	www.googletagmanager.com	adv.office-partner.de
1	www.awin1.com	7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
1	adv.office-partner.de	hal90008.redintelligence.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	apresolve.spotify.com	sdk.scdn.co
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	www.google-analytics.com	sdk.scdn.co
1	www.gstatic.com	www.youtube.com
1	s7.addthis.com	blip.fm
1	cdn.ampproject.org	empowerlocal-plugin-js.s3.us-east-2.amazonaws.com
1	static.doubleclick.net	www.youtube.com
1	stats.g.doubleclick.net	blip.fm
1	secure.quantserve.com	blip.fm
1	miro.medium.com	blip.fm
1	cdnjs.cloudflare.com	blip.fm
1	ajax.googleapis.com	blip.fm
0	google2waycm.netmng.com Failed	7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
192	70

This site contains links to these domains. Also see Links.

Domain
www.locksmiths-r-us.co.uk
blog.blip.fm

Subject Issuer	Validity	Valid
blip.fm R3	`2021-06-01` - `2021-08-30`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.scdn.co DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-09-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.s3.us-east-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-14` - `2022-01-18`	a year	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2021-05-06` - `2021-08-03`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.spotify.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-03` - `2022-05-03`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
teads.tv R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
redintelligence.net R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
adv.office-partner.de R3	`2021-05-11` - `2021-08-09`	3 months	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-05-01` - `2021-07-30`	3 months	crt.sh
contentspread.net R3	`2021-06-04` - `2021-09-02`	3 months	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
w-it.m-t.io GTS CA 1D4	`2021-06-07` - `2021-09-05`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://blip.fm/bridgecase3
Frame ID: 87BA9E596E0507112DE191E06B7EC53C
Requests: 63 HTTP requests in this frame

Frame: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1
Frame ID: 15C22DB47AC9EC3FAB09790EE1A3CB4B
Requests: 12 HTTP requests in this frame

Frame: https://sdk.scdn.co/embedded/index.html
Frame ID: 486AC14521BE2F4FCA42895234C8A744
Requests: 13 HTTP requests in this frame

Frame: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D6A23FF7B851B8E162C3A54C1D92A695
Requests: 13 HTTP requests in this frame

Frame: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 124AB1FECC0B63B4B6BA103F20849FA1
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYncXFlQEwAQ&v=APEucNWeR4DVOzL-7K315a8sMhTpDytCd1qmgDLrKhJSTEGrtnslkcBOXNtDrs2NZprfjCEpoiuTaojNkm91P_9ynP2Hhm00fLYJGSHBS09NScqCebKAwCcshFR9uSIz3xeTC9f9eQwxCo5cSAIS0Z7DDVfN8etaJqBbDadJBBDAQefzSmzFWVI
Frame ID: 997DC580891E678A0D83386205616FE5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNX4zZYLKUy3JfQVa05RkkOQa3t8nvb7Hdi2rg9HDTHNfLzPzEFLHvY8ugX9_VtITRnsbL9BDL9h-MKL9GGAcZJBa1k25ZiYt_4QkSlReWUNKrDA6ORH1uozye_C32RupLuErNwAR9Ouy6_Tt6fFk8T2JXOIUPOf4mJ-sOwySOJkiOX_794
Frame ID: 6C06C2F4563ECED2400F0A06C3A10C3E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 277F9078D50A629C0C13759EF62694C5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4619BD05EE4EA2A65FEB58772A38D3FA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 248D53778C452C8A5163E76911942CD2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4E75E5E9CD42B79FA2B6F116DA68FA0C
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: AD77910E1DD62144BB468D3580255C71
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKSyj6uXofECFSMdBgAdtT8Cbg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3501768645118.224
Frame ID: 8A17B69F60F83B2480F9CC62918E7D24
Requests: 2 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=10938000076989800710612011629008&a=27475c85
Frame ID: D94DF296A2D43FA67239FE890FB2CDF8
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 92435890909F6B76C284555003D9A388
Requests: 9 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=COC7pauXofECFWQeBgAdu_YN8w;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1143686545415.501
Frame ID: 6CCAD09463D68D08C17EDD98FB65B92D
Requests: 2 HTTP requests in this frame

Frame: https://hal900011.redintelligence.net/request_content.php?s=99989400100492400710632011629011&a=c1f0df2c
Frame ID: FCE5AEA2AB09657BF8EB4860DD16EAF4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0F37C01F37DEF97F10FDE42BEF668004
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

Red Hat (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Red Hat/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js/i

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /(?:\/([\d.]+))?\/vue(?:\.min)?\.js/i

AddThis (Widgets) Expand

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

192
Requests

99 %
HTTPS

47 %
IPv6

50
Domains

70
Subdomains

55
IPs

7
Countries

2938 kB
Transfer

8286 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.locksmiths-r-us.co.uk/wallasey-locksmiths/
Title: https://www.locksmi…allasey-locksmiths/

Search URL Search Domain Scan URL

URL: http://blog.blip.fm/faq
Title: FAQ

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=108638324&utmhn=blip.fm&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Free%20Music%20%7C%20Listen%20to%20Music%20Online%20%7C%20bridgecase3%20-%20Blip.fm&utmhid=903683824&utmr=-&utmp=%2Fbridgecase3&utmht=1624019295855&utmac=UA-1449388-5&utmcc=__utma%3D171230451.1400390237.1624019296.1624019296.1624019296.1%3B%2B__utmz%3D171230451.1624019296.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=175199453&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1449388-5&cid=1400390237.1624019296&jid=175199453&_v=5.7.2&z=108638324

Request Chain 49

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEzOjCCI_Z1BLKVM1eMxpgc&google_cver=1

Request Chain 100

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMyRYh8et4-Eb3mjrBFJ-gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEzOjCCI_Z1BLKVM1eMxpgc&google_cver=1

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEFy-VPLV_6lpa_qSf3z_5s&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEFy-VPLV_6lpa_qSf3z_5s%26google_cver%3D1

Request Chain 102

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc1NDc3NDA1MzU0Mzk4NzkxMg%3D%3D

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKfzAHG6ehMyLMrLcfhfNTs&google_cver=1

Request Chain 104

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjM4OTlmOGItYzM5OS0yNDRjLWUxODctZGJmZGNkZTE4ODE0

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEH2T7SzVSg3gG35qulJ6te4&google_cver=1

Request Chain 106

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NDQ4MDU1MjBmYmIyNzliNjZlMjRmODllNDRjNjdlNWFiYjNlNzU2MA==

Request Chain 118

https://hal90008.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=22a9775553&subid=&uid=cdc1099377f4395e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUUZ9YZHMYIG-DJGK3wO_kb-YDbXN-YNX_Ni5q-UM8C4QASC1y4pGYJWCgICwB8gBCakC0oRSBH77sz6oAwGqBLgBT9C3BN5dVlYaZdMe1ygYDdMDwAj_-JSZErwCeiSUkcKa6CMFVBR7hOzET31tq-Ch4oZpQ718l5MXMMF6Cf58twMgcjdH7CbxL5g-HoU3NchaQMHAfGCVtbwNlJyNUpz_MNlC8OHFnuT7-l7ZM-ZVr9YoZ0NKxW-5mEwfH_hUKhfZmDzRHXptAouDbJfl4JYrzH7rtLB0df0r1R3SMEnGOAQhAmAMFOP8aV_rcMuczynIpLy1dmADvcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRomFgIMG-H3UTQX0QI11KJdw%26sig%3DAOD64_3pqNWbRZUbht7VsS3mAAYzK7SYOQ%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-CLtm6CCjaiwOOd1iaaueWOGiBof0hnjPNns_UXJcnSA4YBmvOkvtE09mioyeWt99LbxXyd4Z6WOA70qd9GRKUjYIM2bDhXXPNTdpEKUJvc11IQdqSYVO3uW0uh4hzdbS4yidMidp666T6-4eGuwmtK9GnXMQ%26cry%3D1%26dbm_d%3DAKAmf-A_Cz1UVpLNAXI7BPmueUe7dKwr8ReoItpo4JpIaM3qkBsnHklznKoj_6zBephlHsinNsACN3WudavYovPFyimr-qY7VNKM7YUQo9H_FI-bH1-v81BByxFiaxne6aZmewc01NnWs9BVrKILos-k3VrXWuQECbCuXYk8E3-_YpwUOjkRRFDDH1aiBoD8B7mX20lLGWJFNz0Jp-77o_W_WL5_X0qOxKZyGrnUIg0iMUhZj9Ui4dqj-u5PojheK1ZrRD8PDfcf-wIkQufnT7fB6tMlGoWztTmNu9GNGEbRXhnVKN8Rcr9zIqrakDNu2mVrNbvqy-v8slN9r5SIkEXcWj63p4fnyw-t91HRvOey0vzh-SsgVLV-89B7vtfa-HUmPyUkMqDLave0JosMrYd71i4Xilqc6mzV985QLefkot9mywy8VgrN5N-gq1HsFZZCxcdOZVRZ%26adurl%3D&documentReferer=https%3A%2F%2Fblip.fm%2F&ancestorOrigins=https%3A%2F%2Fblip.fm&random=3218406324541&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
https://hal90008.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=22a9775553&subid=&uid=cdc1099377f4395e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUUZ9YZHMYIG-DJGK3wO_kb-YDbXN-YNX_Ni5q-UM8C4QASC1y4pGYJWCgICwB8gBCakC0oRSBH77sz6oAwGqBLgBT9C3BN5dVlYaZdMe1ygYDdMDwAj_-JSZErwCeiSUkcKa6CMFVBR7hOzET31tq-Ch4oZpQ718l5MXMMF6Cf58twMgcjdH7CbxL5g-HoU3NchaQMHAfGCVtbwNlJyNUpz_MNlC8OHFnuT7-l7ZM-ZVr9YoZ0NKxW-5mEwfH_hUKhfZmDzRHXptAouDbJfl4JYrzH7rtLB0df0r1R3SMEnGOAQhAmAMFOP8aV_rcMuczynIpLy1dmADvcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRomFgIMG-H3UTQX0QI11KJdw%26sig%3DAOD64_3pqNWbRZUbht7VsS3mAAYzK7SYOQ%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-CLtm6CCjaiwOOd1iaaueWOGiBof0hnjPNns_UXJcnSA4YBmvOkvtE09mioyeWt99LbxXyd4Z6WOA70qd9GRKUjYIM2bDhXXPNTdpEKUJvc11IQdqSYVO3uW0uh4hzdbS4yidMidp666T6-4eGuwmtK9GnXMQ%26cry%3D1%26dbm_d%3DAKAmf-A_Cz1UVpLNAXI7BPmueUe7dKwr8ReoItpo4JpIaM3qkBsnHklznKoj_6zBephlHsinNsACN3WudavYovPFyimr-qY7VNKM7YUQo9H_FI-bH1-v81BByxFiaxne6aZmewc01NnWs9BVrKILos-k3VrXWuQECbCuXYk8E3-_YpwUOjkRRFDDH1aiBoD8B7mX20lLGWJFNz0Jp-77o_W_WL5_X0qOxKZyGrnUIg0iMUhZj9Ui4dqj-u5PojheK1ZrRD8PDfcf-wIkQufnT7fB6tMlGoWztTmNu9GNGEbRXhnVKN8Rcr9zIqrakDNu2mVrNbvqy-v8slN9r5SIkEXcWj63p4fnyw-t91HRvOey0vzh-SsgVLV-89B7vtfa-HUmPyUkMqDLave0JosMrYd71i4Xilqc6mzV985QLefkot9mywy8VgrN5N-gq1HsFZZCxcdOZVRZ%26adurl%3D&documentReferer=https%3A%2F%2Fblip.fm%2F&ancestorOrigins=https%3A%2F%2Fblip.fm&random=3218406324541&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1

Request Chain 119

https://hal900011.redintelligence.net/request.php?zone=zy291edt4ui9&nw=20&renderingType=javascript&namespace=0f2c43d5b3&subid=&uid=b1013ebd0f8e8844&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC99LXYZHMYIC-DJGK3wO_kb-YDbXN-YNXnNC5q-UM8C4QASC1y4pGYJWCgICwB8gBCakC0oRSBH77sz6oAwGqBLgBT9A17zZkCEyJp83c_GG0vzd5f9rXCREq1tiSpMKBd9e1iIxakPCtiC0MRCiix7vEPpySHuCDIn8yWJgPKA4eVOW2VscuapziSz8oM9PZkVurHcpZuX298UGNwM6pqm0d3zid5lxg4qfA2bn4vbdU4HkeNZ3CdV4jFqYyuthN6UK7J3lfwEBGk2CxwJFalZAPTuVRG18vGlUBtHhOZCsv_dLgXQv2_WbmFlM2_7t7ofrU8ROEeh4y18AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyyc-4Ngm_rAeGqFoGpS-1g%26sig%3DAOD64_3wbAOYuJkB-TJRJZs-23mRmeALVA%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-ALmnrjg3EChcu3rYOqa21AJ8JJaajajeTscFrfVOWEgTuUabfQ3t9ZvWgKBXpmwHy3bB-Vv094RjQ_9f5Lp0gp35uQa0pFMZVhdJmN4QeQQXMk0E95GqYTAzf8yqZtyGd9oAVlt3BWTagi1jIHScO1X7pSaQ%26cry%3D1%26dbm_d%3DAKAmf-Do_rduOZjcXl4o2-On5oaK9HxvihXdGkVQV3FvrXLunnGGNaND84ED8Nzx-dOfM-Vf9KNWN6zREHD5_JjYt3rpmMQk5L5rfFYaKC9kmW-1NLI_vmE2QjHFOkos--THEhfn18vpeGsYObCVZUMJ6cyFazEGHKkcM5FMZ5910f2LglU1o5YQUA07ecmimd3WD4Hj9rHyEK2tsjFJqdqKPjfFZr99dyncHmjfYh9cE-8ode4B3KkYIPXnFMqm7YRYkkcvON-0EqYYPsp_yO5EAAAIzaABrAaHn7GUrILDx0xxTA25aP4EdavHyeudzTzdfOIvjmvw0k1byqG-8rSz2HeR_jddg-0t2AaY5Qg_6MToGg5DHcM98FEzcOC8VD0eUkEScOxawiimweRXfPWyo2_LgCGxZmzqdjwlVK_S_Vl72Rvir2f8R9AXxNXl013AA2PXoDyj%26adurl%3D&documentReferer=https%3A%2F%2Fblip.fm%2F&ancestorOrigins=https%3A%2F%2Fblip.fm&random=7801781657858&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
https://hal900011.redintelligence.net/request.php?zone=zy291edt4ui9&nw=20&renderingType=javascript&namespace=0f2c43d5b3&subid=&uid=b1013ebd0f8e8844&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC99LXYZHMYIC-DJGK3wO_kb-YDbXN-YNXnNC5q-UM8C4QASC1y4pGYJWCgICwB8gBCakC0oRSBH77sz6oAwGqBLgBT9A17zZkCEyJp83c_GG0vzd5f9rXCREq1tiSpMKBd9e1iIxakPCtiC0MRCiix7vEPpySHuCDIn8yWJgPKA4eVOW2VscuapziSz8oM9PZkVurHcpZuX298UGNwM6pqm0d3zid5lxg4qfA2bn4vbdU4HkeNZ3CdV4jFqYyuthN6UK7J3lfwEBGk2CxwJFalZAPTuVRG18vGlUBtHhOZCsv_dLgXQv2_WbmFlM2_7t7ofrU8ROEeh4y18AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyyc-4Ngm_rAeGqFoGpS-1g%26sig%3DAOD64_3wbAOYuJkB-TJRJZs-23mRmeALVA%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-ALmnrjg3EChcu3rYOqa21AJ8JJaajajeTscFrfVOWEgTuUabfQ3t9ZvWgKBXpmwHy3bB-Vv094RjQ_9f5Lp0gp35uQa0pFMZVhdJmN4QeQQXMk0E95GqYTAzf8yqZtyGd9oAVlt3BWTagi1jIHScO1X7pSaQ%26cry%3D1%26dbm_d%3DAKAmf-Do_rduOZjcXl4o2-On5oaK9HxvihXdGkVQV3FvrXLunnGGNaND84ED8Nzx-dOfM-Vf9KNWN6zREHD5_JjYt3rpmMQk5L5rfFYaKC9kmW-1NLI_vmE2QjHFOkos--THEhfn18vpeGsYObCVZUMJ6cyFazEGHKkcM5FMZ5910f2LglU1o5YQUA07ecmimd3WD4Hj9rHyEK2tsjFJqdqKPjfFZr99dyncHmjfYh9cE-8ode4B3KkYIPXnFMqm7YRYkkcvON-0EqYYPsp_yO5EAAAIzaABrAaHn7GUrILDx0xxTA25aP4EdavHyeudzTzdfOIvjmvw0k1byqG-8rSz2HeR_jddg-0t2AaY5Qg_6MToGg5DHcM98FEzcOC8VD0eUkEScOxawiimweRXfPWyo2_LgCGxZmzqdjwlVK_S_Vl72Rvir2f8R9AXxNXl013AA2PXoDyj%26adurl%3D&documentReferer=https%3A%2F%2Fblip.fm%2F&ancestorOrigins=https%3A%2F%2Fblip.fm&random=7801781657858&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1

Request Chain 125

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3501768645118.224 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKSyj6uXofECFSMdBgAdtT8Cbg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3501768645118.224

Request Chain 130

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1143686545415.501 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=COC7pauXofECFWQeBgAdu_YN8w;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1143686545415.501

Request Chain 146

https://a.tribalfusion.com/i.match?p=b6&u=CAESEObjtKgrMRHumPcT9LqnV5Y&google_cver=1&google_push=AYg5qPJFrZa4Sl2bE3HCxBLrD9V2kyItjKvKEDuFSOljFGLCkf_-JlT7BviC_39U4Smvf-7RyK5isoA2Fv81YFNsvXL9dErxuBux&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJFrZa4Sl2bE3HCxBLrD9V2kyItjKvKEDuFSOljFGLCkf_-JlT7BviC_39U4Smvf-7RyK5isoA2Fv81YFNsvXL9dErxuBux%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEObjtKgrMRHumPcT9LqnV5Y&google_cver=1&google_push=AYg5qPJFrZa4Sl2bE3HCxBLrD9V2kyItjKvKEDuFSOljFGLCkf_-JlT7BviC_39U4Smvf-7RyK5isoA2Fv81YFNsvXL9dErxuBux&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJFrZa4Sl2bE3HCxBLrD9V2kyItjKvKEDuFSOljFGLCkf_-JlT7BviC_39U4Smvf-7RyK5isoA2Fv81YFNsvXL9dErxuBux%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 148

https://rtb.openx.net/sync/dds?google_gid=CAESELynAFuidVI6jNlfY-LJlu4&google_cver=1&google_push=AYg5qPKF2E1Ro9SSpSaJa4AXXhnYH9vC4iYzWBZ3ydifjaN0H9-fpsONNsGI4UWgJEwBBZlj3oKYg0dWj4ekcoNJ3nGNAx3RNk0O HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKF2E1Ro9SSpSaJa4AXXhnYH9vC4iYzWBZ3ydifjaN0H9-fpsONNsGI4UWgJEwBBZlj3oKYg0dWj4ekcoNJ3nGNAx3RNk0O&google_hm=kLDGfaNow8YSE83z1Bp8zg==

Request Chain 149

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGCHIGhDuPL4E7vP0Edu_WA&google_cver=1&google_push=AYg5qPJiC12Lc2tYymEWANxv-OYZRlgxMPKNd2_UKzgliGL5qD55eQEhlJVJKhs4IIllbivT6_DwuLuunVa1J0AZL9FzcRssbcQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJiC12Lc2tYymEWANxv-OYZRlgxMPKNd2_UKzgliGL5qD55eQEhlJVJKhs4IIllbivT6_DwuLuunVa1J0AZL9FzcRssbcQ

Request Chain 150

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEFU9qBHe4MZ94jFgbrKqg-4&google_cver=1&google_push=AYg5qPJXf1mLo3P4_gOlrOFc_egEiH_kSYmZe8Qfj0vi3MdxhTkNj9Jk0yKUZacZ-QdHW4pMetloTg6EsY-fLeBJVSPisi-BCH32Fw HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEFU9qBHe4MZ94jFgbrKqg-4&google_cver=1&google_push=AYg5qPJXf1mLo3P4_gOlrOFc_egEiH_kSYmZe8Qfj0vi3MdxhTkNj9Jk0yKUZacZ-QdHW4pMetloTg6EsY-fLeBJVSPisi-BCH32Fw&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEFU9qBHe4MZ94jFgbrKqg-4&google_cver=1&google_push=AYg5qPJXf1mLo3P4_gOlrOFc_egEiH_kSYmZe8Qfj0vi3MdxhTkNj9Jk0yKUZacZ-QdHW4pMetloTg6EsY-fLeBJVSPisi-BCH32Fw&apid=UPa9a51d0c-d030-11eb-b006-02197f6b4d30 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBhOWE1MWQwYy1kMDMwLTExZWItYjAwNi0wMjE5N2Y2YjRkMzA%3D&google_push=AYg5qPJXf1mLo3P4_gOlrOFc_egEiH_kSYmZe8Qfj0vi3MdxhTkNj9Jk0yKUZacZ-QdHW4pMetloTg6EsY-fLeBJVSPisi-BCH32Fw

Request Chain 154

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIC__cNDoq0Ot07RjOqo460&google_cver=1&google_push=AYg5qPLqbFwZGMzxVKtP-RPnKFbSrGFLiK0K5N34xvUPKzSNv-CE9rY-g7J1cRCcTpum1lg8faxSqkounuZUbMpsFs6psYvveXoV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLqbFwZGMzxVKtP-RPnKFbSrGFLiK0K5N34xvUPKzSNv-CE9rY-g7J1cRCcTpum1lg8faxSqkounuZUbMpsFs6psYvveXoV&google_hm=gaW71CQqR1q1FUpjxhbXV4s

Request Chain 155

https://ads.travelaudience.com/google_pixel?google_gid=CAESECOqI0iaaDsMwGxTEfPLmGA&google_cver=1&google_push=AYg5qPLyyiyDhB3S44Xkhg4Iy_qlXddT8TqJqVd3NEcMNPODDY2p2Yz-xJypVQ0jzQLtzclB7vJlUaZCQKTOOkf03IgWoN4WviK7 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=48JPtgiORRy_Yu59D8Z93A2&google_push=AYg5qPLyyiyDhB3S44Xkhg4Iy_qlXddT8TqJqVd3NEcMNPODDY2p2Yz-xJypVQ0jzQLtzclB7vJlUaZCQKTOOkf03IgWoN4WviK7

Request Chain 156

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJT4qCZ7CnKxXHKZN660EXo&google_cver=1&google_push=AYg5qPI4Lv1v8zi48RtycIQS4e3UKvEVef42mvMdcTHkfjWyYhSQwHUC68F0T8m7S9i17sFWWUmwKQ662ZhA1isREcdwD4nEBCvq HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJT4qCZ7CnKxXHKZN660EXo&google_cver=1&google_push=AYg5qPI4Lv1v8zi48RtycIQS4e3UKvEVef42mvMdcTHkfjWyYhSQwHUC68F0T8m7S9i17sFWWUmwKQ662ZhA1isREcdwD4nEBCvq&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SP0J9xVlSBiX4EL5ZzOmgA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI4Lv1v8zi48RtycIQS4e3UKvEVef42mvMdcTHkfjWyYhSQwHUC68F0T8m7S9i17sFWWUmwKQ662ZhA1isREcdwD4nEBCvq

Request Chain 157

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELIc5I2o6mxdygrvInAGpc0&google_cver=1&google_push=AYg5qPJ3lCcah-bKoRvs4vEW-RZCYCRrqdSJ0OmM9ZgbL1GjLtvhkSmwh4WH5rIcDnmJ7c_kzc_7oh-_FCT2LZe1hX67-5GZp--P HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1EyQjVRVEQtSS1JWUNV&google_push=AYg5qPJ3lCcah-bKoRvs4vEW-RZCYCRrqdSJ0OmM9ZgbL1GjLtvhkSmwh4WH5rIcDnmJ7c_kzc_7oh-_FCT2LZe1hX67-5GZp--P

Request Chain 158

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGKWmUWuQ1t07IjdzVMXuxM&google_cver=1&google_push=AYg5qPJTQF6jBAV0F4ldLKUO93Nqs-WvZk3Gg1CJ9OpQAhjyCsS_u3qfAn-07lyRGukaTh9s8iT9sABlTwiPC-aCwp43MNliTZ1_ HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGKWmUWuQ1t07IjdzVMXuxM&google_cver=1&google_push=AYg5qPJTQF6jBAV0F4ldLKUO93Nqs-WvZk3Gg1CJ9OpQAhjyCsS_u3qfAn-07lyRGukaTh9s8iT9sABlTwiPC-aCwp43MNliTZ1_&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJTQF6jBAV0F4ldLKUO93Nqs-WvZk3Gg1CJ9OpQAhjyCsS_u3qfAn-07lyRGukaTh9s8iT9sABlTwiPC-aCwp43MNliTZ1_&google_hm=d2e3e4ee2a86de1189ba1ddb

Request Chain 159

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEDHEEqVWF5woCURP8CxDVM0&google_cver=1&google_push=AYg5qPJ66FGQvGNyjM7vdxPJHD1cEG_WdINyTrzN9x4IVyRF980RncwAuT4CjfUZkL3Hjg1LnIu7R5LwO8VoGhfWUYRtIa7WbYpu HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-7a1093fe-59af-47f9-b077-4482de7e6c77-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPJ66FGQvGNyjM7vdxPJHD1cEG_WdINyTrzN9x4IVyRF980RncwAuT4CjfUZkL3Hjg1LnIu7R5LwO8VoGhfWUYRtIa7WbYpu%26google_hm%3DA3oQk_5Zr0f5sHdEgt5-bHc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJ66FGQvGNyjM7vdxPJHD1cEG_WdINyTrzN9x4IVyRF980RncwAuT4CjfUZkL3Hjg1LnIu7R5LwO8VoGhfWUYRtIa7WbYpu&google_hm=A3oQk_5Zr0f5sHdEgt5-bHc

