babesinhairland.com Open in urlscan Pro
192.124.249.6 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Submission Tags: falconsandbox
Submission: On June 27 via api (June 27th 2021, 4:15:28 pm UTC) from US

Summary HTTP 771 Redirects Links 41 Behaviour Indicators

Summary

This website contacted 80 IPs in 9 countries across 92 domains to perform 771 HTTP transactions. The main IP is 192.124.249.6, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is babesinhairland.com.

This is the only time babesinhairland.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32 70	192.124.249.6 192.124.249.6	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:2104:8c00:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:1901:0:3... 2600:1901:0:333a::	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2a7::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	65.9.77.9 65.9.77.9	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:2104:5200:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.29.0.64 52.29.0.64	16509 (AMAZON-02) (AMAZON-02)
1	151.101.132.84 151.101.132.84	54113 (FASTLY) (FASTLY)
1 2	65.9.77.92 65.9.77.92	16509 (AMAZON-02) (AMAZON-02)
3	151.101.13.194 151.101.13.194	54113 (FASTLY) (FASTLY)
1 2	65.9.77.116 65.9.77.116	16509 (AMAZON-02) (AMAZON-02)
9	65.9.86.127 65.9.86.127	16509 (AMAZON-02) (AMAZON-02)
3 7	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
8	2a03:2880:f23... 2a03:2880:f234:1c5:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f23... 2a03:2880:f234:c5:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
8	35.186.236.140 35.186.236.140	15169 (GOOGLE) (GOOGLE)
51	2606:4700::68... 2606:4700::6812:fb0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.77.126 65.9.77.126	16509 (AMAZON-02) (AMAZON-02)
1	199.232.80.84 199.232.80.84	54113 (FASTLY) (FASTLY)
13 18	52.208.103.128 52.208.103.128	16509 (AMAZON-02) (AMAZON-02)
7 7	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (TURN) (TURN)
2 2	54.170.210.188 54.170.210.188	16509 (AMAZON-02) (AMAZON-02)
15 15	185.29.133.208 185.29.133.208	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	69.169.86.38 69.169.86.38	29838 (AMC) (AMC)
7 10	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
7 8	51.89.21.10 51.89.21.10	16276 (OVH) (OVH)
1 1	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
27 46	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
14	2a01:7e00:1::... 2a01:7e00:1::b24f:afb0	63949 (LINODE-AP...) (LINODE-AP Linode)
15 105	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
14	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
12	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	18.211.29.63 18.211.29.63	14618 (AMAZON-AES) (AMAZON-AES)
10 54	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
7	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
9 17	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
7	52.72.175.147 52.72.175.147	14618 (AMAZON-AES) (AMAZON-AES)
7	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
7	52.17.188.230 52.17.188.230	16509 (AMAZON-02) (AMAZON-02)
37	52.208.210.171 52.208.210.171	16509 (AMAZON-02) (AMAZON-02)
9	3.123.167.229 3.123.167.229	16509 (AMAZON-02) (AMAZON-02)
23	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	18.158.188.139 18.158.188.139	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
4	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1 3	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
4	34.246.229.148 34.246.229.148	16509 (AMAZON-02) (AMAZON-02)
15 31	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
19	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
10	34.205.51.230 34.205.51.230	14618 (AMAZON-AES) (AMAZON-AES)
8	67.202.110.22 67.202.110.22	32748 (STEADFAST) (STEADFAST)
2 2	3.122.38.187 3.122.38.187	16509 (AMAZON-02) (AMAZON-02)
4 4	51.75.15.106 51.75.15.106	16276 (OVH) (OVH)
10 10	3.125.99.7 3.125.99.7	16509 (AMAZON-02) (AMAZON-02)
10 20	34.246.39.97 34.246.39.97	16509 (AMAZON-02) (AMAZON-02)
9 10	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
10 10	37.157.2.235 37.157.2.235	198622 (ADFORM) (ADFORM)
5 21	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
5 5	52.6.250.79 52.6.250.79	14618 (AMAZON-AES) (AMAZON-AES)
10 15	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
5	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
4 7	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
8 8	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
5	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
10 10	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
8 13	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
5 5	52.203.172.63 52.203.172.63	14618 (AMAZON-AES) (AMAZON-AES)
3 13	35.158.9.168 35.158.9.168	16509 (AMAZON-02) (AMAZON-02)
6 12	52.95.124.165 52.95.124.165	16509 (AMAZON-02) (AMAZON-02)
17 17	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
9 9	18.159.8.206 18.159.8.206	16509 (AMAZON-02) (AMAZON-02)
10 10	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
15 15	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
5	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 5	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
37	52.50.187.150 52.50.187.150	16509 (AMAZON-02) (AMAZON-02)
5	3.228.133.61 3.228.133.61	14618 (AMAZON-AES) (AMAZON-AES)
10 10	52.58.236.252 52.58.236.252	16509 (AMAZON-02) (AMAZON-02)
5 5	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
5 5	185.86.137.107 185.86.137.107	201081 (SMARTADSE...) (SMARTADSERVER)
5	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
5 5	202.241.208.56 202.241.208.56	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
6 6	51.178.20.140 51.178.20.140	16276 (OVH) (OVH)
3	3.124.126.155 3.124.126.155	16509 (AMAZON-02) (AMAZON-02)
3	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	70.42.32.63 70.42.32.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
771	80