Request Chain 160

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEN7Mv9ra2iqbzOPVEq71xKo&google_cver=1&google_push=AYg5qPJ_FPDz3_sg9lN9Cn9XKXPlxFX5NFoAxPHJhUIc-rVABfQGct5MzML7QD0YD9ubeO7W4ND5yUlPVbpkBhAgTs4BVeSM_-nmbg HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEN7Mv9ra2iqbzOPVEq71xKo&google_cver=1&google_push=AYg5qPJ_FPDz3_sg9lN9Cn9XKXPlxFX5NFoAxPHJhUIc-rVABfQGct5MzML7QD0YD9ubeO7W4ND5yUlPVbpkBhAgTs4BVeSM_-nmbg&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03bnJKYWxwRTJ1SE1XV182UGdZekp4eXJia2R1Q2Vma35B&google_push=AYg5qPJ_FPDz3_sg9lN9Cn9XKXPlxFX5NFoAxPHJhUIc-rVABfQGct5MzML7QD0YD9ubeO7W4ND5yUlPVbpkBhAgTs4BVeSM_-nmbg

192 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request bridgecase3 Show response
blip.fm/ 25 KB
7 KB 413ms
128ms Document
text/html 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blip.fm/bridgecase3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 / PHP/7.0.19
Resource Hash: aa9d6f4897fb855de3fab48cdb325cbf5c8db30a043203313243db639d183aaf

Request headers

Host: blip.fm
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:27:53 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
X-Powered-By: PHP/7.0.19
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK base.css
blip.fm/_/css/ 79 KB
17 KB 125ms
98ms Stylesheet
text/css 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blip.fm/_/css/base.css
Requested by: Host: blip.fm
URL: https://blip.fm/bridgecase3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: e06a1c6ca9fbdcbab4b4282bbf1e2255ef607b00b457086855a0b2bc33faf7a6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://blip.fm/bridgecase3
Connection: keep-alive
Referer: https://blip.fm/bridgecase3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:27:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Aug 2020 12:44:01 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "13d81-5abf87e320640-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 17044

GET
H/1.1 200
OK newdesign.css
blip.fm/_/css/ 25 KB
5 KB 287ms
94ms Stylesheet
text/css 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blip.fm/_/css/newdesign.css
Requested by: Host: blip.fm
URL: https://blip.fm/bridgecase3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: 319513d84c6b2e0aea8ec6401142ad600dce83d99a4d45cea9a884875f403265

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://blip.fm/bridgecase3
Connection: keep-alive
Referer: https://blip.fm/bridgecase3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:27:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Dec 2020 06:30:15 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "65be-5b68f02140bc0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4921

GET
H/1.1 200
OK profile.26.css.cgz
d1uswytv6491xe.cloudfront.net/css/ 3 KB
2 KB 62ms
17ms Stylesheet
text/css 13.32.11.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1uswytv6491xe.cloudfront.net/css/profile.26.css.cgz
Requested by: Host: blip.fm
URL: https://blip.fm/bridgecase3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-130.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae6e79fcd093e4a8968d1ebc25b12f74f12503794384e0de7598761261c01f70

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 02:48:49 GMT
Content-Encoding: gzip
Age: 10834767
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 974
Last-Modified: Thu, 04 Apr 2019 15:07:15 GMT
Server: AmazonS3
ETag: "cafbaa2c66e5af33d2a50ac7c913fc60"
Content-Type: text/css
Via: 1.1 444dde5644fa29b8d8dfac109693e2a2.cloudfront.net (CloudFront)
Cache-Control: max-age=315360000
X-Amz-Cf-Pop: VIE50-C2
Accept-Ranges: bytes
X-Amz-Cf-Id: QzMD6SgYWOzFXfGmWABF6oCWrEeGvydlTZ2tgVKhCpyqZW5nIZtc8Q==
Expires: Thu, 04 Apr 2024 15:07:14 GMT

GET
H/1.1 200
OK spotify.css
blip.fm/_/css/ 2 KB
1 KB 287ms
94ms Stylesheet
text/css 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blip.fm/_/css/spotify.css
Requested by: Host: blip.fm
URL: https://blip.fm/bridgecase3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: d770749019637859894001e3ce01057cc47b89c89f5afe98f1c6d0aaf9a4648d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://blip.fm/bridgecase3
Connection: keep-alive
Referer: https://blip.fm/bridgecase3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:27:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Aug 2019 17:42:43 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "776-5907bddf8cac0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 665

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: blip.fm
URL: https://blip.fm/bridgecase3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:06:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jun 2022 12:06:59 GMT

GET
H/1.1 200
OK spotify-player.js Show response
sdk.scdn.co/ 21 KB
6 KB 30ms
6ms Script
application/javascript 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.scdn.co/spotify-player.js
Requested by: Host: blip.fm
URL: https://blip.fm/bridgecase3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dec6a0b276c15b010acbbc7c201810712d7b9f7217308225174dfdeda5d4f6e0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:28:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Apr 2021 09:44:32 GMT
Age: 2486367
ETag: "23130e8b4395801117e1675730d026b2"
X-Served-By: cache-ord1721-ORD, cache-hhn11564-HHN
X-Cache: HIT, HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6204
X-Cache-Hits: 1, 2019

GET
H/1.1 200
OK jquery.cookie.js Show response
blip.fm/_/js/ 3 KB
3 KB 287ms
95ms Script
application/javascript 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blip.fm/_/js/jquery.cookie.js
Requested by: Host: blip.fm
URL: https://blip.fm/bridgecase3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://blip.fm/bridgecase3
Connection: keep-alive
Referer: https://blip.fm/bridgecase3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:27:54 GMT
Last-Modified: Mon, 06 Jan 2020 14:00:06 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "c31-59b79139da580"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3121

GET
H2 200 handlebars.min.js Show response
cdnjs.cloudflare.com/ajax/libs/handlebars.js/2.0.0-alpha.1/ 47 KB
13 KB 39ms
23ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/2.0.0-alpha.1/handlebars.min.js

Requested by

Host: blip.fm
URL: https://blip.fm/bridgecase3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82e2d5fd2ae7a2dfb049133d30a1c14aa65ddacffd138a73921f2994766c3324

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3077274
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12647
cf-request-id: 0ac0b0f471000005fd6b8e1000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e72-ba0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SBVd13Qe%2BQP2%2Bl6ySOJOt9oXsUQjGNNhCEgUOl8geXcx6CA0WH5VQ%2FJxy4HJpsiqd6s%2FVw8qUlGSDl3yCczXdb3yiQ7hUFFrUShtKlpLN%2FvYmM1Xo2W7j6FfT%2F39vD7l%2FStfZovgoTk4bolw0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66148433dfbf05fd-FRA
expires: Wed, 08 Jun 2022 12:28:15 GMT

GET
H/1.1 200
OK napster.min.js Show response
blip.fm/_/js/ 14 KB
15 KB 287ms
95ms Script
application/javascript 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blip.fm/_/js/napster.min.js
Requested by: Host: blip.fm
URL: https://blip.fm/bridgecase3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: ff7bf0e46bc638dc36c28fd98b218a1983bc2badd30cbed318de10c270f66ec1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://blip.fm/bridgecase3
Connection: keep-alive
Referer: https://blip.fm/bridgecase3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:27:54 GMT
Last-Modified: Mon, 06 Jan 2020 14:00:07 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "38da-59b7913ace7c0"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 14554

GET
H/1.1 200
OK spotify-api.js Show response
blip.fm/_/js/ 6 KB
6 KB 295ms
97ms Script
application/javascript 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blip.fm/_/js/spotify-api.js
Requested by: Host: blip.fm
URL: https://blip.fm/bridgecase3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: 396e92552e8ff284f6e204090bc222578d5a1a6ec0f92ccf31ed5978606784b4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://blip.fm/bridgecase3
Connection: keep-alive
Referer: https://blip.fm/bridgecase3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:27:54 GMT
Last-Modified: Thu, 09 Jan 2020 09:26:07 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "17f8-59bb1994c89c0"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6136

GET
H/1.1 200
OK napster-api.js Show response
blip.fm/_/js/ 3 KB
3 KB 307ms
94ms Script
application/javascript 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blip.fm/_/js/napster-api.js
Requested by: Host: blip.fm
URL: https://blip.fm/bridgecase3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: 5345a3bf0a85143d337b572e4cea04e8705eb606e47611d54a7c1e1f6242308a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://blip.fm/bridgecase3
Connection: keep-alive
Referer: https://blip.fm/bridgecase3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:27:54 GMT
Last-Modified: Thu, 09 Jan 2020 09:23:24 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "c8f-59bb18f955b00"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3215

GET
H/1.1 200
OK header.js Show response
empowerlocal-plugin-js.s3.us-east-2.amazonaws.com/ 8 KB
9 KB 458ms
124ms Script
application/javascript 52.219.96.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://empowerlocal-plugin-js.s3.us-east-2.amazonaws.com/header.js
Requested by: Host: blip.fm
URL: https://blip.fm/bridgecase3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.96.56 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: e4a54349dc54879fad8d1567c0dbaad10d67553f8d1c190f3939e46b434c6e9a

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:28:16 GMT
Last-Modified: Wed, 10 Mar 2021 19:39:58 GMT
Server: AmazonS3
x-amz-request-id: GSS29GKF6HNBD1QK
ETag: "808b8d2713ae2c3bc82ca1d76dccbc08"
Content-Type: application/javascript
x-amz-version-id: F4VRdt3dlpkr8Avwt6TpU_eFaQI6ua_s
Accept-Ranges: bytes
Content-Length: 8674
x-amz-id-2: 8J9ArFmuOQoS/IfEy3Wb0J9aC0A5qk6kEgeWb9L8SMDUCkdIMDJ2fORfHlRKfBxdkxgjyorN7FA=

GET
H/1.1 200
OK logo.png
blip.fm/images/ 9 KB
9 KB 95ms
93ms Image
image/png 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blip.fm/images/logo.png
Requested by: Host: blip.fm
URL: https://blip.fm/bridgecase3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: 1feda3dc45dfdcb46ec8f8abdafc23f06d4e2d954a864ec9e9e61b857dc8d1e8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blip.fm/bridgecase3
Connection: keep-alive
Referer: https://blip.fm/bridgecase3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:27:54 GMT
Last-Modified: Wed, 01 Jul 2020 13:08:01 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "22a3-5a960fb434e40"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 8867

GET
H/1.1 200
OK spinner.gif
d1uswytv6491xe.cloudfront.net/images/blip/ 847 B
1 KB 19ms
17ms Image
image/gif 13.32.11.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1uswytv6491xe.cloudfront.net/images/blip/spinner.gif
Requested by: Host: blip.fm
URL: https://blip.fm/bridgecase3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-130.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88c003ca3b8264aa64112d6c7ebe5a82011b6041c24460dbea7a31d3bfafee34

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 17 Mar 2021 03:54:45 GMT
Via: 1.1 444dde5644fa29b8d8dfac109693e2a2.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 04 Apr 2019 15:03:35 GMT
Server: AmazonS3
Age: 8066011
ETag: "4b2f4d6259e452b9a0d2efbe25065b58"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Cache-Control: max-age=315360000
X-Amz-Cf-Pop: VIE50-C2
Accept-Ranges: bytes
Content-Length: 847
X-Amz-Cf-Id: RIod5npn83trYrPpqJyIMMUFvUFyh9pcpBYI2djxLB9nCudn7_tavw==
Expires: Thu, 04 Apr 2024 15:03:33 GMT

GET
H/1.1 200
OK juicy-signup-small.png
d1uswytv6491xe.cloudfront.net/images/buttons/ 4 KB
4 KB 37ms
17ms Image
image/png 13.32.11.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1uswytv6491xe.cloudfront.net/images/buttons/juicy-signup-small.png
Requested by: Host: blip.fm
URL: https://blip.fm/bridgecase3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-130.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17c3bd5b578cb7f4fccd1ad422794185e0c96b0c68a60756f4b1a72b674972c8

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 02:48:50 GMT
Via: 1.1 444dde5644fa29b8d8dfac109693e2a2.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 04 Apr 2019 15:05:23 GMT
Server: AmazonS3
Age: 10834766
ETag: "a7a5b0521447b176ca08db741abbb305"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=315360000
X-Amz-Cf-Pop: VIE50-C2
Accept-Ranges: bytes
Content-Length: 3659
X-Amz-Cf-Id: 6pfAfAKnUpxRj6L2SUhScQBLleUv_79GKBdQStFt1b9JxbdKVdmhLQ==
Expires: Thu, 04 Apr 2024 15:05:21 GMT

GET
H/1.1 200
OK nousericon-l.gif
d1uswytv6491xe.cloudfront.net/images/ 6 KB
7 KB 54ms
17ms Image
image/gif 13.32.11.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1uswytv6491xe.cloudfront.net/images/nousericon-l.gif
Requested by: Host: blip.fm
URL: https://blip.fm/bridgecase3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-130.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 35e9144015046c3d25f20ddbd1f3036306891c441a18343c1d1e2da6ff3c2bd1

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 29 Jan 2021 01:30:07 GMT
Via: 1.1 ed5d8b8e3a8c20eaabbb29c087f04c66.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 04 Apr 2019 15:03:48 GMT
Server: AmazonS3
Age: 12135489
ETag: "93ccd993bbfefbfa9709be27d9a0588b"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Cache-Control: max-age=315360000
X-Amz-Cf-Pop: VIE50-C2
Accept-Ranges: bytes
Content-Length: 6443
X-Amz-Cf-Id: s_469-WU_1yX0ZSgUPAETCAjtzCc6p4XkFOv1bclyt6Gy2XC-yhRkg==
Expires: Thu, 04 Apr 2024 15:03:47 GMT

GET
H/1.1 200
OK vc.png
d1uswytv6491xe.cloudfront.net/images/flags/ 465 B
1006 B 513ms
477ms Image
image/png 13.32.11.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1uswytv6491xe.cloudfront.net/images/flags/vc.png
Requested by: Host: blip.fm
URL: https://blip.fm/bridgecase3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-130.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 406c57a14a5d49eef620685e6c14ba326cb9cedd532180d13994d9108c6fc15a

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:28:17 GMT
Via: 1.1 c855d201fddbb6ef22989607fe8f5d1f.cloudfront.net (CloudFront)
Last-Modified: Wed, 25 Aug 2010 17:46:16 GMT
Server: AmazonS3
X-Amz-Cf-Pop: VIE50-C2
ETag: "8538fb0e03262a7bfe29b9afd8ecdc39"
X-Cache: Miss from cloudfront
Content-Type: image/png; charset=binary
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 465
X-Amz-Cf-Id: TpS5p8S44ls9bU83DAbMWexVFt2x2QW2wgQFJpwQvJBDHPmQokQk9w==
Expires: Tue, 25 Aug 2015 17:46:15 GMT

GET
H2 200 1*ptQRDWDlEblcDL734-y4Qw.png
miro.medium.com/max/1200/ 35 KB
36 KB 48ms
30ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/1200/1*ptQRDWDlEblcDL734-y4Qw.png

Requested by

Host: blip.fm
URL: https://blip.fm/bridgecase3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10985b0138ee107431b8118e0d8b2efa14439caf69807bf0bde75c96c578f018

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 72
x-envoy-upstream-service-time: 750
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 35996
cf-request-id: 0ac0b0f64000004e927ebf7000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210524-162717-f383c62fea
accept-ranges: bytes
cf-ray: 66148436c84c4e92-FRA
expires: Sun, 18 Jul 2021 12:28:15 GMT

GET
H/1.1 200
OK placeholder.svg
blip.fm/_/images/ 4 KB
5 KB 97ms
96ms Image
image/svg+xml 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blip.fm/_/images/placeholder.svg
Requested by: Host: blip.fm
URL: https://blip.fm/bridgecase3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: c0e57c534e7fce5e66fb419c269b97d436385a2c69b9f508edf480ef60dedf91

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blip.fm/bridgecase3
Connection: keep-alive
Referer: https://blip.fm/bridgecase3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:27:54 GMT
Last-Modified: Wed, 15 Jul 2020 08:57:06 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "1194-5aa771bb17c80"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4500

GET
H/1.1 200
OK napster.jpg
blip.fm/_/images/napster/ 52 KB
52 KB 93ms
93ms Image
image/jpeg 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blip.fm/_/images/napster/napster.jpg
Requested by: Host: blip.fm
URL: https://blip.fm/bridgecase3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: e6d76a2dedcc68e2317925b345474a47ee6294694ded93655ee3d69559a4a583

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blip.fm/bridgecase3
Connection: keep-alive
Referer: https://blip.fm/bridgecase3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:27:54 GMT
Last-Modified: Tue, 04 Aug 2020 05:09:47 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "ce4a-5ac0643925cc0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 52810

GET
H/1.1 200
OK ads.js Show response
empowerlocal-plugin-js.s3.us-east-2.amazonaws.com/ 3 KB
4 KB 196ms
112ms Script
application/javascript 52.219.96.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://empowerlocal-plugin-js.s3.us-east-2.amazonaws.com/ads.js
Requested by: Host: blip.fm
URL: https://blip.fm/bridgecase3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.96.56 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: b3d07bd62da73385f67aa7d09c598bade0243347339334c81763124a803dbaf7

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:28:16 GMT
Last-Modified: Fri, 26 Feb 2021 17:17:08 GMT
Server: AmazonS3
x-amz-request-id: GSSB3C07R4NH076Z
ETag: "22262cedaaaa5ff76bd686a64713f048"
Content-Type: application/javascript
x-amz-version-id: .L7dXL0GVzyECTjS7anJk4iGuUC1kqkM
Accept-Ranges: bytes
Content-Length: 3328
x-amz-id-2: mG92YG+d62N1v7vOtcAgtJU9OrI8cIBtTJyBuBwBZQTg/cG2PK5CfPTo1hlcw3rRRb+XFY38vcw=

GET
H/1.1 200
OK base.js Show response
blip.fm/_/js/ 505 KB
506 KB 94ms
94ms Script
application/javascript 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blip.fm/_/js/base.js
Requested by: Host: blip.fm
URL: https://blip.fm/bridgecase3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: 4b6a2b0fd27801f153917af3d6558094fd0e76f7e08e21e78b45b0343362d3d6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://blip.fm/bridgecase3
Connection: keep-alive
Referer: https://blip.fm/bridgecase3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:27:54 GMT
Last-Modified: Tue, 09 Mar 2021 21:40:56 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "7e5cc-5bd2167c3aa00"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 517580

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 28ms
8ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: blip.fm
URL: https://blip.fm/bridgecase3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:15 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Fri, 25 Jun 2021 12:28:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 34ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap

Requested by

Host: blip.fm
URL: https://blip.fm/_/css/newdesign.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e26892b2736c82171e10cf7325fdc8627423517c96f0e12877de14ed63e8b07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 12:12:37 GMT
server: ESF
date: Fri, 18 Jun 2021 12:28:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Jun 2021 12:28:15 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: blip.fm
URL: https://blip.fm/bridgecase3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3666
date: Fri, 18 Jun 2021 11:27:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 18 Jun 2021 13:27:09 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 123 KB
33 KB 59ms
20ms Script
application/javascript 13.32.5.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: empowerlocal-plugin-js.s3.us-east-2.amazonaws.com
URL: https://empowerlocal-plugin-js.s3.us-east-2.amazonaws.com/header.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.5.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-5-125.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 0f4b08d07ecca9f8fcaf108ea78bb163fc98cfc19a844bd0f87412ab34a41873

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: sWCsRsvwWkSFZMQxDYXuCmbidBHsB_Lq
content-encoding: gzip
server: Server
age: 278
etag: c457e964d47ff007ca9e04843536c474
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Fri, 18 Jun 2021 12:23:36 GMT
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 1AVLzLoyajAwk8e9JxXKX_gUCP94-RL8Md2TJK0xcwp7LGM6xXYuhA==

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
20 KB 25ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://blip.fm
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:37:01 GMT
x-content-type-options: nosniff
age: 543074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:37:01 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=108638324&utmhn=blip.fm&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Free%20Music%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1449388-5&cid=1400390237.1624019296&jid=175199453&_v=5.7.2&z=108638324

35 B
451 B

45ms
16ms

Image
image/gif

2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1449388-5&cid=1400390237.1624019296&jid=175199453&_v=5.7.2&z=108638324

Requested by

Host: blip.fm
URL: https://blip.fm/bridgecase3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 18 Jun 2021 12:28:15 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:15 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1449388-5&cid=1400390237.1624019296&jid=175199453&_v=5.7.2&z=108638324
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 368
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET config
c.amazon-adsystem.com/cdn/prod/ 0
0

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 53ms
17ms XHR
application/javascript 13.32.5.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.5.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-5-125.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:09:26 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 29930
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via: 1.1 f6044dcb6db923e394519c2643455d42.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: VIE50-C2
content-type: application/javascript
x-amz-cf-id: owEBlAUBOcN3Gz-d4EkVpWYx5g5Hv_wj9uFGnuvuQk3YP3_0VHzVcw==

GET
H/1.1 200
OK trackpopbg.png
blip.fm/images/ 400 B
732 B 97ms
96ms Image
image/png 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blip.fm/images/trackpopbg.png
Requested by: Host: blip.fm
URL: https://blip.fm/_/css/base.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: 51849fb8f2b161981d2a508c4e58503a0a752c6bbac592a742d92efdb1c378c6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blip.fm/_/css/base.css
Cookie: __utma=171230451.1400390237.1624019296.1624019296.1624019296.1; __utmc=171230451; __utmz=171230451.1624019296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=171230451.1.10.1624019296
Connection: keep-alive
Referer: https://blip.fm/_/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:27:54 GMT
Last-Modified: Tue, 04 Aug 2020 05:09:35 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "190-5ac0642db41c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 400

GET
H3-29 200 iframe_api Show response
www.youtube.com/ 980 B
515 B 25ms
25ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: blip.fm
URL: https://blip.fm/_/js/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d8fb34a348de04796d4c3345c6dd241140103619b8d2a5d915b6ec0574c7175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 18 Jun 2021 12:28:16 GMT

GET
H/1.1 200
OK loadPage Show response
blip.fm/ajax/ 18 B
414 B 134ms
134ms XHR
application/json 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blip.fm/ajax/loadPage?page=1&bliperId=2594892
Requested by: Host: blip.fm
URL: https://blip.fm/_/js/base.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 / PHP/7.0.19
Resource Hash: 67f2b0a60f37796c436ea0d9f947a22cb196312a87705d10069b65acc2993f01

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: __utma=171230451.1400390237.1624019296.1624019296.1624019296.1; __utmc=171230451; __utmz=171230451.1624019296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=171230451.1.10.1624019296
Connection: keep-alive
X-Fuzz-Ajax: true
Referer: https://blip.fm/bridgecase3
Referer: https://blip.fm/bridgecase3
X-Requested-With: XMLHttpRequest
X-Fuzz-Ajax: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:27:55 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
X-Powered-By: PHP/7.0.19
Content-Type: application/json
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 18
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 rules-p-b0cBKofGeCYKg.js Show response
rules.quantcount.com/ 3 B
438 B 48ms
17ms Script
application/javascript 2600:9000:2104:ba00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-b0cBKofGeCYKg.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:ba00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 07:03:00 GMT
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
age: 19517
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:48:31 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: PRMm_r6GB0YayUXf3gN9Wjw-1dPuxHFbRPnCsCsHeKviMWRojdXNNg==

GET
H2 200 rules-p-c4o3JsfzdTxY6.js Show response
rules.quantcount.com/ 3 B
436 B 45ms
14ms Script
application/javascript 2600:9000:2104:ba00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-c4o3JsfzdTxY6.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:ba00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 03:09:14 GMT
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
age: 33543
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:53:31 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: Uh6C-1D7q_8c0FV32Zimbit5B6bk-h_FQOxop7jAVO_-KsCE1BkzdA==

GET
H/1.1 200
OK noticebg-black.png
blip.fm/images/ 2 KB
3 KB 97ms
97ms Image
image/png 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blip.fm/images/noticebg-black.png
Requested by: Host: blip.fm
URL: https://blip.fm/_/css/base.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: 3983c27985f9ae67aed69d7ca6a82a682a7095df30b8d8253014de0f4ee97427

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blip.fm/_/css/base.css
Cookie: __utma=171230451.1400390237.1624019296.1624019296.1624019296.1; __utmc=171230451; __utmz=171230451.1624019296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=171230451.1.10.1624019296
Connection: keep-alive
Referer: https://blip.fm/_/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:27:55 GMT
Last-Modified: Tue, 04 Aug 2020 05:09:53 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "9d5-5ac0643edea40"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2517

GET
H/1.1 200
OK dockbg.png
blip.fm/images/ 607 B
939 B 100ms
100ms Image
image/png 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blip.fm/images/dockbg.png
Requested by: Host: blip.fm
URL: https://blip.fm/_/css/base.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: c04e372715cffbc60a3f59d89c6ba50bb9f8adbc36c2e75cbd155f4ae1a911e8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blip.fm/_/css/base.css
Cookie: __utma=171230451.1400390237.1624019296.1624019296.1624019296.1; __utmc=171230451; __utmz=171230451.1624019296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=171230451.1.10.1624019296
Connection: keep-alive
Referer: https://blip.fm/_/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:27:55 GMT
Last-Modified: Tue, 04 Aug 2020 05:09:37 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "25f-5ac0642f9c640"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 607

GET
H/1.1 200
OK alert.png
blip.fm/images/icons/ 3 KB
4 KB 94ms
94ms Image
image/png 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blip.fm/images/icons/alert.png
Requested by: Host: blip.fm
URL: https://blip.fm/_/css/base.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: 4db8af548255ad1270380918e096b18fddd5b984f95fd4862f18575f8267162f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blip.fm/_/css/base.css
Cookie: __utma=171230451.1400390237.1624019296.1624019296.1624019296.1; __utmc=171230451; __utmz=171230451.1624019296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=171230451.1.10.1624019296
Connection: keep-alive
Referer: https://blip.fm/_/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:27:55 GMT
Last-Modified: Tue, 04 Aug 2020 05:09:49 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "d77-5ac0643b0e140"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 3447

GET
H/1.1 200
OK sprite-uber.png
blip.fm/images/blip/ 64 KB
65 KB 109ms
108ms Image
image/png 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blip.fm/images/blip/sprite-uber.png
Requested by: Host: blip.fm
URL: https://blip.fm/_/css/base.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: 9585f9660d61236506d8fe0d442168949a866c238ee7fe8c5f32b0aec2b29d71

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blip.fm/_/css/base.css
Cookie: __utma=171230451.1400390237.1624019296.1624019296.1624019296.1; __utmc=171230451; __utmz=171230451.1624019296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=171230451.1.10.1624019296
Connection: keep-alive
Referer: https://blip.fm/_/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:27:55 GMT
Last-Modified: Tue, 04 Aug 2020 05:09:43 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "1015e-5ac06435553c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 65886

GET
H/1.1 200
OK dialogbg.png
blip.fm/images/ 6 KB
6 KB 108ms
107ms Image
image/png 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blip.fm/images/dialogbg.png
Requested by: Host: blip.fm
URL: https://blip.fm/_/css/base.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: 8389ab2ff25b494852f8aa7c6972c69140ffb4f74ad5fb5f030d6ed3a1160359

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blip.fm/_/css/base.css
Cookie: __utma=171230451.1400390237.1624019296.1624019296.1624019296.1; __utmc=171230451; __utmz=171230451.1624019296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=171230451.1.10.1624019296
Connection: keep-alive
Referer: https://blip.fm/_/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:27:55 GMT
Last-Modified: Tue, 04 Aug 2020 05:09:44 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "17ce-5ac0643649600"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6094

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/da9443d1/www-widgetapi.vflset/ 126 KB
42 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da9443d1/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc8423792df51446c8596b5222cb3588cb3809dc5deb21f194442211f9bc94c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 11:42:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 17 Jun 2021 00:17:45 GMT
server: sffe
age: 2770
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42780
x-xss-protection: 0
expires: Sat, 18 Jun 2022 11:42:06 GMT

GET
H3-29 200 / Show response
www.youtube.com/embed/ Frame 15C2 31 KB
9 KB 48ms
47ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da9443d1/www-widgetapi.vflset/www-widgetapi.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28736ae300811b270d6100347bb2b5b8dff8ff467a06350ab938b82dcb3087e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blip.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=cRWWcBlBsGs; VISITOR_INFO1_LIVE=di61qDh7cmo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blip.fm/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 18 Jun 2021 12:28:16 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+942; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel;r=157744073;rf=0;a=p-b0cBKofGeCYKg;url=https%3A%2F%2Fblip.fm%2Fbridgecase3;uht=2;fpan=1;fpa=P0-1927266807-1624019296323;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;...
pixel.quantserve.com/ 35 B
371 B 10ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=157744073;rf=0;a=p-b0cBKofGeCYKg;url=https%3A%2F%2Fblip.fm%2Fbridgecase3;uht=2;fpan=1;fpa=P0-1927266807-1624019296323;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=blip.fm;je=0;sr=1600x1200x24;dst=1;et=1624019296322;tzo=-120;ogl=title.Blip%252Efm%20-%20Listen%20to%20free%20music%2Ctype.website%2Cimage.https%3A%2F%2Fd1uswytv6491xe%252Ecloudfront%252Enet%2Fimages%2Fblip%2FblipIcon%252Epng%2Curl.http%3A%2F%2Fblip%252Efm%2Csite_name.Blip%252Efm

Requested by

Host: blip.fm
URL: https://blip.fm/bridgecase3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:16 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=693465254;rf=0;a=p-c4o3JsfzdTxY6;url=https%3A%2F%2Fblip.fm%2Fbridgecase3;uht=2;fpan=0;fpa=P0-1927266807-1624019296323;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;...
pixel.quantserve.com/ 35 B
371 B 10ms
9ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=693465254;rf=0;a=p-c4o3JsfzdTxY6;url=https%3A%2F%2Fblip.fm%2Fbridgecase3;uht=2;fpan=0;fpa=P0-1927266807-1624019296323;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=blip.fm;je=0;sr=1600x1200x24;dst=1;et=1624019296324;tzo=-120;ogl=title.Blip%252Efm%20-%20Listen%20to%20free%20music%2Ctype.website%2Cimage.https%3A%2F%2Fd1uswytv6491xe%252Ecloudfront%252Enet%2Fimages%2Fblip%2FblipIcon%252Epng%2Curl.http%3A%2F%2Fblip%252Efm%2Csite_name.Blip%252Efm

Requested by

Host: blip.fm
URL: https://blip.fm/bridgecase3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:16 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/da9443d1/ Frame 15C2 362 KB
46 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da9443d1/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b3fd8d57c048b1bd2b0207d58bca55ef61bcbd3774411ae8e30ef75f60288e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47324
x-xss-protection: 0
last-modified: Thu, 17 Jun 2021 00:17:45 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jun 2022 14:45:41 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/da9443d1/www-embed-player.vflset/ Frame 15C2 195 KB
64 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da9443d1/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

357666c70339cf6a94535db39de633477890624b7c75ce0ce34d65b47af167f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 17 Jun 2021 00:17:45 GMT
server: sffe
age: 78154
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65711
x-xss-protection: 0
expires: Fri, 17 Jun 2022 14:45:42 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/da9443d1/player_ias.vflset/en_US/ Frame 15C2 2 MB
483 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da9443d1/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3834faad744e53aa5f64ec5d70a1f18b1ee549b20cb2d6e60841783d2c1a3f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 17 Jun 2021 00:17:45 GMT
server: sffe
age: 78154
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 494745
x-xss-protection: 0
expires: Fri, 17 Jun 2022 14:45:42 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/da9443d1/fetch-polyfill.vflset/ Frame 15C2 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da9443d1/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 17 Jun 2021 00:17:45 GMT
server: sffe
age: 78154
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Fri, 17 Jun 2022 14:45:42 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 15C2 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:03:43 GMT
x-content-type-options: nosniff
age: 537873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:03:43 GMT

GET
H3-29

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 15C2
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

14ms
13ms

XHR
application/json

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dcfeb7fd9cb494c5385d6c63bc932380fbb727554a67d8280b4e9f984f6ca0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 18 Jun 2021 12:28:16 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 15C2 29 B
424 B 26ms
6ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da9443d1/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:14:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 856
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Fri, 18 Jun 2021 12:29:00 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/da9443d1/player_ias.vflset/en_US/ Frame 15C2 93 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da9443d1/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da9443d1/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ac66c25615894c4154c349ff7a2d8501f46881622cd9c27f482424940f45a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 17 Jun 2021 00:17:45 GMT
server: sffe
age: 78154
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29358
x-xss-protection: 0
expires: Fri, 17 Jun 2022 14:45:42 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/da9443d1/player_ias.vflset/en_US/ Frame 15C2 25 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da9443d1/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da9443d1/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9dde92c72995d2a5636d09ba649d73e9d000023bec4af5dd6f0faf51a9452c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 17 Jun 2021 00:17:45 GMT
server: sffe
age: 78154
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7447
x-xss-protection: 0
expires: Fri, 17 Jun 2022 14:45:42 GMT

GET
H/1.1 200
OK index.html Show response
sdk.scdn.co/embedded/ Frame 486A 569 B
780 B 7ms
6ms Document
text/html 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.scdn.co/embedded/index.html
Requested by: Host: sdk.scdn.co
URL: https://sdk.scdn.co/spotify-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1fee0b34c67a3e22047b627896862289225552817e79f658ade465b28c7103e0

Request headers

Host: sdk.scdn.co
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://blip.fm/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blip.fm/

Response headers

Connection: keep-alive
Content-Length: 343
Last-Modified: Thu, 22 Apr 2021 09:44:36 GMT
ETag: "020a11e6234e4c90d39e37aa7af91eaf"
Content-Type: text/html
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 18 Jun 2021 12:28:16 GMT
Age: 2545008
X-Served-By: cache-ord1732-ORD, cache-hhn11564-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1986
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 39ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: empowerlocal-plugin-js.s3.us-east-2.amazonaws.com
URL: https://empowerlocal-plugin-js.s3.us-east-2.amazonaws.com/header.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

692ed6f5fb5ae582c77bad065c4cd169e718f52f05f47f4190e12c5405327f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "905 / 365 of 1000 / last-modified: 1624014547"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21452
x-xss-protection: 0
expires: Fri, 18 Jun 2021 12:28:16 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 70 KB
21 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: empowerlocal-plugin-js.s3.us-east-2.amazonaws.com
URL: https://empowerlocal-plugin-js.s3.us-east-2.amazonaws.com/header.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

016411539995971c9ff63223ab1f0928560e13539dd504986bfab4127e585a58

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20461
x-xss-protection: 0
server: sffe
date: Fri, 18 Jun 2021 12:28:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "d5af302023c292f6"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Jun 2021 12:28:16 GMT

GET
H2 200 vue.js Show response
cdn.jsdelivr.net/npm/vue@2.x/dist/ 336 KB
84 KB 61ms
44ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.x/dist/vue.js

Requested by

Host: empowerlocal-plugin-js.s3.us-east-2.amazonaws.com
URL: https://empowerlocal-plugin-js.s3.us-east-2.amazonaws.com/header.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69b75483b270421e1a89426dd59387ba090772313561c3e9fa415396a78e8936

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21142
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac0b0f96f00001f5177b6a000000001
x-served-by: cache-fra19165-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"53fc9-Jp9Vk24Ybv0rJ6ZZ5HLpQ6vP7ig"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6614843becc31f51-FRA

GET
H2 200 vuetify.js Show response
cdn.jsdelivr.net/npm/vuetify@2.x/dist/ 2 MB
227 KB 54ms
37ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vuetify@2.x/dist/vuetify.js

Requested by

Host: empowerlocal-plugin-js.s3.us-east-2.amazonaws.com
URL: https://empowerlocal-plugin-js.s3.us-east-2.amazonaws.com/header.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cb700496eef9c259d7443bbb2acbba050df70c05219bfde16dd19d88e353af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24076
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac0b0f97000001f51cf9dd000000001
x-served-by: cache-fra19172-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"189235-WmAVhHPhfHRDvFcYR4HSME793ew"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6614843becc51f51-FRA

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/250/ 353 KB
114 KB 25ms
8ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/250/addthis_widget.js?pub=Blip.fm

Requested by

Host: blip.fm
URL: https://blip.fm/_/js/base.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Fri, 18 Jun 2021 12:28:16 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H/1.1 200
OK QuickSignup.26.js.jgz Show response
d1uswytv6491xe.cloudfront.net/js/ 1 KB
1 KB 18ms
17ms Script
application/x-javascript 13.32.11.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1uswytv6491xe.cloudfront.net/js/QuickSignup.26.js.jgz
Requested by: Host: blip.fm
URL: https://blip.fm/_/js/base.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-130.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c00d50d6046dfc2e2a7de2a5a177d35e11b708fe9fc93f966c0d28a304ab485

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 03:39:52 GMT
Content-Encoding: gzip
Age: 10918105
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 742
Last-Modified: Thu, 04 Apr 2019 15:06:32 GMT
Server: AmazonS3
ETag: "7bc3abb8437d89e80c9407562df229a6"
Content-Type: application/x-javascript
Via: 1.1 c855d201fddbb6ef22989607fe8f5d1f.cloudfront.net (CloudFront)
Cache-Control: max-age=315360000
X-Amz-Cf-Pop: VIE50-C2
Accept-Ranges: bytes
X-Amz-Cf-Id: LYpMRsauyUTxaYr5V8kAkvcxVFwgp28BMFRNO8OQQIkFTTgS56djIQ==
Expires: Thu, 04 Apr 2024 15:06:30 GMT

GET
H/1.1 200
OK profile.26.js.jgz Show response
d1uswytv6491xe.cloudfront.net/js/ 4 KB
2 KB 18ms
17ms Script
application/x-javascript 13.32.11.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1uswytv6491xe.cloudfront.net/js/profile.26.js.jgz
Requested by: Host: blip.fm
URL: https://blip.fm/_/js/base.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-130.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b6c4dd2186139cfe5da8627cbd85b7f54e8b4d84164a4f98af88427c6ebb5e0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 10:51:59 GMT
Content-Encoding: gzip
Age: 610578
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1287
Last-Modified: Thu, 04 Apr 2019 15:06:42 GMT
Server: AmazonS3
ETag: "b3067d3023e15c0cfc5362eb35a1a08a"
Content-Type: application/x-javascript
Via: 1.1 ed5d8b8e3a8c20eaabbb29c087f04c66.cloudfront.net (CloudFront)
Cache-Control: max-age=315360000
X-Amz-Cf-Pop: VIE50-C2
Accept-Ranges: bytes
X-Amz-Cf-Id: LszoQwGedUOmxjSV0JlQG-qNi7lX583Mdwam0YqGnyo_kxCIcOtWxA==
Expires: Thu, 04 Apr 2024 15:06:41 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 15C2 4 KB
2 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da9443d1/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:16 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Fri, 18 Jun 2021 12:28:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 486A 48 KB
20 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sdk.scdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5379
date: Fri, 18 Jun 2021 10:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 18 Jun 2021 12:58:37 GMT

GET
H/1.1 200
OK index.js Show response
sdk.scdn.co/embedded/ Frame 486A 461 KB
112 KB 7ms
7ms Script
application/javascript 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.scdn.co/embedded/index.js
Requested by: Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3799840e4c9f8f842d29bd32da3ca39fc7cb1f5adf069126c37c996434f64e41

Request headers

Referer: https://sdk.scdn.co/embedded/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:28:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Apr 2021 09:44:36 GMT
Age: 869903
ETag: "06104d5845dc91facdae1d911c333d74"
X-Served-By: cache-ord1729-ORD, cache-hhn11564-HHN
X-Cache: HIT, HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 114646
X-Cache-Hits: 16, 1987

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 22ms
7ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js?pub=Blip.fm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:16 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=57434
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 pubads_impl_2021061503.js Show response
securepubads.g.doubleclick.net/gpt/ 325 KB
115 KB 38ms
14ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

408abc3a5bedff37056ecb1ba4872225de8a269ffe9aa04fd8fd38a7e7ec5116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 21:10:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116743
x-xss-protection: 0
expires: Fri, 18 Jun 2021 12:28:16 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/Blip.fm/ 166 B
325 B 238ms
237ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/Blip.fm/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js?pub=Blip.fm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:16 GMT
content-encoding: gzip
etag: 659743217
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 154

GET
H2 200 / Show response
apresolve.spotify.com/ Frame 486A 205 B
226 B 26ms
13ms Fetch
application/json 2600:1901:0:524d::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apresolve.spotify.com/?type=dealer&type=spclient
Requested by: Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:524d:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 655d2013c62900319a0da87ab51de91cf5432d6e119b7e8bd224389100b2931e

Request headers

Referer: https://sdk.scdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:16 GMT
content-encoding: gzip
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
alt-svc: clear
content-length: 98
via: 1.1 google

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
366 B 154ms
153ms XHR
text/javascript 13.32.5.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fblip.fm%2Fbridgecase3&pid=8HnXJY2MmDUaM&cb=0&ws=1600x1200&v=7.66.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_leaderboard%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_leaderboard%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_leaderboard%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_leaderboard%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_leaderboard%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_halfpage%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_mediumrectangle%22%7D%2C%7B%22sd%22%3A%227%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_mediumrectangle%22%7D%2C%7B%22sd%22%3A%228%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_mediumrectangle%22%7D%2C%7B%22sd%22%3A%229%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_mediumrectangle%22%7D%2C%7B%22sd%22%3A%2210%22%2C%22s%22%3A%5B%22336x280%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_largerectangle%22%7D%2C%7B%22sd%22%3A%2211%22%2C%22s%22%3A%5B%22336x280%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_largerectangle%22%7D%2C%7B%22sd%22%3A%2212%22%2C%22s%22%3A%5B%22336x280%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_largerectangle%22%7D%2C%7B%22sd%22%3A%2213%22%2C%22s%22%3A%5B%22336x280%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_largerectangle%22%7D%2C%7B%22sd%22%3A%2214%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_largeleaderboard%22%7D%2C%7B%22sd%22%3A%2215%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_skyscraper%22%7D%2C%7B%22sd%22%3A%2216%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_anchor%22%7D%2C%7B%22sd%22%3A%2217%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_superleaderboard%22%7D%2C%7B%22sd%22%3A%2218%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_leaderboardtop%22%7D%5D&cfgv=0&pubid=434bb5e4-3704-4b75-b36c-785a444462bd&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.5.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-5-125.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:17 GMT
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-C2
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://blip.fm
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: VGnNM5YJ9qLLYjnxHSOW4CmtIKjcpA1f8OUVKSzNiARWseYzetkqkA==

GET
H2 401 check_scope Show response
api.spotify.com/v1/melody/v1/ Frame 486A 77 B
247 B 16ms
16ms Fetch
application/json 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Requested by

Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

863e7d2c37417b268dcfbeb4430cccad660050490c6d66f2d657370df21c5b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

authorization: Bearer undefined
Referer: https://sdk.scdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
www-authenticate: Bearer realm="spotify", error="invalid_token", error_description="Invalid access token"
server: envoy
access-control-allow-origin: *
date: Fri, 18 Jun 2021 12:28:16 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
via: HTTP/2 edgeproxy, 1.1 google
access-control-allow-credentials: true
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
alt-svc: clear
content-length: 92
x-content-type-options: nosniff

OPTIONS
H2 200 check_scope
api.spotify.com/v1/melody/v1/ Frame 0
0 31ms
16ms Preflight 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Protocol

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://sdk.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 18 Jun 2021 12:28:16 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 33ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=blip.fm

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Jun 2021 12:28:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 34ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blip.fm

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Jun 2021 12:28:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 239 KB
71 KB 824ms
809ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1260892244065369&correlator=2391502028567952&output=ldjh&impl=fifs&eid=31061463%2C31061383&vrg=2021061503&ptt=17&sc=1&sfv=1-0-38&ecs=20210618&iu_parts=12230023%2Cel_blip_leaderboard%2Cel_blip_halfpage%2Cel_blip_mediumrectangle%2Cel_blip_largerectangle%2Cel_blip_largeleaderboard%2Cel_blip_skyscraper%2Cel_blip_anchor%2Cel_blip_superleaderboard%2Cel_blip_leaderboardtop&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F3%2C%2F0%2F3%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F4%2C%2F0%2F4%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9&prev_iu_szs=728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C300x600%2C300x250%2C300x250%2C300x250%2C300x250%2C336x280%2C336x280%2C336x280%2C336x280%2C970x90%2C160x600%2C728x90%2C970x250%2C728x90&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&arp=1&abxe=1&lmt=1624019297&dt=1624019297096&dlt=1624019295320&idt=1574&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C280%2C-9%2C436%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C664%2C-9%2C1110%2C-9%2C-9&adks=617433239%2C617433238%2C617433233%2C617433232%2C617433235%2C4165216314%2C3598324391%2C3598324388%2C3598324389%2C3598324394%2C1974185959%2C1974185958%2C1974185957%2C1974185956%2C3076314635%2C2382161721%2C3224969948%2C553478435%2C982267445&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fblip.fm%2Fbridgecase3&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1040x0%7C0x-1%7C1600x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1040x0%7C0x-1%7C1600x-1%7C0x-1%7C0x-1&ga_vid=1400390237.1624019296&ga_sid=1624019296&ga_hid=903683824&ga_fc=true&fws=2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C4%2C2%2C516%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1040%2C0%2C1040%2C0%2C0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C0%7C-1%7C0%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

0c31123fb368dcdd5f9295146f31ac5deabd0599eca46aed6cd23a569c43b606

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73000
x-xss-protection: 0
google-lineitem-id: -1,-1,-2,-2,-2,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-2,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-2,-2,-2,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-2,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blip.fm
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 49ms
16ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 401 check_scope Show response
api.spotify.com/v1/melody/v1/ Frame 486A 77 B
162 B 17ms
16ms Fetch
application/json 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Requested by

Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

863e7d2c37417b268dcfbeb4430cccad660050490c6d66f2d657370df21c5b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

authorization: Bearer undefined
Referer: https://sdk.scdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
www-authenticate: Bearer realm="spotify", error="invalid_token", error_description="Invalid access token"
server: envoy
access-control-allow-origin: *
date: Fri, 18 Jun 2021 12:28:17 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
via: HTTP/2 edgeproxy, 1.1 google
access-control-allow-credentials: true
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
alt-svc: clear
content-length: 92
x-content-type-options: nosniff

OPTIONS
H2 200 check_scope
api.spotify.com/v1/melody/v1/ Frame 0
0 16ms
16ms Preflight 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Protocol

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://sdk.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 18 Jun 2021 12:28:17 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H2 401 check_scope Show response
api.spotify.com/v1/melody/v1/ Frame 486A 77 B
162 B 16ms
16ms Fetch
application/json 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Requested by

Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

863e7d2c37417b268dcfbeb4430cccad660050490c6d66f2d657370df21c5b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

authorization: Bearer undefined
Referer: https://sdk.scdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
www-authenticate: Bearer realm="spotify", error="invalid_token", error_description="Invalid access token"
server: envoy
access-control-allow-origin: *
date: Fri, 18 Jun 2021 12:28:17 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
via: HTTP/2 edgeproxy, 1.1 google
access-control-allow-credentials: true
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
alt-svc: clear
content-length: 92
x-content-type-options: nosniff

OPTIONS
H2 200 check_scope
api.spotify.com/v1/melody/v1/ Frame 0
0 16ms
16ms Preflight 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Protocol

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://sdk.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 18 Jun 2021 12:28:17 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H3-29 200 container.html Show response
7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D6A2 6 KB
3 KB 21ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blip.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blip.fm/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 18 Jun 2021 12:28:17 GMT
expires: Sat, 18 Jun 2022 12:28:17 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 124A 6 KB
3 KB 18ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blip.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blip.fm/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 18 Jun 2021 12:28:17 GMT
expires: Sat, 18 Jun 2022 12:28:17 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:18 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842926269324"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28241
x-xss-protection: 0
expires: Fri, 18 Jun 2021 12:28:18 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 43ms
18ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021061503&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ec10609795a41b8c8ba8c965f125eb0350cd308db31eaef176e25a8e297e184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Jun 2021 12:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8425
x-xss-protection: 0

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 997D 624 B
297 B 15ms
15ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYncXFlQEwAQ&v=APEucNWeR4DVOzL-7K315a8sMhTpDytCd1qmgDLrKhJSTEGrtnslkcBOXNtDrs2NZprfjCEpoiuTaojNkm91P_9ynP2Hhm00fLYJGSHBS09NScqCebKAwCcshFR9uSIz3xeTC9f9eQwxCo5cSAIS0Z7DDVfN8etaJqBbDadJBBDAQefzSmzFWVI

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYncXFlQEwAQ&v=APEucNWeR4DVOzL-7K315a8sMhTpDytCd1qmgDLrKhJSTEGrtnslkcBOXNtDrs2NZprfjCEpoiuTaojNkm91P_9ynP2Hhm00fLYJGSHBS09NScqCebKAwCcshFR9uSIz3xeTC9f9eQwxCo5cSAIS0Z7DDVfN8etaJqBbDadJBBDAQefzSmzFWVI
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlhhjmNmCmTjCVhYp4x-TP6BpVSkRRsDWrOYOFIh7hWomccuhTUearD0p4P
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 18 Jun 2021 12:28:18 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D6A2 24 KB
12 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPrFHqq1WmzLjZa8bi_rz4sjYeDamZWwGJiExo7-brvuJetoHUmPLjB7mIlWjuLzhy8VJju5i0UbwC3rF1HUWBrnsaPF6rQnyIotY3NZWz6Y7xjT1eYIf4BjRfWwfx1b5yK0bne2u2ejWw0w1f0PWLTgrsCg&cry=1&dbm_d=AKAmf-DCFWt_S6KB2lXR_j1DfU113tX7yqpjCg9quCGHpcvaRRi3bTLx8fDCD6u6Z9pRODmY6YPtmoQx2sl6JGMIW03R4rcYpdyom7d6gyCXV49RYQHjhEWMAOUU2r9QXiSdpq54t_MvN86g3RAsVg1AWEndv6WVCefHoTl03qz0qOHDUnHZmFbD3cOFvreQ8J8bAdKXguWpH1CjLkwFg50GNhLCQJ5TkZl1biz5wA-49skJLtkRrqbwkCZy-5D6f-MH_NmqY-qZmWnMz-NHoZ-N5IUF7ET0Fbe2D_NqTSsrHjK4cvaYrQCoiP-C51nT_-YLDvsCflveiJCGwC33Tjhp-D2FFPZpVN2EWCs5SADlV_ILQlDT5zbM8Vw1RI8d4pZrStDt84_rP0cirryujC2zGom2XMqPQtBALJcLF-keqm7o8v2q-BwGOwj8AAYi_bmWi3JGbMiNvM20Ng8RmOR7ytuuGVn17HTKLlKTSH7MWN5SQ_02z7CvfzXucxhkHVa7X48XM6D536GuG4FAu7z9t7sb0yoCvw_Gz3s0uYhDjN-eaVa9xx--SGpM9P2mS6gr4URXbiJgfFNQU5O3tCAgeNoDhlz1VpR1HYJqO1HSjytdhLNbTVJB_8a6BXjO9DNGrsn3DH0mtW8j4t4yDe1isMAvWTXioECBeAVLBs9UB6fQWhIzxHOKkWUT7afCNxdiITuKNU5QLj8-LbtjPlhqKuGI5LS9Wq8gLlVl8RlGXxdbTW2QIN5ELumCOMO95h0u5Fbxi8NMN2_mYa-EP3bpTZ85Hu4MOoXnqzMKzFH5MLyXva3QT2vEEUbw92nP3pLHSGKakft24JjZJJAA-pZsLhB4U3rKIQB6mzbPfYwr69UHgx4XbCZczcRmEn9SJnpka_XRiJ0_PUiDPtn_l0CxmxzQMNxW36iXya00ECxlY6GDTYCO9GTG-Iuc7t8n98oH2XjIym7Fptu6W1ROQpF86hoM7zN61nb6emBn60iOLThxNAvItmpI7nbp_xDZ03rFX_CIMez40-nGxpCTCwLJvf9Q-ki5tnTQz0Jvla4FSTZqT-0JsTs9hw0a9JeiS6wBLOxxnJYnTdcuAsYce2HruCXJ4aMAfVSYtWuxMYw7nf76WNi66lRJWD7GESu_qkYAjUuavU_Jar4tyaITijYfleOvHrRPYLnUPz5YY8_RBM0WH0AGFxUPRhW6OlMe7V4phCwGR23ZcrHOiphv3LuKvneAetjgnQKlydjfKItBnlK9mas-xg3rCnIABU9GAdLrj2KJxIFhyJWVpxZM8BaPN8GjoI05ElbH7P1vzgJqZB1GiVzF2Wbm1Z31_ZftxDvGqfExt0_bnUKo0Y0rcXXwAdezGjzZSqKVrfplCqNv6gxYjUZkZcTiSHx9INRDnA85J_TLWo3mvfedfYs6ekZf693r4AaNkqprMG0UYHmCxtSxVFAgqkTWvh7n9si1ovYkeHgDrGy16ZDR4rU3hu4m2Prr1SE2b7iMUc2cPQPeWb7L5Yg2b2_8K3rXgliyxqUAEwgznetE8TJrUapHM3EbXGii2IcohgWeSn4q018JCwMDWp3YdkS7do6V9uu2aTwy9Beb6naiJG8IwOO3IRc90FBbQsUrMMPgku-dUhKJnKzt-7AEHNZDTTmHg9_pSn105nxcztiEGILxUqqUHRX2OpFy544HCMYKHAIofhcqsR3-Uj9Edr3XSNpTk6oLxiZ3x-Nb8WFPKMYFu-SsOXpFJAGg-jZuYpUlxaG0swtRYMJWqab3AuSr_ahYqmG238x2tHJMuM0Hfo9FOCM04W0NyFcqmjAwN0f-Pd5kfmZWI4ufGpsWj-spv8dGpTxurNnBAHNRTx95L8QwZuKQd3tGFoYhGHsTbMspQx4JTrJDDsn3G1h7NqyvBfUrP-7DBqnQCBKp9l2fjcxu3axiSzIRUKb_vYB6hKikGPnd4ig8VYuF_PxSOrZMtFwUflgdARCX761IDxYyinBfgWI-OZIlZJamo1uYe5sDxGtFZfMdgE_-OeS4ZSpk3qYbz7rbGIXiqj0G79esIK50WKp5tXG8NSFEVjOhtuxE6nXNiRtlaMwhVxmHQ8E41rVsDvR0tqmOuQNh0kx4ZhKkkv-SfnYHYN63uH0tCRLE_oHmlaUuU6amDny6o1Cvo3pMEI2NJm0CHBtsLEQCXvIXBvIv3GZO9xLIBCPzr3LxXZOf8OSFnrHZCf1Y-yWcoIxkck9rJ-NOsNKwuHa8Tz2HP4NottpJ5zPhwuj7E1a7NXj71myZFOZOK5ihhsDZFx_jhsx-CIQFKKblFu4LzTwDOHVkQQS3ULMApAzqhuK834Kn6MgLVVh0ZT0SKbmjWiXSnlKubWIt_quUCiQ4t2aOwlDE-yU-PFliC1oFF6k3sGO7uY5D-4vtSCbC92MsCazSXM0e7Yc7L144DSLqCBctsufOzv5wzpEwHbkr9iTBVZ--dg9QdT1kDZG987GJMWY3WK3JDkQG-rl3gLG6HHVQvDrApYIZv0tFgvy_1bb7d_p9EriLjKmzfFDtnojMG8e8-6ZxyohaKrnSuvEx93f6FrxZaTovBEt2fR9-tO2XvzLlbbEqgAG2gv8NVfBFt3Hkpp_0BYCz8jKjeLl_UV3zrp_UM_CpwLMXkEoU0TSaOXdmqYIEpJdlGoXtMLnWcu3Y7I_f0YhjRD0uIsZ7lYuhyADeFacKAJQ7hFX1tiQJ5k6Z0nzKZT2PWwSIxoKgbJgihBotQ9zT9D3i0xgDAMIGfGQVXNeqEsqST05mqaUD7tOVvcedYIFFsNBHFEBOfedUVB3602fsgjmdY0rz32hs_TzDM8otFQ93dCbjH_QnAklzwRtwMlDFpHRDfuObuM3a1LnI-Ue6KpL0HtwBztLpCCtW4Bx0qHHndcxqQgt9TxUUfGJjStSFkzD2WP2XeyQLc1VIhC9adoyAKnyC9PsGSdIVAaEpgLrdqHCY1sO35-LoU1BvzJHsUQHaT8FIAc_rTR3sGzDnUTWmh8fhXolWtvstmRDNuYdLaJIhKmpatOiu7sDsoq_xVvUKkEfVQ-lhd_7qgFg7WPAti5XgqcBtx-lj-KaYRn5Jo0vAB3rc5lEGEne8xwNw2cSHAVFUWHY5lNkQ1jt3OzdOXkny&cid=CAASEuRoyyc-4Ngm_rAeGqFoGpS-1g&rfl=1%2Chttps%253A%252F%252Fblip.fm%252F%240

Requested by

Host: blip.fm
URL: https://blip.fm/bridgecase3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc6ec8de3d87d609bc36f08b8cfce273bb620c84e51ffb32d00cd957ac69d551

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12457
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D6A2 42 B
226 B 46ms
42ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AEEOKIjYtSkcg8tA_thgBYM17oySsQsxXEp6ZYlBZmWNiyIfx9gZXxAVQ4rhRijlU7nEX9eKZKfa_BMw5VZ2NNUVjbsl4OG4zn3Eb6JUQ8j3viNyc

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame D6A2 3 KB
1 KB 34ms
10ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jul 2021 12:19:13 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D6A2 122 KB
37 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:18 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Fri, 18 Jun 2021 12:28:18 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame D6A2 13 KB
6 KB 28ms
5ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:17:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 10674426802404029766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jul 2021 12:17:53 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D6A2 0
0 36ms
13ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTv7sqqQo1eTc4b9N4VkAu7khds8BusLMeQgIl01eZ8yVMWc9jKTFxYP9gvwNYGVVZHos1zVmfeK4pgnzKDX_vsI2CVeA
Requested by: Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6C06 640 B
316 B 18ms
15ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNX4zZYLKUy3JfQVa05RkkOQa3t8nvb7Hdi2rg9HDTHNfLzPzEFLHvY8ugX9_VtITRnsbL9BDL9h-MKL9GGAcZJBa1k25ZiYt_4QkSlReWUNKrDA6ORH1uozye_C32RupLuErNwAR9Ouy6_Tt6fFk8T2JXOIUPOf4mJ-sOwySOJkiOX_794

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNX4zZYLKUy3JfQVa05RkkOQa3t8nvb7Hdi2rg9HDTHNfLzPzEFLHvY8ugX9_VtITRnsbL9BDL9h-MKL9GGAcZJBa1k25ZiYt_4QkSlReWUNKrDA6ORH1uozye_C32RupLuErNwAR9Ouy6_Tt6fFk8T2JXOIUPOf4mJ-sOwySOJkiOX_794
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlhhjmNmCmTjCVhYp4x-TP6BpVSkRRsDWrOYOFIh7hWomccuhTUearD0p4P
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 18 Jun 2021 12:28:18 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 124A 24 KB
12 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcJzFbkaepUJWECo-VvmfpZrj7DRBu9I3JpcWEJJdhL5KmkN6XIONGhGyfbTizhgPs4jYaEy3-URphRuXvledqlbmMTkCMdsUS91f_sgHvhedox8x-OhKBTqrwl580_doxoqsVMSDvWRVXkHcbt1GoBAuz0Q&cry=1&dbm_d=AKAmf-Bbdyxp4JIrkBpVGKhuip-WckZBUb5tuXqouaoO6EmbC2v9Rm0FlKXJNaur-megVxcqJnZhaXiDjKCAeUDLVprCfrfTOgCSrjbTdCXAwO0HM_LLxztfOSRCEU3ecFJQkSEFDH0XuqdR0kbXElv9VWfbXBzCD5g4OFc72aF-fzdLOGC--DT2dfAfU79xSiRX48aQXqSlBcJ7raqLxkwd2HgwMMey9uGJLmNYR-tNLF7D0W0jVdvLRtGbvx5J2VhXMti3tkRQDsiXPvknuMAi6KCCaxVZDrAfLteNLF1pBAwVuzwl059c2v_YZIp9Jzk3XH5DJ0IVnLbbV21r1Z93W90OKXybBzmgBiBc9xADAY06u4CtMnA3Vza2sy-z6Y9F5_NJ6Cx_dweALrnrKtNTwvZKU2a3QjenLvU7q6aglhKEu6gEKgFngQ5HVWdQr5iWCAfpei9Ga--M0Ywf3WQ1F83Jr_-BiJrXKdC5oqMgW7Ix7x85H3CS8m5tYk-RZE7UYipcbHXpIfE-Uox8Fdkgei2ciwtpCyIx06be9ERDULJ7iHh_WhlXx6DP6NonB-nGeo4bh9onkxhF_6T8FLHTfVxqIfpHtAnsNEJyMmckeAvY1qAGllNJmTs72sLFuMTfI8pZsic5td0L2FTOVUnyU_IKLekiRwc2YvMRZZE4CbJAHarNVnRazHRgT69PyhEoyE-X6tspWvNH1sSbH1p4AbJP9FJ-t59cDZdHkWCeK840-w05HY5IrQarVZYq6JWfOyh8LGEA-rqM1Ff12lH1zx6nhGtMGwHrbW4n7c5U0E_9q6yRL4pPOjnVA-Kr-psC_qhs7X8viRPDj14_D3snmsRkpGXW2ggBo2pR1RWMHnIiPIIhhIXyjAFxJMn9I4XvEe40HxNtvLNLaO255QFli1lDjZYZD7bNAP9hJl-HjBox1R6M9JRsPRiWwnXnN-rL6heWL1_tvJGqXHZUAX3aGrDoRrWnWRf9OsWRPtHxCpxWWjyry-Q9wO4ZihwnQRIgQ3I9xkCD6pAf-0t-cOlmfTdvFZAcIZBX5sQc2r1PilIgsMj3z1Y8oXylTx4Lfati0VWRvOGpMb0MyIj4HeERJOphjNjxtMlCXkXfFNeIlYNJFffIB0nOs_4ghippKvdAKyyP8jxf4wnYsC6YPtScZZ7txz-7V3lKi_byvJO9corTxDIBxvKHkkMaI97DOkj6y1W9bRqv71g35XwdyYsja6kmWU-vovgcEnzbDffFKiWRfeZ0Ru34X1yuH6wmSCyaq3JA6HsgFlqmpjb0swu8e7_wJAILy2VThDql8HKx4R4H9hWyjkc6XRX6zjEUycYcAcaNpnvmYPFfnWFbYoM6DxcseY_eDpnjD3pC9ZLaoqWaWB7YQnNagQXE4m2XlfCvXz0glIKu4ZMUy-sRAjnjw8e6W-umhFOcmsD1IEPKY7VIyDlNj3vqoixSA9CcnMnGEwb1O2tqHKaw-TZSY4OafyEAnUeNnkZ5ru_x_LGYMolUfIOdmTDLs_S93u8zLOOIn83DxKyzNL5EyHqsDaP1QOWpSaYrdUdyFTdazfAe-dzNQBBaA4QkCsmCJVvgSxs7K5_cfFIw6Csfa68pFz8B1UYwRKamLwcrsNdMK9Bvo-cZ71OlzN2sNy71vrcjtphy9ZYxWMFr5c3qqUFnY--cKYZaY6vbQVjEkN9GgOXS26BppDNMHKQ5ONDzq2C6EudAFYe_VUhRZel-zuoQHj_R7xJ_fIY4zvvT5e45A_mrj6BXNLFHlloGUTfwNSPFys_Nv2GrPb-b1VrL8ZMeN7LJAswLa1c64WMxfUKlttVE6yNI1ir2j6lP-E9GtnZxtHphm-q3TUchlGpNgsEbluwH6IosvFlowbXQkASUyKQ3UzGzF7FUWRDZVgh6QVQYFarobV9NNRJwsCf6LLavNgyBQoi5vuHYiOLJWm_PHXogfpJ5B8IPk4tQT7DNpNvnYLMBScRhP6U2kf71r3UpgYMZF1UvLCU1ksNI-Pjt0Qp1x5i5JVkuLKbYFr6QbsQYdcilMXoQt1cy1L3iOJIq1hJMTFQ-voklh0tn3vbQOxfh2l5ZsakxPRHzBIhhDAMMLacIQeyZVj6spmfvbxKZGDtZGVkG3OwuWjkHvYvZJqw9_hyv75ZXRC2cOHp85CnDxDZcu2zBbmkmkknIwisjzKKD9TA3uKsAILTda-89zOEo1nANCpHNnFP0FmDRBwLgGOwrIRDnohrkpSEzvpRNyE4wtKiTumFklSo9ON7DLfwTrM7r5tER-sAlKCol-wttrj_imq9F556B4-qf3bXiHnugduMO9JiKVLWCbdepR58pnSBX5I_GQmVB-mz8siBKbvI_jNz5dQTeH-pZWLbLjAXGcx8s3suowFbFOw2PoQK4oPGPFw3lArZ1pmMHMcFMv991PftdfPRuDi4peZ9B7mblUECh9fh9MG0Avw_WXZqCekwfEKw0dRmNK7x8xHg3IYzf_alfHzA0-igG_j50Ii4sfx5WukPBbTYDOkz35IpYE-ZKtbXibp18i0CL5IkjGPQv33wbVZ0wjaG_GjgbUSN14YMFC0tJ5ttyWe-gT3u5pINHi9aeSLAr0NBG_kpHQEirxKpMRyf__XGnZlCQ1eE2i1s2jmHVsEjD3jBzBNHk3r8cUdpuq4M56i6F5ezaoSfqXPq2irsyxO5aaMtZhNc3lcjtOp6w_pFsSI5WWTbcbVBqSciS8_bIy1g0vSQ0UgdgQMrLvGuTBW_M8Yi_Z_Idbear_Ka-PiZaUjUEWeXN46P_FGcpdDjmp_KH03X2sRsUN5jcLace8pi7qsEcpSiZ1s-Yqv5T7E3QT9o02N6fgak98VxvfllDS-X7givgFr5fQBRguCF9ySnr8j87e60VOkXIy33-4mJcNoZwtKOvhVGfDbTdj90LpFKnK-ZZYxGnsEwx-d6iHk8MXffjFLx08obwroP80rvMZ8PLYexROCO2uOs_8kEoJgILnD6y2zd9RY7MC8byYnFNyByr4FR1-m27HdY1zhK1mlR7lPCA6rFHULKw5IDPFh6uA1TAhfASQ74eMhIs057fgIM2hzF1Z4VbAM1kW2dr6h9IJ0P3PjTj7PQHziV4kfsevtNKjB8YW-KSVEZJ&cid=CAASEuRomFgIMG-H3UTQX0QI11KJdw&rfl=1%2Chttps%253A%252F%252Fblip.fm%252F%240

Requested by

Host: blip.fm
URL: https://blip.fm/bridgecase3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6744007e9eb762dee8e83109d992e739e0482ebbaf8c0f6ca3d6af439e267624

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12277
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 124A 42 B
107 B 43ms
41ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DpABzFAiqFNB9jnCQY1OxysBRvJSRiUxrgq7avECmDckFp_q_qn2pU_-UbQ9IC_uy1FRnuK37aAMV1c1uLXBoqcWsiQs-QYayGcFRA5tBIGRWBunI

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 124A 3 KB
1 KB 30ms
10ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jul 2021 12:19:13 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 124A 122 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:18 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Fri, 18 Jun 2021 12:28:18 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 124A 13 KB
6 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:17:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 10674426802404029766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jul 2021 12:17:53 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 18 Jun 2021 12:28:18 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/ Frame D6A2 22 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPrFHqq1WmzLjZa8bi_rz4sjYeDamZWwGJiExo7-brvuJetoHUmPLjB7mIlWjuLzhy8VJju5i0UbwC3rF1HUWBrnsaPF6rQnyIotY3NZWz6Y7xjT1eYIf4BjRfWwfx1b5yK0bne2u2ejWw0w1f0PWLTgrsCg&cry=1&dbm_d=AKAmf-DCFWt_S6KB2lXR_j1DfU113tX7yqpjCg9quCGHpcvaRRi3bTLx8fDCD6u6Z9pRODmY6YPtmoQx2sl6JGMIW03R4rcYpdyom7d6gyCXV49RYQHjhEWMAOUU2r9QXiSdpq54t_MvN86g3RAsVg1AWEndv6WVCefHoTl03qz0qOHDUnHZmFbD3cOFvreQ8J8bAdKXguWpH1CjLkwFg50GNhLCQJ5TkZl1biz5wA-49skJLtkRrqbwkCZy-5D6f-MH_NmqY-qZmWnMz-NHoZ-N5IUF7ET0Fbe2D_NqTSsrHjK4cvaYrQCoiP-C51nT_-YLDvsCflveiJCGwC33Tjhp-D2FFPZpVN2EWCs5SADlV_ILQlDT5zbM8Vw1RI8d4pZrStDt84_rP0cirryujC2zGom2XMqPQtBALJcLF-keqm7o8v2q-BwGOwj8AAYi_bmWi3JGbMiNvM20Ng8RmOR7ytuuGVn17HTKLlKTSH7MWN5SQ_02z7CvfzXucxhkHVa7X48XM6D536GuG4FAu7z9t7sb0yoCvw_Gz3s0uYhDjN-eaVa9xx--SGpM9P2mS6gr4URXbiJgfFNQU5O3tCAgeNoDhlz1VpR1HYJqO1HSjytdhLNbTVJB_8a6BXjO9DNGrsn3DH0mtW8j4t4yDe1isMAvWTXioECBeAVLBs9UB6fQWhIzxHOKkWUT7afCNxdiITuKNU5QLj8-LbtjPlhqKuGI5LS9Wq8gLlVl8RlGXxdbTW2QIN5ELumCOMO95h0u5Fbxi8NMN2_mYa-EP3bpTZ85Hu4MOoXnqzMKzFH5MLyXva3QT2vEEUbw92nP3pLHSGKakft24JjZJJAA-pZsLhB4U3rKIQB6mzbPfYwr69UHgx4XbCZczcRmEn9SJnpka_XRiJ0_PUiDPtn_l0CxmxzQMNxW36iXya00ECxlY6GDTYCO9GTG-Iuc7t8n98oH2XjIym7Fptu6W1ROQpF86hoM7zN61nb6emBn60iOLThxNAvItmpI7nbp_xDZ03rFX_CIMez40-nGxpCTCwLJvf9Q-ki5tnTQz0Jvla4FSTZqT-0JsTs9hw0a9JeiS6wBLOxxnJYnTdcuAsYce2HruCXJ4aMAfVSYtWuxMYw7nf76WNi66lRJWD7GESu_qkYAjUuavU_Jar4tyaITijYfleOvHrRPYLnUPz5YY8_RBM0WH0AGFxUPRhW6OlMe7V4phCwGR23ZcrHOiphv3LuKvneAetjgnQKlydjfKItBnlK9mas-xg3rCnIABU9GAdLrj2KJxIFhyJWVpxZM8BaPN8GjoI05ElbH7P1vzgJqZB1GiVzF2Wbm1Z31_ZftxDvGqfExt0_bnUKo0Y0rcXXwAdezGjzZSqKVrfplCqNv6gxYjUZkZcTiSHx9INRDnA85J_TLWo3mvfedfYs6ekZf693r4AaNkqprMG0UYHmCxtSxVFAgqkTWvh7n9si1ovYkeHgDrGy16ZDR4rU3hu4m2Prr1SE2b7iMUc2cPQPeWb7L5Yg2b2_8K3rXgliyxqUAEwgznetE8TJrUapHM3EbXGii2IcohgWeSn4q018JCwMDWp3YdkS7do6V9uu2aTwy9Beb6naiJG8IwOO3IRc90FBbQsUrMMPgku-dUhKJnKzt-7AEHNZDTTmHg9_pSn105nxcztiEGILxUqqUHRX2OpFy544HCMYKHAIofhcqsR3-Uj9Edr3XSNpTk6oLxiZ3x-Nb8WFPKMYFu-SsOXpFJAGg-jZuYpUlxaG0swtRYMJWqab3AuSr_ahYqmG238x2tHJMuM0Hfo9FOCM04W0NyFcqmjAwN0f-Pd5kfmZWI4ufGpsWj-spv8dGpTxurNnBAHNRTx95L8QwZuKQd3tGFoYhGHsTbMspQx4JTrJDDsn3G1h7NqyvBfUrP-7DBqnQCBKp9l2fjcxu3axiSzIRUKb_vYB6hKikGPnd4ig8VYuF_PxSOrZMtFwUflgdARCX761IDxYyinBfgWI-OZIlZJamo1uYe5sDxGtFZfMdgE_-OeS4ZSpk3qYbz7rbGIXiqj0G79esIK50WKp5tXG8NSFEVjOhtuxE6nXNiRtlaMwhVxmHQ8E41rVsDvR0tqmOuQNh0kx4ZhKkkv-SfnYHYN63uH0tCRLE_oHmlaUuU6amDny6o1Cvo3pMEI2NJm0CHBtsLEQCXvIXBvIv3GZO9xLIBCPzr3LxXZOf8OSFnrHZCf1Y-yWcoIxkck9rJ-NOsNKwuHa8Tz2HP4NottpJ5zPhwuj7E1a7NXj71myZFOZOK5ihhsDZFx_jhsx-CIQFKKblFu4LzTwDOHVkQQS3ULMApAzqhuK834Kn6MgLVVh0ZT0SKbmjWiXSnlKubWIt_quUCiQ4t2aOwlDE-yU-PFliC1oFF6k3sGO7uY5D-4vtSCbC92MsCazSXM0e7Yc7L144DSLqCBctsufOzv5wzpEwHbkr9iTBVZ--dg9QdT1kDZG987GJMWY3WK3JDkQG-rl3gLG6HHVQvDrApYIZv0tFgvy_1bb7d_p9EriLjKmzfFDtnojMG8e8-6ZxyohaKrnSuvEx93f6FrxZaTovBEt2fR9-tO2XvzLlbbEqgAG2gv8NVfBFt3Hkpp_0BYCz8jKjeLl_UV3zrp_UM_CpwLMXkEoU0TSaOXdmqYIEpJdlGoXtMLnWcu3Y7I_f0YhjRD0uIsZ7lYuhyADeFacKAJQ7hFX1tiQJ5k6Z0nzKZT2PWwSIxoKgbJgihBotQ9zT9D3i0xgDAMIGfGQVXNeqEsqST05mqaUD7tOVvcedYIFFsNBHFEBOfedUVB3602fsgjmdY0rz32hs_TzDM8otFQ93dCbjH_QnAklzwRtwMlDFpHRDfuObuM3a1LnI-Ue6KpL0HtwBztLpCCtW4Bx0qHHndcxqQgt9TxUUfGJjStSFkzD2WP2XeyQLc1VIhC9adoyAKnyC9PsGSdIVAaEpgLrdqHCY1sO35-LoU1BvzJHsUQHaT8FIAc_rTR3sGzDnUTWmh8fhXolWtvstmRDNuYdLaJIhKmpatOiu7sDsoq_xVvUKkEfVQ-lhd_7qgFg7WPAti5XgqcBtx-lj-KaYRn5Jo0vAB3rc5lEGEne8xwNw2cSHAVFUWHY5lNkQ1jt3OzdOXkny&cid=CAASEuRoyyc-4Ngm_rAeGqFoGpS-1g&rfl=1%2Chttps%253A%252F%252Fblip.fm%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5913491ab33dd1891820af7d900c22d50839b52cc5e6c7c8da2bfa405d2ba8b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8638
x-xss-protection: 0
server: cafe
etag: 15675381762197352129
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jul 2021 12:24:34 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D6A2 41 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77447
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jun 2022 14:57:31 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 997D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEzOjCCI_Z1BLKVM1eMxpgc&google_cver=1

43 B
1014 B

26ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEzOjCCI_Z1BLKVM1eMxpgc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYncXFlQEwAQ&v=APEucNWeR4DVOzL-7K315a8sMhTpDytCd1qmgDLrKhJSTEGrtnslkcBOXNtDrs2NZprfjCEpoiuTaojNkm91P_9ynP2Hhm00fLYJGSHBS09NScqCebKAwCcshFR9uSIz3xeTC9f9eQwxCo5cSAIS0Z7DDVfN8etaJqBbDadJBBDAQefzSmzFWVI
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:28:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 18 Jun 2021 12:28:18 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEzOjCCI_Z1BLKVM1eMxpgc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 997D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMyRYh8et4-Eb3mjrBFJ-gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEzOjCCI_Z1BLKVM1eMxpgc&google_cver=1

43 B
894 B

12ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEzOjCCI_Z1BLKVM1eMxpgc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYncXFlQEwAQ&v=APEucNWeR4DVOzL-7K315a8sMhTpDytCd1qmgDLrKhJSTEGrtnslkcBOXNtDrs2NZprfjCEpoiuTaojNkm91P_9ynP2Hhm00fLYJGSHBS09NScqCebKAwCcshFR9uSIz3xeTC9f9eQwxCo5cSAIS0Z7DDVfN8etaJqBbDadJBBDAQefzSmzFWVI
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:28:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 18 Jun 2021 12:28:18 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEzOjCCI_Z1BLKVM1eMxpgc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 997D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEFy-VPLV_6lpa_qSf3z_5s&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEFy-VPLV_6lpa_qSf3z_5s%26google_cver%3D1

43 B
1 KB

14ms
14ms

Image
image/gif

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEFy-VPLV_6lpa_qSf3z_5s%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYncXFlQEwAQ&v=APEucNWeR4DVOzL-7K315a8sMhTpDytCd1qmgDLrKhJSTEGrtnslkcBOXNtDrs2NZprfjCEpoiuTaojNkm91P_9ynP2Hhm00fLYJGSHBS09NScqCebKAwCcshFR9uSIz3xeTC9f9eQwxCo5cSAIS0Z7DDVfN8etaJqBbDadJBBDAQefzSmzFWVI

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:28:18 GMT
X-Proxy-Origin: 5.180.62.139; 5.180.62.139; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.77:80
AN-X-Request-Uuid: 808b6f40-0bc5-48a9-8157-5829967ada7b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:28:18 GMT
X-Proxy-Origin: 5.180.62.139; 5.180.62.139; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.108:80
AN-X-Request-Uuid: 026755a1-1b61-4df5-9c6b-55b1d9f9b6eb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEFy-VPLV_6lpa_qSf3z_5s%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 997D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc1NDc3NDA1MzU0Mzk4NzkxMg%3D%3D

170 B
188 B

15ms
15ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc1NDc3NDA1MzU0Mzk4NzkxMg%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:28:18 GMT
X-Proxy-Origin: 5.180.62.139; 5.180.62.139; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.137:80
AN-X-Request-Uuid: 32afd041-676f-4923-a114-22bd7f18678c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc1NDc3NDA1MzU0Mzk4NzkxMg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6C06
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKfzAHG6ehMyLMrLcfhfNTs&google_cver=1

43 B
180 B

16ms
15ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKfzAHG6ehMyLMrLcfhfNTs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNX4zZYLKUy3JfQVa05RkkOQa3t8nvb7Hdi2rg9HDTHNfLzPzEFLHvY8ugX9_VtITRnsbL9BDL9h-MKL9GGAcZJBa1k25ZiYt_4QkSlReWUNKrDA6ORH1uozye_C32RupLuErNwAR9Ouy6_Tt6fFk8T2JXOIUPOf4mJ-sOwySOJkiOX_794
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKfzAHG6ehMyLMrLcfhfNTs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6C06
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjM4OTlmOGItYzM5OS0yNDRjLWUxODctZGJmZGNkZTE4ODE0

170 B
188 B

28ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjM4OTlmOGItYzM5OS0yNDRjLWUxODctZGJmZGNkZTE4ODE0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNX4zZYLKUy3JfQVa05RkkOQa3t8nvb7Hdi2rg9HDTHNfLzPzEFLHvY8ugX9_VtITRnsbL9BDL9h-MKL9GGAcZJBa1k25ZiYt_4QkSlReWUNKrDA6ORH1uozye_C32RupLuErNwAR9Ouy6_Tt6fFk8T2JXOIUPOf4mJ-sOwySOJkiOX_794

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 18 Jun 2021 12:28:18 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjM4OTlmOGItYzM5OS0yNDRjLWUxODctZGJmZGNkZTE4ODE0
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 6C06
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEH2T7SzVSg3gG35qulJ6te4&google_cver=1

23 B
172 B

34ms
32ms

Image
image/gif

184.31.88.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEH2T7SzVSg3gG35qulJ6te4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNX4zZYLKUy3JfQVa05RkkOQa3t8nvb7Hdi2rg9HDTHNfLzPzEFLHvY8ugX9_VtITRnsbL9BDL9h-MKL9GGAcZJBa1k25ZiYt_4QkSlReWUNKrDA6ORH1uozye_C32RupLuErNwAR9Ouy6_Tt6fFk8T2JXOIUPOf4mJ-sOwySOJkiOX_794
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.88.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-88-106.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 18 Jun 2021 12:28:18 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEH2T7SzVSg3gG35qulJ6te4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6C06
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NDQ4MDU1MjBmYmIyNzliNjZlMjRmODllNDRjNjdlNWFiYjNlNzU2MA==

170 B
188 B

33ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NDQ4MDU1MjBmYmIyNzliNjZlMjRmODllNDRjNjdlNWFiYjNlNzU2MA==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
server: akka-http/10.2.3
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NDQ4MDU1MjBmYmIyNzliNjZlMjRmODllNDRjNjdlNWFiYjNlNzU2MA==
cache-control: max-age=0, no-cache, no-store
content-length: 197
expires: Fri, 18 Jun 2021 12:28:18 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/ Frame 124A 22 KB
8 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcJzFbkaepUJWECo-VvmfpZrj7DRBu9I3JpcWEJJdhL5KmkN6XIONGhGyfbTizhgPs4jYaEy3-URphRuXvledqlbmMTkCMdsUS91f_sgHvhedox8x-OhKBTqrwl580_doxoqsVMSDvWRVXkHcbt1GoBAuz0Q&cry=1&dbm_d=AKAmf-Bbdyxp4JIrkBpVGKhuip-WckZBUb5tuXqouaoO6EmbC2v9Rm0FlKXJNaur-megVxcqJnZhaXiDjKCAeUDLVprCfrfTOgCSrjbTdCXAwO0HM_LLxztfOSRCEU3ecFJQkSEFDH0XuqdR0kbXElv9VWfbXBzCD5g4OFc72aF-fzdLOGC--DT2dfAfU79xSiRX48aQXqSlBcJ7raqLxkwd2HgwMMey9uGJLmNYR-tNLF7D0W0jVdvLRtGbvx5J2VhXMti3tkRQDsiXPvknuMAi6KCCaxVZDrAfLteNLF1pBAwVuzwl059c2v_YZIp9Jzk3XH5DJ0IVnLbbV21r1Z93W90OKXybBzmgBiBc9xADAY06u4CtMnA3Vza2sy-z6Y9F5_NJ6Cx_dweALrnrKtNTwvZKU2a3QjenLvU7q6aglhKEu6gEKgFngQ5HVWdQr5iWCAfpei9Ga--M0Ywf3WQ1F83Jr_-BiJrXKdC5oqMgW7Ix7x85H3CS8m5tYk-RZE7UYipcbHXpIfE-Uox8Fdkgei2ciwtpCyIx06be9ERDULJ7iHh_WhlXx6DP6NonB-nGeo4bh9onkxhF_6T8FLHTfVxqIfpHtAnsNEJyMmckeAvY1qAGllNJmTs72sLFuMTfI8pZsic5td0L2FTOVUnyU_IKLekiRwc2YvMRZZE4CbJAHarNVnRazHRgT69PyhEoyE-X6tspWvNH1sSbH1p4AbJP9FJ-t59cDZdHkWCeK840-w05HY5IrQarVZYq6JWfOyh8LGEA-rqM1Ff12lH1zx6nhGtMGwHrbW4n7c5U0E_9q6yRL4pPOjnVA-Kr-psC_qhs7X8viRPDj14_D3snmsRkpGXW2ggBo2pR1RWMHnIiPIIhhIXyjAFxJMn9I4XvEe40HxNtvLNLaO255QFli1lDjZYZD7bNAP9hJl-HjBox1R6M9JRsPRiWwnXnN-rL6heWL1_tvJGqXHZUAX3aGrDoRrWnWRf9OsWRPtHxCpxWWjyry-Q9wO4ZihwnQRIgQ3I9xkCD6pAf-0t-cOlmfTdvFZAcIZBX5sQc2r1PilIgsMj3z1Y8oXylTx4Lfati0VWRvOGpMb0MyIj4HeERJOphjNjxtMlCXkXfFNeIlYNJFffIB0nOs_4ghippKvdAKyyP8jxf4wnYsC6YPtScZZ7txz-7V3lKi_byvJO9corTxDIBxvKHkkMaI97DOkj6y1W9bRqv71g35XwdyYsja6kmWU-vovgcEnzbDffFKiWRfeZ0Ru34X1yuH6wmSCyaq3JA6HsgFlqmpjb0swu8e7_wJAILy2VThDql8HKx4R4H9hWyjkc6XRX6zjEUycYcAcaNpnvmYPFfnWFbYoM6DxcseY_eDpnjD3pC9ZLaoqWaWB7YQnNagQXE4m2XlfCvXz0glIKu4ZMUy-sRAjnjw8e6W-umhFOcmsD1IEPKY7VIyDlNj3vqoixSA9CcnMnGEwb1O2tqHKaw-TZSY4OafyEAnUeNnkZ5ru_x_LGYMolUfIOdmTDLs_S93u8zLOOIn83DxKyzNL5EyHqsDaP1QOWpSaYrdUdyFTdazfAe-dzNQBBaA4QkCsmCJVvgSxs7K5_cfFIw6Csfa68pFz8B1UYwRKamLwcrsNdMK9Bvo-cZ71OlzN2sNy71vrcjtphy9ZYxWMFr5c3qqUFnY--cKYZaY6vbQVjEkN9GgOXS26BppDNMHKQ5ONDzq2C6EudAFYe_VUhRZel-zuoQHj_R7xJ_fIY4zvvT5e45A_mrj6BXNLFHlloGUTfwNSPFys_Nv2GrPb-b1VrL8ZMeN7LJAswLa1c64WMxfUKlttVE6yNI1ir2j6lP-E9GtnZxtHphm-q3TUchlGpNgsEbluwH6IosvFlowbXQkASUyKQ3UzGzF7FUWRDZVgh6QVQYFarobV9NNRJwsCf6LLavNgyBQoi5vuHYiOLJWm_PHXogfpJ5B8IPk4tQT7DNpNvnYLMBScRhP6U2kf71r3UpgYMZF1UvLCU1ksNI-Pjt0Qp1x5i5JVkuLKbYFr6QbsQYdcilMXoQt1cy1L3iOJIq1hJMTFQ-voklh0tn3vbQOxfh2l5ZsakxPRHzBIhhDAMMLacIQeyZVj6spmfvbxKZGDtZGVkG3OwuWjkHvYvZJqw9_hyv75ZXRC2cOHp85CnDxDZcu2zBbmkmkknIwisjzKKD9TA3uKsAILTda-89zOEo1nANCpHNnFP0FmDRBwLgGOwrIRDnohrkpSEzvpRNyE4wtKiTumFklSo9ON7DLfwTrM7r5tER-sAlKCol-wttrj_imq9F556B4-qf3bXiHnugduMO9JiKVLWCbdepR58pnSBX5I_GQmVB-mz8siBKbvI_jNz5dQTeH-pZWLbLjAXGcx8s3suowFbFOw2PoQK4oPGPFw3lArZ1pmMHMcFMv991PftdfPRuDi4peZ9B7mblUECh9fh9MG0Avw_WXZqCekwfEKw0dRmNK7x8xHg3IYzf_alfHzA0-igG_j50Ii4sfx5WukPBbTYDOkz35IpYE-ZKtbXibp18i0CL5IkjGPQv33wbVZ0wjaG_GjgbUSN14YMFC0tJ5ttyWe-gT3u5pINHi9aeSLAr0NBG_kpHQEirxKpMRyf__XGnZlCQ1eE2i1s2jmHVsEjD3jBzBNHk3r8cUdpuq4M56i6F5ezaoSfqXPq2irsyxO5aaMtZhNc3lcjtOp6w_pFsSI5WWTbcbVBqSciS8_bIy1g0vSQ0UgdgQMrLvGuTBW_M8Yi_Z_Idbear_Ka-PiZaUjUEWeXN46P_FGcpdDjmp_KH03X2sRsUN5jcLace8pi7qsEcpSiZ1s-Yqv5T7E3QT9o02N6fgak98VxvfllDS-X7givgFr5fQBRguCF9ySnr8j87e60VOkXIy33-4mJcNoZwtKOvhVGfDbTdj90LpFKnK-ZZYxGnsEwx-d6iHk8MXffjFLx08obwroP80rvMZ8PLYexROCO2uOs_8kEoJgILnD6y2zd9RY7MC8byYnFNyByr4FR1-m27HdY1zhK1mlR7lPCA6rFHULKw5IDPFh6uA1TAhfASQ74eMhIs057fgIM2hzF1Z4VbAM1kW2dr6h9IJ0P3PjTj7PQHziV4kfsevtNKjB8YW-KSVEZJ&cid=CAASEuRomFgIMG-H3UTQX0QI11KJdw&rfl=1%2Chttps%253A%252F%252Fblip.fm%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5913491ab33dd1891820af7d900c22d50839b52cc5e6c7c8da2bfa405d2ba8b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8638
x-xss-protection: 0
server: cafe
etag: 15675381762197352129
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jul 2021 12:24:34 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 124A 41 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77447
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jun 2022 14:57:31 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 277F 22 KB
8 KB 6ms
5ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 18 Jun 2021 11:17:20 GMT
expires: Sat, 18 Jun 2022 11:17:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 4727t6qteyti Show response
hal9000.redintelligence.net/zone/ Frame 124A 11 KB
4 KB 38ms
13ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUUZ9YZHMYIG-DJGK3wO_kb-YDbXN-YNX_Ni5q-UM8C4QASC1y4pGYJWCgICwB8gBCakC0oRSBH77sz6oAwGqBLgBT9C3BN5dVlYaZdMe1ygYDdMDwAj_-JSZErwCeiSUkcKa6CMFVBR7hOzET31tq-Ch4oZpQ718l5MXMMF6Cf58twMgcjdH7CbxL5g-HoU3NchaQMHAfGCVtbwNlJyNUpz_MNlC8OHFnuT7-l7ZM-ZVr9YoZ0NKxW-5mEwfH_hUKhfZmDzRHXptAouDbJfl4JYrzH7rtLB0df0r1R3SMEnGOAQhAmAMFOP8aV_rcMuczynIpLy1dmADvcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRomFgIMG-H3UTQX0QI11KJdw%26sig%3DAOD64_3pqNWbRZUbht7VsS3mAAYzK7SYOQ%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-CLtm6CCjaiwOOd1iaaueWOGiBof0hnjPNns_UXJcnSA4YBmvOkvtE09mioyeWt99LbxXyd4Z6WOA70qd9GRKUjYIM2bDhXXPNTdpEKUJvc11IQdqSYVO3uW0uh4hzdbS4yidMidp666T6-4eGuwmtK9GnXMQ%26cry%3D1%26dbm_d%3DAKAmf-A_Cz1UVpLNAXI7BPmueUe7dKwr8ReoItpo4JpIaM3qkBsnHklznKoj_6zBephlHsinNsACN3WudavYovPFyimr-qY7VNKM7YUQo9H_FI-bH1-v81BByxFiaxne6aZmewc01NnWs9BVrKILos-k3VrXWuQECbCuXYk8E3-_YpwUOjkRRFDDH1aiBoD8B7mX20lLGWJFNz0Jp-77o_W_WL5_X0qOxKZyGrnUIg0iMUhZj9Ui4dqj-u5PojheK1ZrRD8PDfcf-wIkQufnT7fB6tMlGoWztTmNu9GNGEbRXhnVKN8Rcr9zIqrakDNu2mVrNbvqy-v8slN9r5SIkEXcWj63p4fnyw-t91HRvOey0vzh-SsgVLV-89B7vtfa-HUmPyUkMqDLave0JosMrYd71i4Xilqc6mzV985QLefkot9mywy8VgrN5N-gq1HsFZZCxcdOZVRZ%26adurl%3D
Requested by: Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 13926f48638052c04bbfc9072260f6dad5ef77b68932d2e0c62a58d25d6f4707

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:28:18 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3879
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK zy291edt4ui9 Show response
hal9000.redintelligence.net/zone/ Frame D6A2 11 KB
4 KB 38ms
13ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/zy291edt4ui9?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC99LXYZHMYIC-DJGK3wO_kb-YDbXN-YNXnNC5q-UM8C4QASC1y4pGYJWCgICwB8gBCakC0oRSBH77sz6oAwGqBLgBT9A17zZkCEyJp83c_GG0vzd5f9rXCREq1tiSpMKBd9e1iIxakPCtiC0MRCiix7vEPpySHuCDIn8yWJgPKA4eVOW2VscuapziSz8oM9PZkVurHcpZuX298UGNwM6pqm0d3zid5lxg4qfA2bn4vbdU4HkeNZ3CdV4jFqYyuthN6UK7J3lfwEBGk2CxwJFalZAPTuVRG18vGlUBtHhOZCsv_dLgXQv2_WbmFlM2_7t7ofrU8ROEeh4y18AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyyc-4Ngm_rAeGqFoGpS-1g%26sig%3DAOD64_3wbAOYuJkB-TJRJZs-23mRmeALVA%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-ALmnrjg3EChcu3rYOqa21AJ8JJaajajeTscFrfVOWEgTuUabfQ3t9ZvWgKBXpmwHy3bB-Vv094RjQ_9f5Lp0gp35uQa0pFMZVhdJmN4QeQQXMk0E95GqYTAzf8yqZtyGd9oAVlt3BWTagi1jIHScO1X7pSaQ%26cry%3D1%26dbm_d%3DAKAmf-Do_rduOZjcXl4o2-On5oaK9HxvihXdGkVQV3FvrXLunnGGNaND84ED8Nzx-dOfM-Vf9KNWN6zREHD5_JjYt3rpmMQk5L5rfFYaKC9kmW-1NLI_vmE2QjHFOkos--THEhfn18vpeGsYObCVZUMJ6cyFazEGHKkcM5FMZ5910f2LglU1o5YQUA07ecmimd3WD4Hj9rHyEK2tsjFJqdqKPjfFZr99dyncHmjfYh9cE-8ode4B3KkYIPXnFMqm7YRYkkcvON-0EqYYPsp_yO5EAAAIzaABrAaHn7GUrILDx0xxTA25aP4EdavHyeudzTzdfOIvjmvw0k1byqG-8rSz2HeR_jddg-0t2AaY5Qg_6MToGg5DHcM98FEzcOC8VD0eUkEScOxawiimweRXfPWyo2_LgCGxZmzqdjwlVK_S_Vl72Rvir2f8R9AXxNXl013AA2PXoDyj%26adurl%3D
Requested by: Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 5414e320459eedf093eab1584143fb84536ba68b57ec1f8a82eecf86409a5b09

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:28:18 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3879
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4619 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 18 Jun 2021 11:17:20 GMT
expires: Sat, 18 Jun 2022 11:17:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 248D 12 KB
5 KB 7ms
5ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blip.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blip.fm/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 18 Jun 2021 11:41:29 GMT
expires: Sat, 18 Jun 2022 11:41:29 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2809
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4E75 783 B
533 B 33ms
32ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

25bce8e58b57cec3ae1435b16fffb3e37588c91b252d111978ed38d8dc44c1c0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YVevtHuF3Wt58S069f0I2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blip.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blip.fm/

Response headers

expires: Fri, 18 Jun 2021 12:28:18 GMT
date: Fri, 18 Jun 2021 12:28:18 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-YVevtHuF3Wt58S069f0I2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js Show response
pagead2.googlesyndication.com/bg/ Frame 277F 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450cd8f0848a395dd1c0e329fe4f5444e58cfd576162312a30d74a095d7135f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 10:56:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5759
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jun 2022 10:56:27 GMT

GET
H3-29 200 RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js Show response
pagead2.googlesyndication.com/bg/ Frame 4619 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450cd8f0848a395dd1c0e329fe4f5444e58cfd576162312a30d74a095d7135f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 10:56:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5759
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jun 2022 10:56:27 GMT

GET
H3-29 200 RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js Show response
pagead2.googlesyndication.com/bg/ Frame 248D 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450cd8f0848a395dd1c0e329fe4f5444e58cfd576162312a30d74a095d7135f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 10:56:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5759
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jun 2022 10:56:27 GMT

GET
H/1.1

200
OK

request.php Show response
hal90008.redintelligence.net/ Frame 124A
Redirect Chain

https://hal90008.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=22a9775553&subid=&uid=cdc1099377f4395e&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90008.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=22a9775553&subid=&uid=cdc1099377f4395e&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

95ms
73ms

Script
application/x-javascript

138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=22a9775553&subid=&uid=cdc1099377f4395e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUUZ9YZHMYIG-DJGK3wO_kb-YDbXN-YNX_Ni5q-UM8C4QASC1y4pGYJWCgICwB8gBCakC0oRSBH77sz6oAwGqBLgBT9C3BN5dVlYaZdMe1ygYDdMDwAj_-JSZErwCeiSUkcKa6CMFVBR7hOzET31tq-Ch4oZpQ718l5MXMMF6Cf58twMgcjdH7CbxL5g-HoU3NchaQMHAfGCVtbwNlJyNUpz_MNlC8OHFnuT7-l7ZM-ZVr9YoZ0NKxW-5mEwfH_hUKhfZmDzRHXptAouDbJfl4JYrzH7rtLB0df0r1R3SMEnGOAQhAmAMFOP8aV_rcMuczynIpLy1dmADvcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRomFgIMG-H3UTQX0QI11KJdw%26sig%3DAOD64_3pqNWbRZUbht7VsS3mAAYzK7SYOQ%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-CLtm6CCjaiwOOd1iaaueWOGiBof0hnjPNns_UXJcnSA4YBmvOkvtE09mioyeWt99LbxXyd4Z6WOA70qd9GRKUjYIM2bDhXXPNTdpEKUJvc11IQdqSYVO3uW0uh4hzdbS4yidMidp666T6-4eGuwmtK9GnXMQ%26cry%3D1%26dbm_d%3DAKAmf-A_Cz1UVpLNAXI7BPmueUe7dKwr8ReoItpo4JpIaM3qkBsnHklznKoj_6zBephlHsinNsACN3WudavYovPFyimr-qY7VNKM7YUQo9H_FI-bH1-v81BByxFiaxne6aZmewc01NnWs9BVrKILos-k3VrXWuQECbCuXYk8E3-_YpwUOjkRRFDDH1aiBoD8B7mX20lLGWJFNz0Jp-77o_W_WL5_X0qOxKZyGrnUIg0iMUhZj9Ui4dqj-u5PojheK1ZrRD8PDfcf-wIkQufnT7fB6tMlGoWztTmNu9GNGEbRXhnVKN8Rcr9zIqrakDNu2mVrNbvqy-v8slN9r5SIkEXcWj63p4fnyw-t91HRvOey0vzh-SsgVLV-89B7vtfa-HUmPyUkMqDLave0JosMrYd71i4Xilqc6mzV985QLefkot9mywy8VgrN5N-gq1HsFZZCxcdOZVRZ%26adurl%3D&documentReferer=https%3A%2F%2Fblip.fm%2F&ancestorOrigins=https%3A%2F%2Fblip.fm&random=3218406324541&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Requested by: Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 14d113467a814df77b9924a30f277b7502ca63b101f0c8bd7288c23a90fa9e0f

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:28:18 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 10938000076989800710612011629008
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1280
Expires: Fri, 18 Jun 2021 13:28:18 +0200

Redirect headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:28:18 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=22a9775553&subid=&uid=cdc1099377f4395e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUUZ9YZHMYIG-DJGK3wO_kb-YDbXN-YNX_Ni5q-UM8C4QASC1y4pGYJWCgICwB8gBCakC0oRSBH77sz6oAwGqBLgBT9C3BN5dVlYaZdMe1ygYDdMDwAj_-JSZErwCeiSUkcKa6CMFVBR7hOzET31tq-Ch4oZpQ718l5MXMMF6Cf58twMgcjdH7CbxL5g-HoU3NchaQMHAfGCVtbwNlJyNUpz_MNlC8OHFnuT7-l7ZM-ZVr9YoZ0NKxW-5mEwfH_hUKhfZmDzRHXptAouDbJfl4JYrzH7rtLB0df0r1R3SMEnGOAQhAmAMFOP8aV_rcMuczynIpLy1dmADvcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRomFgIMG-H3UTQX0QI11KJdw%26sig%3DAOD64_3pqNWbRZUbht7VsS3mAAYzK7SYOQ%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-CLtm6CCjaiwOOd1iaaueWOGiBof0hnjPNns_UXJcnSA4YBmvOkvtE09mioyeWt99LbxXyd4Z6WOA70qd9GRKUjYIM2bDhXXPNTdpEKUJvc11IQdqSYVO3uW0uh4hzdbS4yidMidp666T6-4eGuwmtK9GnXMQ%26cry%3D1%26dbm_d%3DAKAmf-A_Cz1UVpLNAXI7BPmueUe7dKwr8ReoItpo4JpIaM3qkBsnHklznKoj_6zBephlHsinNsACN3WudavYovPFyimr-qY7VNKM7YUQo9H_FI-bH1-v81BByxFiaxne6aZmewc01NnWs9BVrKILos-k3VrXWuQECbCuXYk8E3-_YpwUOjkRRFDDH1aiBoD8B7mX20lLGWJFNz0Jp-77o_W_WL5_X0qOxKZyGrnUIg0iMUhZj9Ui4dqj-u5PojheK1ZrRD8PDfcf-wIkQufnT7fB6tMlGoWztTmNu9GNGEbRXhnVKN8Rcr9zIqrakDNu2mVrNbvqy-v8slN9r5SIkEXcWj63p4fnyw-t91HRvOey0vzh-SsgVLV-89B7vtfa-HUmPyUkMqDLave0JosMrYd71i4Xilqc6mzV985QLefkot9mywy8VgrN5N-gq1HsFZZCxcdOZVRZ%26adurl%3D&documentReferer=https%3A%2F%2Fblip.fm%2F&ancestorOrigins=https%3A%2F%2Fblip.fm&random=3218406324541&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Fri, 18 Jun 2021 13:28:18 +0200

GET
H/1.1

200
OK

request.php Show response
hal900011.redintelligence.net/ Frame D6A2
Redirect Chain

https://hal900011.redintelligence.net/request.php?zone=zy291edt4ui9&nw=20&renderingType=javascript&namespace=0f2c43d5b3&subid=&uid=b1013ebd0f8e8844&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900011.redintelligence.net/request.php?zone=zy291edt4ui9&nw=20&renderingType=javascript&namespace=0f2c43d5b3&subid=&uid=b1013ebd0f8e8844&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

110ms
88ms

Script
application/x-javascript

138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request.php?zone=zy291edt4ui9&nw=20&renderingType=javascript&namespace=0f2c43d5b3&subid=&uid=b1013ebd0f8e8844&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC99LXYZHMYIC-DJGK3wO_kb-YDbXN-YNXnNC5q-UM8C4QASC1y4pGYJWCgICwB8gBCakC0oRSBH77sz6oAwGqBLgBT9A17zZkCEyJp83c_GG0vzd5f9rXCREq1tiSpMKBd9e1iIxakPCtiC0MRCiix7vEPpySHuCDIn8yWJgPKA4eVOW2VscuapziSz8oM9PZkVurHcpZuX298UGNwM6pqm0d3zid5lxg4qfA2bn4vbdU4HkeNZ3CdV4jFqYyuthN6UK7J3lfwEBGk2CxwJFalZAPTuVRG18vGlUBtHhOZCsv_dLgXQv2_WbmFlM2_7t7ofrU8ROEeh4y18AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyyc-4Ngm_rAeGqFoGpS-1g%26sig%3DAOD64_3wbAOYuJkB-TJRJZs-23mRmeALVA%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-ALmnrjg3EChcu3rYOqa21AJ8JJaajajeTscFrfVOWEgTuUabfQ3t9ZvWgKBXpmwHy3bB-Vv094RjQ_9f5Lp0gp35uQa0pFMZVhdJmN4QeQQXMk0E95GqYTAzf8yqZtyGd9oAVlt3BWTagi1jIHScO1X7pSaQ%26cry%3D1%26dbm_d%3DAKAmf-Do_rduOZjcXl4o2-On5oaK9HxvihXdGkVQV3FvrXLunnGGNaND84ED8Nzx-dOfM-Vf9KNWN6zREHD5_JjYt3rpmMQk5L5rfFYaKC9kmW-1NLI_vmE2QjHFOkos--THEhfn18vpeGsYObCVZUMJ6cyFazEGHKkcM5FMZ5910f2LglU1o5YQUA07ecmimd3WD4Hj9rHyEK2tsjFJqdqKPjfFZr99dyncHmjfYh9cE-8ode4B3KkYIPXnFMqm7YRYkkcvON-0EqYYPsp_yO5EAAAIzaABrAaHn7GUrILDx0xxTA25aP4EdavHyeudzTzdfOIvjmvw0k1byqG-8rSz2HeR_jddg-0t2AaY5Qg_6MToGg5DHcM98FEzcOC8VD0eUkEScOxawiimweRXfPWyo2_LgCGxZmzqdjwlVK_S_Vl72Rvir2f8R9AXxNXl013AA2PXoDyj%26adurl%3D&documentReferer=https%3A%2F%2Fblip.fm%2F&ancestorOrigins=https%3A%2F%2Fblip.fm&random=7801781657858&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Requested by: Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: b35bb15fd7f2c8d5de0036441d06d0015278cce973a2f1511bfb2d10e3b82721

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:28:18 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 99989400100492400710632011629011
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 891
Expires: Fri, 18 Jun 2021 13:28:18 +0200

Redirect headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:28:18 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=zy291edt4ui9&nw=20&renderingType=javascript&namespace=0f2c43d5b3&subid=&uid=b1013ebd0f8e8844&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC99LXYZHMYIC-DJGK3wO_kb-YDbXN-YNXnNC5q-UM8C4QASC1y4pGYJWCgICwB8gBCakC0oRSBH77sz6oAwGqBLgBT9A17zZkCEyJp83c_GG0vzd5f9rXCREq1tiSpMKBd9e1iIxakPCtiC0MRCiix7vEPpySHuCDIn8yWJgPKA4eVOW2VscuapziSz8oM9PZkVurHcpZuX298UGNwM6pqm0d3zid5lxg4qfA2bn4vbdU4HkeNZ3CdV4jFqYyuthN6UK7J3lfwEBGk2CxwJFalZAPTuVRG18vGlUBtHhOZCsv_dLgXQv2_WbmFlM2_7t7ofrU8ROEeh4y18AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyyc-4Ngm_rAeGqFoGpS-1g%26sig%3DAOD64_3wbAOYuJkB-TJRJZs-23mRmeALVA%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-ALmnrjg3EChcu3rYOqa21AJ8JJaajajeTscFrfVOWEgTuUabfQ3t9ZvWgKBXpmwHy3bB-Vv094RjQ_9f5Lp0gp35uQa0pFMZVhdJmN4QeQQXMk0E95GqYTAzf8yqZtyGd9oAVlt3BWTagi1jIHScO1X7pSaQ%26cry%3D1%26dbm_d%3DAKAmf-Do_rduOZjcXl4o2-On5oaK9HxvihXdGkVQV3FvrXLunnGGNaND84ED8Nzx-dOfM-Vf9KNWN6zREHD5_JjYt3rpmMQk5L5rfFYaKC9kmW-1NLI_vmE2QjHFOkos--THEhfn18vpeGsYObCVZUMJ6cyFazEGHKkcM5FMZ5910f2LglU1o5YQUA07ecmimd3WD4Hj9rHyEK2tsjFJqdqKPjfFZr99dyncHmjfYh9cE-8ode4B3KkYIPXnFMqm7YRYkkcvON-0EqYYPsp_yO5EAAAIzaABrAaHn7GUrILDx0xxTA25aP4EdavHyeudzTzdfOIvjmvw0k1byqG-8rSz2HeR_jddg-0t2AaY5Qg_6MToGg5DHcM98FEzcOC8VD0eUkEScOxawiimweRXfPWyo2_LgCGxZmzqdjwlVK_S_Vl72Rvir2f8R9AXxNXl013AA2PXoDyj%26adurl%3D&documentReferer=https%3A%2F%2Fblip.fm%2F&ancestorOrigins=https%3A%2F%2Fblip.fm&random=7801781657858&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Fri, 18 Jun 2021 13:28:18 +0200

GET
H2 401 check_scope Show response
api.spotify.com/v1/melody/v1/ Frame 486A 77 B
162 B 16ms
15ms Fetch
application/json 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Requested by

Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

863e7d2c37417b268dcfbeb4430cccad660050490c6d66f2d657370df21c5b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

authorization: Bearer undefined
Referer: https://sdk.scdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
www-authenticate: Bearer realm="spotify", error="invalid_token", error_description="Invalid access token"
server: envoy
access-control-allow-origin: *
date: Fri, 18 Jun 2021 12:28:18 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
via: HTTP/2 edgeproxy, 1.1 google
access-control-allow-credentials: true
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
alt-svc: clear
content-length: 92
x-content-type-options: nosniff

OPTIONS
H2 200 check_scope
api.spotify.com/v1/melody/v1/ Frame 0
0 17ms
17ms Preflight 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Protocol

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://sdk.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 18 Jun 2021 12:28:18 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H2 200 / Show response
adv.office-partner.de/ Frame AD77 930 B
1 KB 31ms
7ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=22a9775553&subid=&uid=cdc1099377f4395e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUUZ9YZHMYIG-DJGK3wO_kb-YDbXN-YNX_Ni5q-UM8C4QASC1y4pGYJWCgICwB8gBCakC0oRSBH77sz6oAwGqBLgBT9C3BN5dVlYaZdMe1ygYDdMDwAj_-JSZErwCeiSUkcKa6CMFVBR7hOzET31tq-Ch4oZpQ718l5MXMMF6Cf58twMgcjdH7CbxL5g-HoU3NchaQMHAfGCVtbwNlJyNUpz_MNlC8OHFnuT7-l7ZM-ZVr9YoZ0NKxW-5mEwfH_hUKhfZmDzRHXptAouDbJfl4JYrzH7rtLB0df0r1R3SMEnGOAQhAmAMFOP8aV_rcMuczynIpLy1dmADvcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRomFgIMG-H3UTQX0QI11KJdw%26sig%3DAOD64_3pqNWbRZUbht7VsS3mAAYzK7SYOQ%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-CLtm6CCjaiwOOd1iaaueWOGiBof0hnjPNns_UXJcnSA4YBmvOkvtE09mioyeWt99LbxXyd4Z6WOA70qd9GRKUjYIM2bDhXXPNTdpEKUJvc11IQdqSYVO3uW0uh4hzdbS4yidMidp666T6-4eGuwmtK9GnXMQ%26cry%3D1%26dbm_d%3DAKAmf-A_Cz1UVpLNAXI7BPmueUe7dKwr8ReoItpo4JpIaM3qkBsnHklznKoj_6zBephlHsinNsACN3WudavYovPFyimr-qY7VNKM7YUQo9H_FI-bH1-v81BByxFiaxne6aZmewc01NnWs9BVrKILos-k3VrXWuQECbCuXYk8E3-_YpwUOjkRRFDDH1aiBoD8B7mX20lLGWJFNz0Jp-77o_W_WL5_X0qOxKZyGrnUIg0iMUhZj9Ui4dqj-u5PojheK1ZrRD8PDfcf-wIkQufnT7fB6tMlGoWztTmNu9GNGEbRXhnVKN8Rcr9zIqrakDNu2mVrNbvqy-v8slN9r5SIkEXcWj63p4fnyw-t91HRvOey0vzh-SsgVLV-89B7vtfa-HUmPyUkMqDLave0JosMrYd71i4Xilqc6mzV985QLefkot9mywy8VgrN5N-gq1HsFZZCxcdOZVRZ%26adurl%3D&documentReferer=https%3A%2F%2Fblip.fm%2F&ancestorOrigins=https%3A%2F%2Fblip.fm&random=3218406324541&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

:method: GET
:authority: adv.office-partner.de
:scheme: https
:path: /?utm_source=webgains&utm_campaign=webgains
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/

Response headers

server: keycdn-engine
date: Fri, 18 Jun 2021 12:28:18 GMT
content-type: text/html
content-length: 930
last-modified: Thu, 06 May 2021 15:37:28 GMT
etag: "3a2-5c1ab16ba8ac4"
expires: Fri, 25 Jun 2021 12:28:18 GMT
cache-control: max-age=604800
link: <http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache: HIT
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 124A 12 KB
12 KB 518ms
105ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=10938000076989800710612011629008&nw=1
Requested by: Host: blip.fm
URL: https://blip.fm/bridgecase3
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: e9e3c45036f94b5dd1a6635dbb06ba917ab249927e585e6446cb0774d5979784

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:28:18 GMT
Last-Modified: Fri, 18 Jun 2021 12:28:18 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 124A 12 KB
12 KB 507ms
94ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3432255&wgcampaignid=99582&js=1&nw=1&viewref=10938000076989800710612011629008
Requested by: Host: blip.fm
URL: https://blip.fm/bridgecase3
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: ed769f6111ee6256ebb5f1f61a262a40c7182aa1f06bd086f50079bfc3659720

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:28:18 GMT
Last-Modified: Fri, 18 Jun 2021 12:28:18 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29

200

activityi;dc_pre=CKSyj6uXofECFSMdBgAdtT8Cbg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3501768645118.224 Show response
5994599.fls.doubleclick.net/ Frame 8A17
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3501768645118.224?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKSyj6uXofECFSMdBgAdtT8Cbg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3501768645118.224?

391 B
346 B

40ms
25ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CKSyj6uXofECFSMdBgAdtT8Cbg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3501768645118.224?

Requested by

Host: blip.fm
URL: https://blip.fm/bridgecase3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

fde5cb245c80bc9ab4750c438f6a6c8af1d58e7cc89b50d58bc3e22570a520b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKSyj6uXofECFSMdBgAdtT8Cbg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3501768645118.224?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlhhjmNmCmTjCVhYp4x-TP6BpVSkRRsDWrOYOFIh7hWomccuhTUearD0p4P
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 18 Jun 2021 12:28:18 GMT
expires: Fri, 18 Jun 2021 12:28:18 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 323
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 18 Jun 2021 12:28:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKSyj6uXofECFSMdBgAdtT8Cbg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3501768645118.224?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal90008.redintelligence.net/ Frame D94D 7 KB
2 KB 33ms
11ms Document
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request_content.php?s=10938000076989800710612011629008&a=27475c85
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=22a9775553&subid=&uid=cdc1099377f4395e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUUZ9YZHMYIG-DJGK3wO_kb-YDbXN-YNX_Ni5q-UM8C4QASC1y4pGYJWCgICwB8gBCakC0oRSBH77sz6oAwGqBLgBT9C3BN5dVlYaZdMe1ygYDdMDwAj_-JSZErwCeiSUkcKa6CMFVBR7hOzET31tq-Ch4oZpQ718l5MXMMF6Cf58twMgcjdH7CbxL5g-HoU3NchaQMHAfGCVtbwNlJyNUpz_MNlC8OHFnuT7-l7ZM-ZVr9YoZ0NKxW-5mEwfH_hUKhfZmDzRHXptAouDbJfl4JYrzH7rtLB0df0r1R3SMEnGOAQhAmAMFOP8aV_rcMuczynIpLy1dmADvcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRomFgIMG-H3UTQX0QI11KJdw%26sig%3DAOD64_3pqNWbRZUbht7VsS3mAAYzK7SYOQ%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-CLtm6CCjaiwOOd1iaaueWOGiBof0hnjPNns_UXJcnSA4YBmvOkvtE09mioyeWt99LbxXyd4Z6WOA70qd9GRKUjYIM2bDhXXPNTdpEKUJvc11IQdqSYVO3uW0uh4hzdbS4yidMidp666T6-4eGuwmtK9GnXMQ%26cry%3D1%26dbm_d%3DAKAmf-A_Cz1UVpLNAXI7BPmueUe7dKwr8ReoItpo4JpIaM3qkBsnHklznKoj_6zBephlHsinNsACN3WudavYovPFyimr-qY7VNKM7YUQo9H_FI-bH1-v81BByxFiaxne6aZmewc01NnWs9BVrKILos-k3VrXWuQECbCuXYk8E3-_YpwUOjkRRFDDH1aiBoD8B7mX20lLGWJFNz0Jp-77o_W_WL5_X0qOxKZyGrnUIg0iMUhZj9Ui4dqj-u5PojheK1ZrRD8PDfcf-wIkQufnT7fB6tMlGoWztTmNu9GNGEbRXhnVKN8Rcr9zIqrakDNu2mVrNbvqy-v8slN9r5SIkEXcWj63p4fnyw-t91HRvOey0vzh-SsgVLV-89B7vtfa-HUmPyUkMqDLave0JosMrYd71i4Xilqc6mzV985QLefkot9mywy8VgrN5N-gq1HsFZZCxcdOZVRZ%26adurl%3D&documentReferer=https%3A%2F%2Fblip.fm%2F&ancestorOrigins=https%3A%2F%2Fblip.fm&random=3218406324541&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 1b11d2606f7b822fb696a44967a5073c65156afa190064d355a0074f01a00c92

Request headers

Host: hal90008.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=0a8638e518a0f358
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/

Response headers

Date: Fri, 18 Jun 2021 12:28:18 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 18 Jun 2021 13:28:18 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2049
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 124A 43 B
702 B 60ms
43ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2601049&v=18332&q=376776&r=296283&pref1=10938000076989800710612011629008&pv=1

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:28:18 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9243 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 18 Jun 2021 09:02:58 GMT
expires: Sat, 19 Jun 2021 09:02:58 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 12320
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 124A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad424799d35d4b41df396cf8dc64b406a5a06efb61c5b43101cf2325c8b3f4ce

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

activityi;dc_pre=COC7pauXofECFWQeBgAdu_YN8w;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1143686545415.501 Show response
5994599.fls.doubleclick.net/ Frame 6CCA
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1143686545415.501?
https://5994599.fls.doubleclick.net/activityi;dc_pre=COC7pauXofECFWQeBgAdu_YN8w;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1143686545415.501?

391 B
345 B

26ms
24ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=COC7pauXofECFWQeBgAdu_YN8w;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1143686545415.501?

Requested by

Host: blip.fm
URL: https://blip.fm/bridgecase3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

488be06784aa550eb7dab0afe194a915a6f3fe952096c9d6720f37494c5121ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=COC7pauXofECFWQeBgAdu_YN8w;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1143686545415.501?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlhhjmNmCmTjCVhYp4x-TP6BpVSkRRsDWrOYOFIh7hWomccuhTUearD0p4P
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 18 Jun 2021 12:28:18 GMT
expires: Fri, 18 Jun 2021 12:28:18 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 18 Jun 2021 12:28:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=COC7pauXofECFWQeBgAdu_YN8w;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1143686545415.501?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900011.redintelligence.net/ Frame FCE5 4 KB
2 KB 34ms
12ms Document
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request_content.php?s=99989400100492400710632011629011&a=c1f0df2c
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=zy291edt4ui9&nw=20&renderingType=javascript&namespace=0f2c43d5b3&subid=&uid=b1013ebd0f8e8844&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC99LXYZHMYIC-DJGK3wO_kb-YDbXN-YNXnNC5q-UM8C4QASC1y4pGYJWCgICwB8gBCakC0oRSBH77sz6oAwGqBLgBT9A17zZkCEyJp83c_GG0vzd5f9rXCREq1tiSpMKBd9e1iIxakPCtiC0MRCiix7vEPpySHuCDIn8yWJgPKA4eVOW2VscuapziSz8oM9PZkVurHcpZuX298UGNwM6pqm0d3zid5lxg4qfA2bn4vbdU4HkeNZ3CdV4jFqYyuthN6UK7J3lfwEBGk2CxwJFalZAPTuVRG18vGlUBtHhOZCsv_dLgXQv2_WbmFlM2_7t7ofrU8ROEeh4y18AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoyyc-4Ngm_rAeGqFoGpS-1g%26sig%3DAOD64_3wbAOYuJkB-TJRJZs-23mRmeALVA%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-ALmnrjg3EChcu3rYOqa21AJ8JJaajajeTscFrfVOWEgTuUabfQ3t9ZvWgKBXpmwHy3bB-Vv094RjQ_9f5Lp0gp35uQa0pFMZVhdJmN4QeQQXMk0E95GqYTAzf8yqZtyGd9oAVlt3BWTagi1jIHScO1X7pSaQ%26cry%3D1%26dbm_d%3DAKAmf-Do_rduOZjcXl4o2-On5oaK9HxvihXdGkVQV3FvrXLunnGGNaND84ED8Nzx-dOfM-Vf9KNWN6zREHD5_JjYt3rpmMQk5L5rfFYaKC9kmW-1NLI_vmE2QjHFOkos--THEhfn18vpeGsYObCVZUMJ6cyFazEGHKkcM5FMZ5910f2LglU1o5YQUA07ecmimd3WD4Hj9rHyEK2tsjFJqdqKPjfFZr99dyncHmjfYh9cE-8ode4B3KkYIPXnFMqm7YRYkkcvON-0EqYYPsp_yO5EAAAIzaABrAaHn7GUrILDx0xxTA25aP4EdavHyeudzTzdfOIvjmvw0k1byqG-8rSz2HeR_jddg-0t2AaY5Qg_6MToGg5DHcM98FEzcOC8VD0eUkEScOxawiimweRXfPWyo2_LgCGxZmzqdjwlVK_S_Vl72Rvir2f8R9AXxNXl013AA2PXoDyj%26adurl%3D&documentReferer=https%3A%2F%2Fblip.fm%2F&ancestorOrigins=https%3A%2F%2Fblip.fm&random=7801781657858&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 99da2db4439f3f4400d3acd3000190e0835b8a7437e1cfb94741ae9f144cef37

Request headers

Host: hal900011.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=0a8638e518a0f358
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/

Response headers

Date: Fri, 18 Jun 2021 12:28:18 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 18 Jun 2021 13:28:18 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1494
Connection: close
Content-Type: text/html; charset=utf-8

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0F37 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 18 Jun 2021 09:02:58 GMT
expires: Sat, 19 Jun 2021 09:02:58 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 12320
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D6A2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6ca5f20d4fd2e47eadffc46ee281009d54938926c49b25a444ce053b58d3182

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 277F 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bg65nYpHMYOGuAY-Lx_APtum9kAEAAAAAOAHgBAI&bg=!AgGlAUXNAAZktE7iZLQ7ACkAdvg8WtEcghPsX_atM8Qvhe4mZaJKO6VG_1s2NS_8P8-kAiVgM8jkHwIAAAGVUgAAAApoAQcKAL4ZdSq-L6coJ2-pvxqm6xkhClVyD1bdD-Tu4sZiJizozJH7Ilq-KvY9t9ifSSs1rKopdNzMAI1K8-_ZW2cbshTfUiq__buatPLxqEcogZ5KvHJvxIqg3doO1CD2ZbsraAvEDDAagc1pKk9K5jPp-Q2ZR8i4l5sYDapSXWIWFtDCxXiZRphPnFh49jxMSMos51ZdWBXMNtUylkmJPz9E9UrZiI4ozEKFNdqFi0A7KGaYzhdXxDRvjkoEgKhViyKSmQLJGYgaA4zE5ZoghaEbVDGSBNAjJ6bltODEfbKQochViHegZ0cC4TbyA-S-V44u7GRFds6ZRiU5jHNFWD16Q92ywe5ahgnenWESvLD3wTiaCbOKuER7R6TpJPpsAjUecAjH5kHejhc-tLShuBMqOyafBb5pYxZwv_cjd6vhDszm4SFYMaxqQOiM2lqlOpGxxosPtT6s3KGxPCY7tlOLoUA5dn3bvaBMslq5qNJ3dqgi5tkROidErbngr6Z5QCfjbankbCMsnCFIqNsIyRPehPqBaRdPHdUCN-87BFe11Hgc5hM_2yz1evM7RZLv1GZ37qtOLWVVvnNg7qk6cbmiC-LUnnzD9emV1xRR0-FqxxhfnqDz14P6ldKb3lX5pIyHJqs3uKZWUnouF67nSfG4QkuZwopUHsUJPlc6XkHFDLXcWQkOL9orI9hQuanwbCxSnufkUVyWI12Dw7ihjtHqMNYIz-T0z39750Bj5_mvalnW5EQ8KpvqwCOrljtf3dpx6BYfCxkmxxKs32OwxKUNVlxzdBfjlqfmRGP0XqFM-o9CqnUTsZla2hx-F0uXBbGQp7l55kshT-fQV6wthh9jSv5CH3r4wPZhoo0zJPZ3Y155yh0YlvFqX509LGfXfTm1uq7kMaNzAZM5BOZ6ODbBeXERJImn-pjcBIxVLUZ7YMGpnhJwhBhOvxEhW6XcobhfTLIZqGdzOgZzoDc0JCe4ta2GJlqcdyZ3gnrH9YH-gkRjxzXL4CIWb-QKPjKRVufmT_vAk9Nx6CbGMrhjUddE4QYEC4bycUKpKHAFRn1r1EHCJphfdDY8TOmpz-E_nU7i2fjfy6aMGyryO9ymiXkS2rWxaFdDWiff99RfIcTRScB9lemwSTCoiD67yFrgPq1RFt3wIyHBa3e5W4bCBokcWzQeJW8aV1aQLSqtRnIKMnQ97YmzNmt_lC8dU-s

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 15C2 28 B
62 B 19ms
19ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da9443d1/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1
X-YouTube-Client-Version: 1.20210616.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtkaTYxcURoN2NtbyjgorKGBg%3D%3D
X-YouTube-Ad-Signals: dt=1624019296471&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C270&vis=1&wgl=true&ca_type=image&bid=ANyPxKqpRgPG4y3GoUdnSBaQb0Fq9CEuOVIDrVUfe-zPiJY4pSHDyv1-W7rrbKtcTVocS_jj0Yj0SoOzVqcPkFhZCj5pw8Az2Q

Response headers

date: Fri, 18 Jun 2021 12:28:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 18 Jun 2021 12:28:18 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4619 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFFMSYpHMYMXUAaeE3gPB_Z2QDQAAAAA4AeAEAg&bg=!zs2lzYnNAAZktE7iZLQ7ACkAdvg8WueUvpv2_YsSVcdPceB7pN5bVczjRYgYs_sf5ukTNUuZ-mXHcQIAAAGEUgAAAA1oAQcKAEkWnr7Q5KOsmhT5r6rq9NCKuQZnUw7JHpG8J1iBloG6Ksq78WfWqUBU4ZT5-V3xGqfzZlfRptNvA2ScxCqkYNh6Kmk40apDAGO0mQLClJwoQJGX2y2mfSy1XXn9ziLQGfhCgMiinTSFLByFN1-Z0P89jfhmHsliDL08tfY-z9mi0SUpDAFdD5iOHJOSz9-ayfPzIAxNy4oFqI0TdZJd5MbxkdYQQH_SyEq71SRATuLveqXj2x5Jiopy3slnQI9NMr_yfW08jIhhKEhTbT9OSdmarjX_sSftymhomrqGMtxmnd09aV74IZ8W2UvITtkBIblX9xKqHbbYny4BfrjqZ2dPkyH9efg3cwdTmwzT3qzSFdFieuwP2IIf4bNTo1QrneGjZ5HJLB1mAEZT-11zjF8q8o5pfFkJv7Jk-rEJech0PDn0425K3ECcbJSzgjyfvr7LNqKhJyIT5okwM6yewKbpT7DFXsNXCI9ne9YF4rb1W4b2T40DH_3LJZ1cKqd-AjgApJIlAMsOIdIRebv1rQrAfTv2FdCLJKcJk0FkRY7xfUcs2YlbCm1jOzmYZaKvXlgZiBUFV26qanqtY2nbyHzRELu_TSQcwGtUVWyLquY3YGOjP-9vVj06EhBTp9NZIafim8_Ekma0pvM5o_WQvnGOG7kOOczttpCIJ54EqCULKnxQEbJHRTVdryEHprkw_ofL9O2qNQ3XJTalSlzM_xltXwWzkCYvJ92NoEccLmIm_MCAOAWpGtVHY2SRAt_NT6CQfmNT6XvQsruliPGCZjev6b_N1cbQDLv6ls6qvAbLquU0nkyEDtZKdpKaaskHwtNyo4YFu7-6Lh84Abjee422ukGwU81Lm-H28RiUFRiuk5n6hdiyUKz9yB373hYsoYfiNIi_3gri-eZ1GQx9MCeZy2_CES54r71T3qXIGCxbTSTR6vlJv_j4dGcJFuh4iJAM-aYE4PwGC_VS7QIgzChXsiahY_1pv2yo_H5qh-JdzpDdNSnTfS2P9COUFkPpzksJM01i6kQnCTlc9a_h1Q

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021061503&jk=1260892244065369&bg=!KimlKW3NAAZktE7iZLQ7ACkAdvg8Wq2hRBXYyoKa4snQMF1meKiieojTu9oA2S2FVYLjEgT9_BmJDAIAAAF2UgAAAA1oAQcKAGoIPw21TlvBDntMpDjeMaCp3TwwU4-D_QKD27y4F-ZuF5SJv-4m92GWGxCW1Z2wdbLrOn2_dKLrGS1wqgfoorhhz8NexTrPabOxFq7qQvfPTSlD3XJfSNA8AF-3VPFJ1cBc4RZnm5uQ4ZuRmQJnYdaadheoBAGAjO_JLzVxhrPn4USXWxFedXt8HoNDQkUUxn3qd-2qEp8dzkNgpB70pzWKodIIN1En5Dt5RYp_lfL1sk_hGfU6xfBTpuxW-yAXP3yhyzTVyElRuw6LdjZyy2ab4GrfMMhJQ8mzpjreXw_uaT4rK5R8QRTc8omtLA5EsZ4vGwJg8fKotxcPaDE8NHxHbOKdyFB8Pgv6jO_7a34n0_ZKytDuOh_t6hQps8FVG7FlOnf1dFKsV0Fok5B6asr-qUFX2xUX9NEJ3HtwTY7EmmVmAAlLA1B7VSA71RjdknUziTqG6Z6P6LX1YJ684RXk34POheVEaXfMMXalfx3RKQTQdoUMlnUoQmrrFkTi6D_-TYebMVnOEYqe0SS_ns02vZJbBcS-UQoZtxyRO26ARP0WuSh_dW82bRhk2yuObFDv6SfpaTmd95s7aId8dkPOfM4yXFPby-ANlAUzIZ2m3cRQmRd4OM3iwixOjUb7-gwKBFwuxhxiMka4XLKPvJ4jFH1bkW-t7UWngt_nH8OVjycAvGTVV_pWEst-P66kRUUfRzW92VZsHpKADpPlCU69dwndje2vMaeUadSm7ntDYrCzzanIOkq8-wWdm5MFjgoR_237dn-j4IRx7mRM1FI8rsLa-lRuWYp4trxyAXH7Ly-q91sUu2cxJsBKMMMcoZJSeoBOodAOO0L3VS7vvdT43neNHU8uJwZrxn6Rf6aH0xlOaa5AwKJWZtNelGsAU8Aj_LULa07hzhSLXO3GunwKBLjzal0VJ3ipL7-MyooZc4bCzcUNDfgifpBjPRS8ZXvwvFTL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 401 check_scope Show response
api.spotify.com/v1/melody/v1/ Frame 486A 77 B
162 B 17ms
17ms Fetch
application/json 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Requested by

Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

863e7d2c37417b268dcfbeb4430cccad660050490c6d66f2d657370df21c5b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

authorization: Bearer undefined
Referer: https://sdk.scdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
www-authenticate: Bearer realm="spotify", error="invalid_token", error_description="Invalid access token"
server: envoy
access-control-allow-origin: *
date: Fri, 18 Jun 2021 12:28:18 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
via: HTTP/2 edgeproxy, 1.1 google
access-control-allow-credentials: true
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
alt-svc: clear
content-length: 92
x-content-type-options: nosniff

OPTIONS
H2 200 check_scope
api.spotify.com/v1/melody/v1/ Frame 0
0 17ms
16ms Preflight 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Protocol

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://sdk.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 18 Jun 2021 12:28:18 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame AD77 83 KB
32 KB 34ms
15ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79c5a4ccfe2dd8daaf8569491f817647ae3dd431c60979b6bc9e97bcfdac155c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32748
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Jun 2021 12:28:18 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame D94D 1 KB
418 B 26ms
25ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=10938000076989800710612011629008&a=27475c85

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d14552be6ee4946f37aab45221783569a7de93bf04647d430d36102b4dcd748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 12:25:48 GMT
server: ESF
date: Fri, 18 Jun 2021 12:28:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Jun 2021 12:28:18 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D94D 16 KB
16 KB 35ms
13ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=10938000076989800710612011629008&a=27475c85
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 11a5bbca810a22a80f83b603a213cc7875ee571ed06d7ca35993dd924086967d

Request headers

Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:28:18 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16531
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D94D 15 KB
15 KB 43ms
17ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52343/creativesup/1200x627_2.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=10938000076989800710612011629008&a=27475c85
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 0331c8ddf7e2e4c563865e009ffd9f677a617a3cf444ce15d7282bfc45d7f0a9

Request headers

Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:28:18 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 15250
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D94D 15 KB
15 KB 39ms
12ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52113/creativesup/paninishop-games-banner-1200x627.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=10938000076989800710612011629008&a=27475c85
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 2341f1540d4f5fb1cd9fafd9b0f6046e3c7ccdf8d34cd755491afc43d044ca42

Request headers

Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:28:18 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 15415
Vary: Accept-Encoding
Content-Type: image/png

GET /
google2waycm.netmng.com/cm/ Frame 9243 0
0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 9243
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEObjtKgrMRHumPcT9LqnV5Y&google_cver=1&google_push=AYg5qPJFrZa4Sl2bE3HCxBLrD9V2kyItjKvKEDuFSOljFGLCkf_-JlT7BviC_39U4Smvf-7RyK5isoA2Fv81YFNsvXL9dErxuBux&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEObjtKgrMRHumPcT9LqnV5Y&google_cver=1&google_push=AYg5qPJFrZa4Sl2bE3HCxBLrD9V2kyItjKvKEDuFSOljFGLCkf_-JlT7BviC_39U4Smvf-7RyK5isoA2Fv81YFNsvXL9dErxuBu...

43 B
450 B

190ms
188ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEObjtKgrMRHumPcT9LqnV5Y&google_cver=1&google_push=AYg5qPJFrZa4Sl2bE3HCxBLrD9V2kyItjKvKEDuFSOljFGLCkf_-JlT7BviC_39U4Smvf-7RyK5isoA2Fv81YFNsvXL9dErxuBux&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJFrZa4Sl2bE3HCxBLrD9V2kyItjKvKEDuFSOljFGLCkf_-JlT7BviC_39U4Smvf-7RyK5isoA2Fv81YFNsvXL9dErxuBux%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:19 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6614844ae9da974e-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43
cf-request-id: 0ac0b102d40000974e4ea97000000001
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:19 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 115
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 661484498948974e-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEObjtKgrMRHumPcT9LqnV5Y&google_cver=1&google_push=AYg5qPJFrZa4Sl2bE3HCxBLrD9V2kyItjKvKEDuFSOljFGLCkf_-JlT7BviC_39U4Smvf-7RyK5isoA2Fv81YFNsvXL9dErxuBux&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJFrZa4Sl2bE3HCxBLrD9V2kyItjKvKEDuFSOljFGLCkf_-JlT7BviC_39U4Smvf-7RyK5isoA2Fv81YFNsvXL9dErxuBux%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac0b101f70000974e2d9c4000000001
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 9243 0
136 B 42ms
18ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPuGaiojmkWeac4mhSDxuSg&google_cver=1&google_push=AYg5qPI-YJivPctS2l7tKJxJqLqLkiJRAGrjuIV3LvvjvruEj11r3iMYfNGAMXF-QgCbHn_w1l-1-gSLecGX2psu-j1xiSTi98f9
Requested by: Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:18 GMT
via: 1.1 google
alt-svc: clear

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9243
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESELynAFuidVI6jNlfY-LJlu4&google_cver=1&google_push=AYg5qPKF2E1Ro9SSpSaJa4AXXhnYH9vC4iYzWBZ3ydifjaN0H9-fpsONNsGI4UWgJEwBBZlj3oKYg0dWj4ekcoNJ3nGNAx3RNk0O
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKF2E1Ro9SSpSaJa4AXXhnYH9vC4iYzWBZ3ydifjaN0H9-fpsONNsGI4UWgJEwBBZlj3oKYg0dWj4ekcoNJ3nGNAx3RNk0O&google_hm=kLDGfaNow8YSE83z1Bp8zg==

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKF2E1Ro9SSpSaJa4AXXhnYH9vC4iYzWBZ3ydifjaN0H9-fpsONNsGI4UWgJEwBBZlj3oKYg0dWj4ekcoNJ3nGNAx3RNk0O&google_hm=kLDGfaNow8YSE83z1Bp8zg==

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKF2E1Ro9SSpSaJa4AXXhnYH9vC4iYzWBZ3ydifjaN0H9-fpsONNsGI4UWgJEwBBZlj3oKYg0dWj4ekcoNJ3nGNAx3RNk0O&google_hm=kLDGfaNow8YSE83z1Bp8zg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 6usthorar09a1ovkbnf23t6b9b2d930f

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9243
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGCHIGhDuPL4E7vP0Edu_WA&google_cver=1&google_push=AYg5qPJiC12Lc2tYymEWANxv-OYZRlgxMPKNd2_UKzgliGL5qD55eQEhlJVJKhs4IIllbivT6_DwuLuunVa1J0AZ...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJiC12Lc2tYymEWANxv-OYZRlgxMPKNd2_UKzgliGL5qD55eQEhlJVJKhs4IIllbivT6_DwuLuunVa1J0AZL9FzcRssbcQ

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJiC12Lc2tYymEWANxv-OYZRlgxMPKNd2_UKzgliGL5qD55eQEhlJVJKhs4IIllbivT6_DwuLuunVa1J0AZL9FzcRssbcQ

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 18 Jun 2021 12:28:18 GMT
via: 1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJiC12Lc2tYymEWANxv-OYZRlgxMPKNd2_UKzgliGL5qD55eQEhlJVJKhs4IIllbivT6_DwuLuunVa1J0AZL9FzcRssbcQ
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: hdBl3xpMsIMjFVjfxqHJ_pUzhHZeA2Uh9nPg6rGAYvln2iZnXSK74w==

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9243
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEFU9qBHe4MZ94jFgbrKqg-4&google_cver=1&google_push=AYg5qPJXf1mLo3P4_gOlrOFc_egEiH_kSYmZe8Qfj0vi3MdxhTkNj9Jk...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEFU9qBHe4MZ94jFgbrKqg-4&google_cver=1&google_push=AYg5qPJXf1mLo3P4_gOlrOFc_egEiH_kSYmZe8Qfj0vi3MdxhTkNj9Jk...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEFU9qBHe4MZ94jFgbrKqg-4&google_cver=1&google_push=AYg5qPJXf1mLo3P4_gOlrOFc_egEiH_kSYmZe8Qfj0vi3MdxhTkNj9...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBhOWE1MWQwYy1kMDMwLTExZWItYjAwNi0wMjE5N2Y2YjRkMzA%3D&google_push=AYg5qPJXf1mLo3P4_gOlrOFc_egEiH_kSYmZe8Qfj0vi3MdxhTkNj9Jk0yKUZacZ-Q...

170 B
188 B

15ms
15ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBhOWE1MWQwYy1kMDMwLTExZWItYjAwNi0wMjE5N2Y2YjRkMzA%3D&google_push=AYg5qPJXf1mLo3P4_gOlrOFc_egEiH_kSYmZe8Qfj0vi3MdxhTkNj9Jk0yKUZacZ-QdHW4pMetloTg6EsY-fLeBJVSPisi-BCH32Fw

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 18 Jun 2021 12:28:18 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBhOWE1MWQwYy1kMDMwLTExZWItYjAwNi0wMjE5N2Y2YjRkMzA%3D&google_push=AYg5qPJXf1mLo3P4_gOlrOFc_egEiH_kSYmZe8Qfj0vi3MdxhTkNj9Jk0yKUZacZ-QdHW4pMetloTg6EsY-fLeBJVSPisi-BCH32Fw
Connection: keep-alive
Content-Length: 0

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 9243 43 B
413 B 41ms
16ms Image
image/gif 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEBpkA-_u0Id_D0dYN4MXGoc&google_cver=1&google_push=AYg5qPLEce6eYH2Nsr506wHsn8eYZzSQxxjttNbWvt7mM3wfYRB09eycMQHprJV0Y21viqrJJs4dGRkIUZT-Kw_aTWhv6dnuhRXF

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sat, 19 Jun 2021 12:28:18 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 9243 0
12 B 18ms
16ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LK64nmemvGw9W23CPlpo91aWofye_S-Vd19Gx42w0GM70JiEjJX46sqPRuyPdkmhE1tkgGJvY

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 dc_pre=CKSyj6uXofECFSMdBgAdtT8Cbg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3501768645118.224
adservice.google.com/ddm/fls/z/ Frame 8A17 42 B
63 B 58ms
41ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKSyj6uXofECFSMdBgAdtT8Cbg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3501768645118.224

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKSyj6uXofECFSMdBgAdtT8Cbg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3501768645118.224?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0F37
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIC__cNDoq0Ot07RjOqo460&google_cver=1&google_push=AYg5qPLqbFwZGMzxVKtP-RPnKFbSrGFLiK0K5N34xvUPKzSNv-CE9rY-g7J1cRCcTpum1lg8faxSqkounuZ...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLqbFwZGMzxVKtP-RPnKFbSrGFLiK0K5N34xvUPKzSNv-CE9rY-g7J1cRCcTpum1lg8faxSqkounuZUbMpsFs6psYvveXoV&google_hm=gaW71CQqR1q1FUpjxhbXV4s

170 B
188 B

16ms
15ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLqbFwZGMzxVKtP-RPnKFbSrGFLiK0K5N34xvUPKzSNv-CE9rY-g7J1cRCcTpum1lg8faxSqkounuZUbMpsFs6psYvveXoV&google_hm=gaW71CQqR1q1FUpjxhbXV4s

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLqbFwZGMzxVKtP-RPnKFbSrGFLiK0K5N34xvUPKzSNv-CE9rY-g7J1cRCcTpum1lg8faxSqkounuZUbMpsFs6psYvveXoV&google_hm=gaW71CQqR1q1FUpjxhbXV4s
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0F37
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESECOqI0iaaDsMwGxTEfPLmGA&google_cver=1&google_push=AYg5qPLyyiyDhB3S44Xkhg4Iy_qlXddT8TqJqVd3NEcMNPODDY2p2Yz-xJypVQ0jzQLtzclB7vJlUaZCQKTOOkf0...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=48JPtgiORRy_Yu59D8Z93A2&google_push=AYg5qPLyyiyDhB3S44Xkhg4Iy_qlXddT8TqJqVd3NEcMNPODDY2p2Yz-xJypVQ0jzQLtzclB7vJlUaZCQKTOOkf03IgWoN4WviK7

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=48JPtgiORRy_Yu59D8Z93A2&google_push=AYg5qPLyyiyDhB3S44Xkhg4Iy_qlXddT8TqJqVd3NEcMNPODDY2p2Yz-xJypVQ0jzQLtzclB7vJlUaZCQKTOOkf03IgWoN4WviK7

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 18 Jun 2021 12:28:18 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=48JPtgiORRy_Yu59D8Z93A2&google_push=AYg5qPLyyiyDhB3S44Xkhg4Iy_qlXddT8TqJqVd3NEcMNPODDY2p2Yz-xJypVQ0jzQLtzclB7vJlUaZCQKTOOkf03IgWoN4WviK7
x-host: tde-deliveryengine-production-84b97f78fc-xcl46
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0F37
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SP0J9xVlSBiX4EL5ZzOmgA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

20ms
20ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SP0J9xVlSBiX4EL5ZzOmgA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI4Lv1v8zi48RtycIQS4e3UKvEVef42mvMdcTHkfjWyYhSQwHUC68F0T8m7S9i17sFWWUmwKQ662ZhA1isREcdwD4nEBCvq

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SP0J9xVlSBiX4EL5ZzOmgA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI4Lv1v8zi48RtycIQS4e3UKvEVef42mvMdcTHkfjWyYhSQwHUC68F0T8m7S9i17sFWWUmwKQ662ZhA1isREcdwD4nEBCvq
date: Fri, 18 Jun 2021 12:28:18 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0F37
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELIc5I2o6mxdygrvInAGpc0&google_cver=1&google_push=AYg5qPJ3lCcah-bKoRvs4vEW-RZCYCRrqdSJ0OmM9ZgbL1GjLtvhkSmwh4WH5rIcDnmJ7c_kzc_...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1EyQjVRVEQtSS1JWUNV&google_push=AYg5qPJ3lCcah-bKoRvs4vEW-RZCYCRrqdSJ0OmM9ZgbL1GjLtvhkSmwh4WH5rIcDnmJ7c_kzc_7oh-_FCT2LZe1hX67-5GZp--P

170 B
188 B

19ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1EyQjVRVEQtSS1JWUNV&google_push=AYg5qPJ3lCcah-bKoRvs4vEW-RZCYCRrqdSJ0OmM9ZgbL1GjLtvhkSmwh4WH5rIcDnmJ7c_kzc_7oh-_FCT2LZe1hX67-5GZp--P

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1EyQjVRVEQtSS1JWUNV&google_push=AYg5qPJ3lCcah-bKoRvs4vEW-RZCYCRrqdSJ0OmM9ZgbL1GjLtvhkSmwh4WH5rIcDnmJ7c_kzc_7oh-_FCT2LZe1hX67-5GZp--P
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0F37
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGKWmUWuQ1t07IjdzVMXuxM&google_cver=1&google_push=AYg5qPJTQF6jBAV0F4ldLKUO93Nqs-WvZk3Gg1CJ9OpQAhjyCsS_u3qfAn-07lyRGukaTh9s8iT9sABlTwiPC-aCw...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGKWmUWuQ1t07IjdzVMXuxM&google_cver=1&google_push=AYg5qPJTQF6jBAV0F4ldLKUO93Nqs-WvZk3Gg1CJ9OpQAhjyCsS_u3qfAn-07lyRGukaTh9s8iT9sABlTwiPC-aCw...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJTQF6jBAV0F4ldLKUO93Nqs-WvZk3Gg1CJ9OpQAhjyCsS_u3qfAn-07lyRGukaTh9s8iT9sABlTwiPC-aCwp43MNliTZ1_&google_hm=d2e3e4ee2a86de1189ba1ddb

170 B
188 B

15ms
15ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJTQF6jBAV0F4ldLKUO93Nqs-WvZk3Gg1CJ9OpQAhjyCsS_u3qfAn-07lyRGukaTh9s8iT9sABlTwiPC-aCwp43MNliTZ1_&google_hm=d2e3e4ee2a86de1189ba1ddb

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 18 Jun 2021 12:28:18 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJTQF6jBAV0F4ldLKUO93Nqs-WvZk3Gg1CJ9OpQAhjyCsS_u3qfAn-07lyRGukaTh9s8iT9sABlTwiPC-aCwp43MNliTZ1_&google_hm=d2e3e4ee2a86de1189ba1ddb
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0F37
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED...
https://sync.targeting.unrulymedia.com/csync/RX-7a1093fe-59af-47f9-b077-4482de7e6c77-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPJ66FGQvGNyjM7vdxPJH...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJ66FGQvGNyjM7vdxPJHD1cEG_WdINyTrzN9x4IVyRF980RncwAuT4CjfUZkL3Hjg1LnIu7R5LwO8VoGhfWUYRtIa7WbYpu&google_hm=A3oQk_5Zr0f5sHdEgt5-bHc

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJ66FGQvGNyjM7vdxPJHD1cEG_WdINyTrzN9x4IVyRF980RncwAuT4CjfUZkL3Hjg1LnIu7R5LwO8VoGhfWUYRtIa7WbYpu&google_hm=A3oQk_5Zr0f5sHdEgt5-bHc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJ66FGQvGNyjM7vdxPJHD1cEG_WdINyTrzN9x4IVyRF980RncwAuT4CjfUZkL3Hjg1LnIu7R5LwO8VoGhfWUYRtIa7WbYpu&google_hm=A3oQk_5Zr0f5sHdEgt5-bHc
date: Fri, 18 Jun 2021 12:28:19 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX7a1093fe59af47f9b0774482de7e6c77003
content-type: text/html

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0F37
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEN7Mv9ra2iqbzOPVEq71xKo&google_cver=1&google_push=AYg5qPJ_FPDz3_sg9lN9Cn9XKXPlxFX5NFoAxPHJhUIc-rVABfQGct5MzML7QD0YD9ubeO7W4N...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEN7Mv9ra2iqbzOPVEq71xKo&google_cver=1&google_push=AYg5qPJ_FPDz3_sg9lN9Cn9XKXPlxFX5NFoAxPHJhUIc-rVABfQGct5MzML7QD0YD9ubeO7W4N...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03bnJKYWxwRTJ1SE1XV182UGdZekp4eXJia2R1Q2Vma35B&google_push=AYg5qPJ_FPDz3_sg9lN9Cn9XKXPlxFX5NFoAxPHJhUIc-rVABfQGct5Mz...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03bnJKYWxwRTJ1SE1XV182UGdZekp4eXJia2R1Q2Vma35B&google_push=AYg5qPJ_FPDz3_sg9lN9Cn9XKXPlxFX5NFoAxPHJhUIc-rVABfQGct5MzML7QD0YD9ubeO7W4ND5yUlPVbpkBhAgTs4BVeSM_-nmbg

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 18 Jun 2021 12:28:18 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03bnJKYWxwRTJ1SE1XV182UGdZekp4eXJia2R1Q2Vma35B&google_push=AYg5qPJ_FPDz3_sg9lN9Cn9XKXPlxFX5NFoAxPHJhUIc-rVABfQGct5MzML7QD0YD9ubeO7W4ND5yUlPVbpkBhAgTs4BVeSM_-nmbg
Connection: keep-alive
Content-Length: 0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 0F37 0
12 B 16ms
15ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IK3vkfdtU3Db25Zxw74bBXkFDK3Jso2Kxq6SMQPOhRFWdtuKEl4IQxUTawe3qR7jDmQmZ6Uw

Requested by

Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK viewability Show response
hal90008.redintelligence.net/ Frame D94D 0
150 B 34ms
12ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/viewability?s=10938000076989800710612011629008&a=1df910d9&vb=m
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=10938000076989800710612011629008&a=27475c85
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90008.redintelligence.net/request_content.php?s=10938000076989800710612011629008&a=27475c85
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:28:18 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK DE-970x90.jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame FCE5 45 KB
45 KB 62ms
16ms Image
image/jpeg 88.99.65.215
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/32995/creativesup/DE-970x90.jpg
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=99989400100492400710632011629011&a=c1f0df2c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.65.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.215.65.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 111f89907f15880eac1cbb2d94d9ec4d166639db3a53ca75c11dd59a2887435d

Request headers

Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:28:18 GMT
Last-Modified: Thu, 13 Apr 2017 09:13:45 GMT
Server: nginx
ETag: "58ef4149-b211"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 45585

GET
H/1.1 200
OK viewability Show response
hal900011.redintelligence.net/ Frame FCE5 0
150 B 33ms
12ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/viewability?s=99989400100492400710632011629011&a=6b765683&vb=m
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=99989400100492400710632011629011&a=c1f0df2c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900011.redintelligence.net/request_content.php?s=99989400100492400710632011629011&a=c1f0df2c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:28:18 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame FCE5 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 dc_pre=COC7pauXofECFWQeBgAdu_YN8w;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1143686545415.501
adservice.google.com/ddm/fls/z/ Frame 6CCA 42 B
63 B 43ms
41ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COC7pauXofECFWQeBgAdu_YN8w;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1143686545415.501

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=COC7pauXofECFWQeBgAdu_YN8w;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1143686545415.501?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 124A 60 KB
60 KB 339ms
72ms Script
application/javascript 65.9.77.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3432255&wgcampaignid=99582&js=1&nw=1&viewref=10938000076989800710612011629008
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:18:56 GMT
via: 1.1 8da78542dac6b4328eb443200c30bbff.cloudfront.net (CloudFront)
last-modified: Mon, 24 May 2021 16:27:08 GMT
server: AmazonS3
age: 40164
etag: "4f1db9fdf90b4f2a5576501528dc54bc"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 61124
x-amz-cf-id: dmSJEUHJkG-HOBklPCXS3Db4JIGDPrO0V0hMgyQ2-cXY9DfQh0HFzQ==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 124A 79 B
374 B 344ms
33ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=7ta44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftckme1aUWv4bIyRLUnweYK8pMEmdIq_K1QZzCan_EyIxjAKnEIssuTTOUTyShJmVqZtpBSKxUC56MnGWpwoNSUC550ial.rIN90FH6OMQfq7MAR0odm_dhrxbuJjkWxv5iJ3A0KAGYiey.25.ea.64ub9WJMSubuifwjMrgPuVr914VecL57GY5BNv_urfs.Aht&wgcookie=%7B%22wgifp268155%22%3A%5B%2299582%22%2C%22268155%22%2C%223432255%22%2C%22%22%2C%221624019298%22%2C%22https%253A%252F%252F7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com%252F%22%2C%22%22%2C%22%22%2C%221631795298%22%2C%2210938000076989800710612011629008%22%5D%7D&wgchecksum=cdeee8a44dc01bf4dbd5acbd50d7352c&userIP=5.180.62.139&doAffectv=1&wgtime=1624019298
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3432255&wgcampaignid=99582&js=1&nw=1&viewref=10938000076989800710612011629008
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Croydon, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 18 Jun 2021 12:28:19 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 124A 667 B
1 KB 1087ms
24ms Image
image/jpeg 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=88941200081179500710772011629025&wglinkid=3432255
Requested by: Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 9ea21905a7edfa4ceda705f977891d5e100f9709318836cfacbab47ad3321ff1

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:28:19 GMT
Last-Modified: Fri, 18 Jun 2021 12:28:19 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/jpeg
Content-Length: 667
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 124A 79 B
374 B 1087ms
34ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=Fta44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftckme1aUWv4bIyRLUnweYK8pMEmdIq_K1QZzCan_EyIxjAKnEIssuTTOUTyShJmVqZtpBSKxUC56MnGWpwoNSUC550ial.rIN90FH6OMQfq9etQVD_DJhCizgzH_y3EjNpmVWN9dPBSpMk.Nk4Jk.sjJtJ9XvjJzKpU_uyxYMJ5tFFg4K1kl1BNlY6RjLxU..6j8&wgcookie=%7B%22wgifp7121%22%3A%5B%2299582%22%2C%227121%22%2C%222513135%22%2C%22%22%2C%221624019298%22%2C%22https%253A%252F%252F7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com%252F%22%2C%22%22%2C%22%22%2C%221631795298%22%2C%2210938000076989800710612011629008%22%5D%7D&wgchecksum=48fd19d12be7c76998a54f43158a609d&userIP=5.180.62.139&doAffectv=1&wgtime=1624019298
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=10938000076989800710612011629008&nw=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Croydon, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 0071fa71bc6cb76506dfe6863764423ec9e264f8c1c5dce0c440c0a40d8628b4

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 18 Jun 2021 12:28:19 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 124A 3 KB
3 KB 1077ms
23ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=12311100087341100710618011629005&wglinkid=2513135
Requested by: Host: 7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
URL: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 12:28:19 GMT
Last-Modified: Fri, 18 Jun 2021 12:28:19 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Content-Length: 2808
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 124A 63 B
270 B 110ms
37ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=Fta44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftckme1aUWv4bIyRLUnweYK8pMEmdIq_K1QZzCan_EyIxjAKnEIssuTTOUTyShJmVqZtpBSKxUC56MnGWpwoNSUC550ial.rIN90FH6OMQgckQ_i.uJtHoqvynx9MsFyxYM914Ve_clrKU.0Y.KI.2XxI_FeAixIxMKyMhvqCSFQ_01kKJA237lY5BSmxQpw.El3
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 18 Jun 2021 12:28:19 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 124A 63 B
270 B 111ms
38ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=Fta44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftckme1aUWv4bIyRLUnweYK8pMEmdIq_K1QZzCan_EyIxjAKnEIssuTTOUTyShJmVqZtpBSKxUC56MnGWpwoNSUC550ial.rIN90FH6OMQgckA_i.uJtHoqvynx9MsFyxYM914Ve_clrAU.0Y.KI.2XxI_FeAixIxMKyMhvqCSFQ_01kKJA237lY5BSmxQpw.1VL
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 18 Jun 2021 12:28:19 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H2 401 check_scope Show response
api.spotify.com/v1/melody/v1/ Frame 486A 77 B
162 B 17ms
16ms Fetch
application/json 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Requested by

Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

863e7d2c37417b268dcfbeb4430cccad660050490c6d66f2d657370df21c5b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

authorization: Bearer undefined
Referer: https://sdk.scdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
www-authenticate: Bearer realm="spotify", error="invalid_token", error_description="Invalid access token"
server: envoy
access-control-allow-origin: *
date: Fri, 18 Jun 2021 12:28:18 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
via: HTTP/2 edgeproxy, 1.1 google
access-control-allow-credentials: true
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
alt-svc: clear
content-length: 92
x-content-type-options: nosniff

OPTIONS
H2 200 check_scope
api.spotify.com/v1/melody/v1/ Frame 0
0 16ms
16ms Preflight 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Protocol

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://sdk.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 18 Jun 2021 12:28:18 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 124A 42 B
64 B 24ms
23ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssdrLhMZ3MOnxBXN4UhzOYEbJvbPNgW0TWN8P9CBQOqeC_1VeN6YsETe28xASAxO-mLQfLlukIJ9KraNLESDURpVPp5WZAkzeQbOEmXil-_ZlZV&sai=AMfl-YT88oCBHDeNpyVACIskJz63BO1LuOQtGJNHxqARg8W6G0IjYz7nV3ix7svlh_xwkK4SZ9_XCU6erzN816X1yEssQ4WTZXfvYqz0jsUo8KOin7BG1jSZmm285d8&sig=Cg0ArKJSzOHy2bfboLm3EAE&cid=CAASEuRomFgIMG-H3UTQX0QI11KJdw&id=lidar2&mcvt=1000&p=1110,436,1204,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210616&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=3224969948&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624019297982&dlt=21&rpt=505&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D6A2 42 B
64 B 17ms
16ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqaEZRYxR9FaZfyWN7dR_YhkvF0ToiY5dPtjcXFCFRAfFENv0IOu0O7Lszv5DZKwqQL_G6aAWhadyXd2i2hG-Kyo3z042w8p1sJj6IEowr8wH9&sai=AMfl-YQIbEYVrh9Y2dEiMJ31f8YU0Upp5jMSmQWIcGxPVJcuQuyoX2dF6Mj2RjTEQnADkA47Gi8Mw7L44ZjAHhz-Uhqqdy7QAjDud8GRX3pO_6GFnWhiGkYU5QgM9A8&sig=Cg0ArKJSzK9ySn18sNsWEAE&cid=CAASEuRoyyc-4Ngm_rAeGqFoGpS-1g&id=lidar2&mcvt=1002&p=664,315,758,1285&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20210616&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=3076314635&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624019297980&dlt=19&rpt=534&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:28:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90008.redintelligence.net/ Frame D94D 0
150 B 33ms
11ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/viewability?s=10938000076989800710612011629008&a=1df910d9&vb=v
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=10938000076989800710612011629008&a=27475c85
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90008.redintelligence.net/request_content.php?s=10938000076989800710612011629008&a=27475c85
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:28:20 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
hal900011.redintelligence.net/ Frame FCE5 0
150 B 34ms
12ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/viewability?s=99989400100492400710632011629011&a=6b765683&vb=v
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=99989400100492400710632011629011&a=c1f0df2c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900011.redintelligence.net/request_content.php?s=99989400100492400710632011629011&a=c1f0df2c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:28:20 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 102ms
29ms Preflight 54.73.127.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.73.127.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 18 Jun 2021 12:28:20 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 124A 16 B
232 B 73ms
73ms Fetch
application/json 54.73.127.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.73.127.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PHP/7.4.19

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 18 Jun 2021 12:28:20 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.19
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 tech-essence-clk.min.js Show response
analytics-wg.webgains.io/ Frame 124A 44 KB
45 KB 62ms
18ms Script
application/javascript 99.86.242.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.242.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-242-87.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:23:52 GMT
via: 1.1 ff42f0c276df6efb8ccff2182e6cfe91.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 10:42:29 GMT
server: AmazonS3
age: 39868
etag: "8c03dbb33c82f21c7644b0fbe99c300a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 45522
x-amz-cf-id: 0nxqmLBJ8SpFnjZmLwlArGCiyx6AvlXAON5XL9XteQBrWaIJcZMbRA==

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 124A 16 B
232 B 68ms
68ms Fetch
application/json 54.73.127.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.73.127.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PHP/7.4.19

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 18 Jun 2021 12:28:20 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.19
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 102ms
29ms Preflight 54.73.127.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.73.127.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 18 Jun 2021 12:28:20 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H2 200 tag Show response
w-it.m-t.io/ Frame 124A 71 B
249 B 48ms
27ms Script
application/javascript 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/tag?type=impr&date=1624019300112
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 357d6ae2ebd8020ab93fc6c378bb05b66495abc05a7cad1d19096678e266e1e2

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:20 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
x-cloud-trace-context: 4d3c7e1facdafdf80e00bfc637761b10
cache-control: private
content-length: 82

GET
H2 200 tag Show response
w-it.m-t.io/ Frame 124A 71 B
167 B 55ms
34ms Script
application/javascript 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/tag?type=impr&date=1624019300113
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 357d6ae2ebd8020ab93fc6c378bb05b66495abc05a7cad1d19096678e266e1e2

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:28:20 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
x-cloud-trace-context: b73803ecb26e01fe453eeb9aae642a6d
cache-control: private
content-length: 82

GET
H2 200 track Show response
w-it.m-t.io/ Frame 124A 0
74 B 33ms
32ms Script
application/javascript 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/track?campaignId=99582&clickId=7121_99582_1624019298804_3a501bf067&programId=7121&expiry=1631795298&acc=wg&scriptTag=&type=postview&indicator=df7fdf376058e01a1608907c6397971c&
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context: 2524ed0af640c0519b757ab05f044482
server: Google Frontend
date: Fri, 18 Jun 2021 12:28:20 GMT
content-length: 0
content-type: application/javascript;charset=utf-8

GET
H2 401 check_scope Show response
api.spotify.com/v1/melody/v1/ Frame 486A 77 B
162 B 16ms
16ms Fetch
application/json 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Requested by

Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

863e7d2c37417b268dcfbeb4430cccad660050490c6d66f2d657370df21c5b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

authorization: Bearer undefined
Referer: https://sdk.scdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
www-authenticate: Bearer realm="spotify", error="invalid_token", error_description="Invalid access token"
server: envoy
access-control-allow-origin: *
date: Fri, 18 Jun 2021 12:28:20 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
via: HTTP/2 edgeproxy, 1.1 google
access-control-allow-credentials: true
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
alt-svc: clear
content-length: 92
x-content-type-options: nosniff

OPTIONS
H2 200 check_scope
api.spotify.com/v1/melody/v1/ Frame 0
0 16ms
16ms Preflight 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Protocol

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://sdk.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 18 Jun 2021 12:28:20 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H2 401 check_scope Show response
api.spotify.com/v1/melody/v1/ Frame 486A 77 B
162 B 17ms
17ms Fetch
application/json 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Requested by

Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

863e7d2c37417b268dcfbeb4430cccad660050490c6d66f2d657370df21c5b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

authorization: Bearer undefined
Referer: https://sdk.scdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
www-authenticate: Bearer realm="spotify", error="invalid_token", error_description="Invalid access token"
server: envoy
access-control-allow-origin: *
date: Fri, 18 Jun 2021 12:28:20 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
via: HTTP/2 edgeproxy, 1.1 google
access-control-allow-credentials: true
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
alt-svc: clear
content-length: 92
x-content-type-options: nosniff

OPTIONS
H2 200 check_scope
api.spotify.com/v1/melody/v1/ Frame 0
0 16ms
16ms Preflight 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Protocol

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://sdk.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 18 Jun 2021 12:28:20 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H2 401 check_scope Show response
api.spotify.com/v1/melody/v1/ Frame 486A 77 B
162 B 16ms
16ms Fetch
application/json 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Requested by

Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

863e7d2c37417b268dcfbeb4430cccad660050490c6d66f2d657370df21c5b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

authorization: Bearer undefined
Referer: https://sdk.scdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
www-authenticate: Bearer realm="spotify", error="invalid_token", error_description="Invalid access token"
server: envoy
access-control-allow-origin: *
date: Fri, 18 Jun 2021 12:28:21 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
via: HTTP/2 edgeproxy, 1.1 google
access-control-allow-credentials: true
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
alt-svc: clear
content-length: 92
x-content-type-options: nosniff

OPTIONS
H2 200 check_scope
api.spotify.com/v1/melody/v1/ Frame 0
0 15ms
15ms Preflight 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Protocol

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://sdk.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 18 Jun 2021 12:28:21 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/cdn/prod/config?src=434bb5e4-3704-4b75-b36c-785a444462bd&u=https%3A%2F%2Fblip.fm%2Fbridgecase3

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEDqKgQpXu-mNXi6g9tBch3M&google_cver=1&google_push=AYg5qPKc_MtlxNkB1qv3gXZ_eOeghafNzEUW83LpB8Ck0ev15Z7K9lUEKPejLAM83iR9GK-sg0gyBpKuITgjEe2mjN5CDs2zg40q

Verdicts & Comments Add Verdict or Comment

220 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: cRWWcBlBsGs
.blip.fm/	1970-01-20 04:31:28	Name: __qca Value: P0-1927266807-1624019296323
.blip.fm/	1970-01-19 23:29:47	Name: __utmz Value: 171230451.1624019296.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.blip.fm/	1970-01-19 19:07:01	Name: __utmb Value: 171230451.1.10.1624019296
.blip.fm/	1969-12-31 23:59:59	Name: __utmc Value: 171230451
.blip.fm/	1970-01-19 19:06:59	Name: __utmt Value: 1
.youtube.com/	1970-01-19 23:26:11	Name: VISITOR_INFO1_LIVE Value: di61qDh7cmo
.blip.fm/	1970-01-20 12:38:11	Name: __utma Value: 171230451.1400390237.1624019296.1624019296.1624019296.1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.jsdelivr.net/npm/vue@2.x/dist/vue.js(Line 9099) Message: Download the Vue Devtools extension for a better development experience: https://github.com/vuejs/vue-devtools
console-api	info	URL: https://cdn.jsdelivr.net/npm/vue@2.x/dist/vue.js(Line 9108) Message: You are running Vue in development mode. Make sure to turn on production mode when deploying for production. See more tips at https://vuejs.org/guide/deployment.html
console-api	error	URL: https://blip.fm/_/js/spotify-api.js(Line 158) Message: Failed to initialize player
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]
console-api	error	URL: https://blip.fm/_/js/spotify-api.js(Line 163) Message: Authentication failed

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
7243f491dfd1ff125cdbf13397205ef5.safeframe.googlesyndication.com
a.tribalfusion.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
adv.office-partner.de
ajax.googleapis.com
analytics-wg.webgains.io
analytics.webgains.io
ap.lijit.com
api.spotify.com
api.webgains.io
apresolve.spotify.com
blip.fm
c.amazon-adsystem.com
cdn.ampproject.org
cdn.contentspread.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
d1uswytv6491xe.cloudfront.net
diapi.webgains.com
dsum-sec.casalemedia.com
empowerlocal-plugin-js.s3.us-east-2.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
google2waycm.netmng.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900011.redintelligence.net
hal90008.redintelligence.net
ib.adnxs.com
image6.pubmatic.com
miro.medium.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
s7.addthis.com
sdk.scdn.co
secure.quantserve.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.doubleclick.net
stats.g.doubleclick.net
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
ups.analytics.yahoo.com
us-u.openx.net
v1.addthisedge.com
w-it.m-t.io
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
z.moatads.com
c.amazon-adsystem.com
google2waycm.netmng.com
104.111.239.217
104.75.88.126
13.32.11.130
13.32.5.125
138.201.63.150
138.201.64.38
142.250.185.134
142.250.185.66
142.250.186.162
144.76.238.55
18.156.0.31
18.197.99.6
184.31.88.106
185.33.221.53
185.64.189.115
2.18.234.21
2.18.235.40
213.19.147.44
216.52.2.19
2600:1901:0:524d::
2600:1901:1:c36::
2600:9000:2104:ba00:6:44e3:f8c0:93a1
2606:4700:7::a29f:9804
2606:4700::6810:125e
2606:4700::6810:5714
2606:4700::6812:d05
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::2013
2a00:1450:4001:802::200a
2a00:1450:4001:803::2001
2a00:1450:4001:808::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9d
2a04:4e42:62::760
2a0b:4d07:101::1
34.96.105.8
35.186.193.173
35.186.253.211
35.190.0.66
35.244.159.8
46.236.13.147
52.219.96.56
54.163.233.121
54.73.127.151
65.9.77.72
65.9.77.81
69.173.144.139
81.29.72.47
88.99.65.215
99.86.242.87
0071fa71bc6cb76506dfe6863764423ec9e264f8c1c5dce0c440c0a40d8628b4
016411539995971c9ff63223ab1f0928560e13539dd504986bfab4127e585a58
0331c8ddf7e2e4c563865e009ffd9f677a617a3cf444ce15d7282bfc45d7f0a9
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b3fd8d57c048b1bd2b0207d58bca55ef61bcbd3774411ae8e30ef75f60288e8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c31123fb368dcdd5f9295146f31ac5deabd0599eca46aed6cd23a569c43b606
0f4b08d07ecca9f8fcaf108ea78bb163fc98cfc19a844bd0f87412ab34a41873
10985b0138ee107431b8118e0d8b2efa14439caf69807bf0bde75c96c578f018
111f89907f15880eac1cbb2d94d9ec4d166639db3a53ca75c11dd59a2887435d
11a5bbca810a22a80f83b603a213cc7875ee571ed06d7ca35993dd924086967d
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13926f48638052c04bbfc9072260f6dad5ef77b68932d2e0c62a58d25d6f4707
14d113467a814df77b9924a30f277b7502ca63b101f0c8bd7288c23a90fa9e0f
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
17c3bd5b578cb7f4fccd1ad422794185e0c96b0c68a60756f4b1a72b674972c8
1b11d2606f7b822fb696a44967a5073c65156afa190064d355a0074f01a00c92
1d14552be6ee4946f37aab45221783569a7de93bf04647d430d36102b4dcd748
1e26892b2736c82171e10cf7325fdc8627423517c96f0e12877de14ed63e8b07
1feda3dc45dfdcb46ec8f8abdafc23f06d4e2d954a864ec9e9e61b857dc8d1e8
1fee0b34c67a3e22047b627896862289225552817e79f658ade465b28c7103e0
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2341f1540d4f5fb1cd9fafd9b0f6046e3c7ccdf8d34cd755491afc43d044ca42
25bce8e58b57cec3ae1435b16fffb3e37588c91b252d111978ed38d8dc44c1c0
28736ae300811b270d6100347bb2b5b8dff8ff467a06350ab938b82dcb3087e4
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ec10609795a41b8c8ba8c965f125eb0350cd308db31eaef176e25a8e297e184
319513d84c6b2e0aea8ec6401142ad600dce83d99a4d45cea9a884875f403265
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
357666c70339cf6a94535db39de633477890624b7c75ce0ce34d65b47af167f0
357d6ae2ebd8020ab93fc6c378bb05b66495abc05a7cad1d19096678e266e1e2
35e9144015046c3d25f20ddbd1f3036306891c441a18343c1d1e2da6ff3c2bd1
3799840e4c9f8f842d29bd32da3ca39fc7cb1f5adf069126c37c996434f64e41
3834faad744e53aa5f64ec5d70a1f18b1ee549b20cb2d6e60841783d2c1a3f05
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
396e92552e8ff284f6e204090bc222578d5a1a6ec0f92ccf31ed5978606784b4
3983c27985f9ae67aed69d7ca6a82a682a7095df30b8d8253014de0f4ee97427
3c00d50d6046dfc2e2a7de2a5a177d35e11b708fe9fc93f966c0d28a304ab485
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
406c57a14a5d49eef620685e6c14ba326cb9cedd532180d13994d9108c6fc15a
408abc3a5bedff37056ecb1ba4872225de8a269ffe9aa04fd8fd38a7e7ec5116
450cd8f0848a395dd1c0e329fe4f5444e58cfd576162312a30d74a095d7135f2
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
488be06784aa550eb7dab0afe194a915a6f3fe952096c9d6720f37494c5121ba
4ac66c25615894c4154c349ff7a2d8501f46881622cd9c27f482424940f45a0c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6a2b0fd27801f153917af3d6558094fd0e76f7e08e21e78b45b0343362d3d6
4b6c4dd2186139cfe5da8627cbd85b7f54e8b4d84164a4f98af88427c6ebb5e0
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
4d8fb34a348de04796d4c3345c6dd241140103619b8d2a5d915b6ec0574c7175
4db8af548255ad1270380918e096b18fddd5b984f95fd4862f18575f8267162f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51849fb8f2b161981d2a508c4e58503a0a752c6bbac592a742d92efdb1c378c6
5345a3bf0a85143d337b572e4cea04e8705eb606e47611d54a7c1e1f6242308a
5414e320459eedf093eab1584143fb84536ba68b57ec1f8a82eecf86409a5b09
5913491ab33dd1891820af7d900c22d50839b52cc5e6c7c8da2bfa405d2ba8b0
655d2013c62900319a0da87ab51de91cf5432d6e119b7e8bd224389100b2931e
6744007e9eb762dee8e83109d992e739e0482ebbaf8c0f6ca3d6af439e267624
67f2b0a60f37796c436ea0d9f947a22cb196312a87705d10069b65acc2993f01
692ed6f5fb5ae582c77bad065c4cd169e718f52f05f47f4190e12c5405327f2b
69b75483b270421e1a89426dd59387ba090772313561c3e9fa415396a78e8936
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
79c5a4ccfe2dd8daaf8569491f817647ae3dd431c60979b6bc9e97bcfdac155c
82e2d5fd2ae7a2dfb049133d30a1c14aa65ddacffd138a73921f2994766c3324
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8389ab2ff25b494852f8aa7c6972c69140ffb4f74ad5fb5f030d6ed3a1160359
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
863e7d2c37417b268dcfbeb4430cccad660050490c6d66f2d657370df21c5b06
88c003ca3b8264aa64112d6c7ebe5a82011b6041c24460dbea7a31d3bfafee34
8cb700496eef9c259d7443bbb2acbba050df70c05219bfde16dd19d88e353af0
9585f9660d61236506d8fe0d442168949a866c238ee7fe8c5f32b0aec2b29d71
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5
99da2db4439f3f4400d3acd3000190e0835b8a7437e1cfb94741ae9f144cef37
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ea21905a7edfa4ceda705f977891d5e100f9709318836cfacbab47ad3321ff1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa9d6f4897fb855de3fab48cdb325cbf5c8db30a043203313243db639d183aaf
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad424799d35d4b41df396cf8dc64b406a5a06efb61c5b43101cf2325c8b3f4ce
ae6e79fcd093e4a8968d1ebc25b12f74f12503794384e0de7598761261c01f70
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b35bb15fd7f2c8d5de0036441d06d0015278cce973a2f1511bfb2d10e3b82721
b3d07bd62da73385f67aa7d09c598bade0243347339334c81763124a803dbaf7
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
c04e372715cffbc60a3f59d89c6ba50bb9f8adbc36c2e75cbd155f4ae1a911e8
c0e57c534e7fce5e66fb419c269b97d436385a2c69b9f508edf480ef60dedf91
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9dde92c72995d2a5636d09ba649d73e9d000023bec4af5dd6f0faf51a9452c4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d6ca5f20d4fd2e47eadffc46ee281009d54938926c49b25a444ce053b58d3182
d770749019637859894001e3ce01057cc47b89c89f5afe98f1c6d0aaf9a4648d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dcfeb7fd9cb494c5385d6c63bc932380fbb727554a67d8280b4e9f984f6ca0bc
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
dec6a0b276c15b010acbbc7c201810712d7b9f7217308225174dfdeda5d4f6e0
e06a1c6ca9fbdcbab4b4282bbf1e2255ef607b00b457086855a0b2bc33faf7a6
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
e4a54349dc54879fad8d1567c0dbaad10d67553f8d1c190f3939e46b434c6e9a
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e6d76a2dedcc68e2317925b345474a47ee6294694ded93655ee3d69559a4a583
e9e3c45036f94b5dd1a6635dbb06ba917ab249927e585e6446cb0774d5979784
ed769f6111ee6256ebb5f1f61a262a40c7182aa1f06bd086f50079bfc3659720
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77
fc6ec8de3d87d609bc36f08b8cfce273bb620c84e51ffb32d00cd957ac69d551
fc8423792df51446c8596b5222cb3588cb3809dc5deb21f194442211f9bc94c8
fde5cb245c80bc9ab4750c438f6a6c8af1d58e7cc89b50d58bc3e22570a520b4
ff7bf0e46bc638dc36c28fd98b218a1983bc2badd30cbed318de10c270f66ec1

blip.fm Open in urlscan Pro 54.163.233.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

192 Requests

99 %HTTPS

47 %IPv6

50 Domains

70 Subdomains

55 IPs

7 Countries

2938 kBTransfer

8286 kBSize

8 Cookies

2 Outgoing links

Redirected requests

192 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

blip.fm Open in urlscan Pro
54.163.233.121 Public Scan

Screenshot
Live screenshot

Full Image

192
Requests

99 %
HTTPS

47 %
IPv6

50
Domains

70
Subdomains

55
IPs

7
Countries

2938 kB
Transfer

8286 kB
Size

8
Cookies

192 HTTP transactions
3 data transactions