70 192.124.249.6 (Menifee, United States) 32 redirects

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10006.sucuri.net

babesinhairland.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:8c00:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

w.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:333a:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

monu.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2a7::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.77.9 (United States)

ASN16509 (AMAZON-02, US)

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:5200:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.0.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-0-64.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.132.84 (Madrid, Spain)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.77.92 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.77.116 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

js.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 65.9.86.127 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f234:1c5:face:b00c:0:43fe (Dallas, United States)

ASN32934 (FACEBOOK, US)

scontent-dfw5-2.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f234:c5:face:b00c:0:43fe (Dallas, United States)

ASN32934 (FACEBOOK, US)

scontent-dfw5-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.186.236.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.236.186.35.bc.googleusercontent.com

imps.monu.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2606:4700::6812:fb0 (United States)

ASN13335 (CLOUDFLARENET, US)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.77.126 (United States)

ASN16509 (AMAZON-02, US)

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.80.84 (Marseille, France)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.208.103.128 (Dublin, Ireland) 13 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:678:cb4:bbbb::13 (United Kingdom) 7 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.170.210.188 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-210-188.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.29.133.208 (United Kingdom) 15 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.86.38 (Cranford, United States)

ASN29838 (AMC, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.14.49 (Frankfurt am Main, Germany) 7 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 51.89.21.10 (London, United Kingdom) 7 redirects

ASN16276 (OVH, FR)

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.99.241 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 142.250.74.194 (United States) 27 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a01:7e00:1::b24f:afb0 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)

ipwatch.monu.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

105 72.251.249.14 (Amsterdam, Netherlands) 15 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.211.29.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 34.98.64.218 (Kansas City, United States) 10 redirects

ASN15169 (GOOGLE, US)

bloggernetwork-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 37.252.172.249 (Frankfurt am Main, Germany) 9 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.72.175.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

display.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.17.188.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-188-230.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 52.208.210.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.123.167.229 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cmp-cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.188.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-188-139.eu-central-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.242.245 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.246.229.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-229-148.eu-west-1.compute.amazonaws.com

tags.researchnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 76.223.111.131 (United States) 15 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.205.51.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-51-230.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 67.202.110.22 (Crown Point, United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-110.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.38.187 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.75.15.106 (France) 4 redirects

ASN16276 (OVH, FR)

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.125.99.7 (Frankfurt am Main, Germany) 10 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 34.246.39.97 (Dublin, Ireland) 10 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 9 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.157.2.235 (Denmark) 10 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 35.244.159.8 (Kansas City, United States) 5 redirects

ASN15169 (GOOGLE, US)

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.6.250.79 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.111.242.53 (Frankfurt am Main, Germany) 10 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 154.59.122.79 (United States) 3 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.14 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 66.155.71.150 (Portsmouth, United Kingdom) 8 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 198.148.27.139 (New York, United States) 10 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 159.253.128.188 (Amsterdam, Netherlands) 8 redirects

ASN36351 (SOFTLAYER, US)

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.203.172.63 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-172-63.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 35.158.9.168 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.95.124.165 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.184.8.65 (Amsterdam, Netherlands) 17 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.159.8.206 (Frankfurt am Main, Germany) 9 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 193.0.160.128 (United States) 10 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 213.19.147.44 (United Kingdom) 15 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1288:110:c305::8000 (Dublin, Ireland) 4 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 52.50.187.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.228.133.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.58.236.252 (Frankfurt am Main, Germany) 10 redirects

ASN16509 (AMAZON-02, US)

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.19.147.45 (United Kingdom) 5 redirects

ASN26120 (RHYTHMONE, US)

sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.86.137.107 (France) 5 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 202.241.208.56 (Japan) 5 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.178.20.140 (France) 6 redirects

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.124.126.155 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

j.mrpdata.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

openx2-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.63 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
105	lijit.com 15 redirects ap.lijit.com ce.lijit.com	138 KB
77	openx.net 16 redirects bloggernetwork-d.openx.net us-u.openx.net eu-u.openx.net rtb.openx.net	19 KB
76	gumgum.com 1 redirects js.gumgum.com g2.gumgum.com rtb.gumgum.com	63 KB
70	babesinhairland.com 32 redirects babesinhairland.com	1 MB
58	doubleclick.net 28 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net	202 KB
51	pinimg.com i.pinimg.com	1 MB
31	adsrvr.org match.adsrvr.org Failed data.adsrvr.org	11 KB
27	googlesyndication.com 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	128 KB
26	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com Failed	102 KB
25	monu.delivery monu.delivery imps.monu.delivery ipwatch.monu.delivery	159 KB
24	adnxs.com 13 redirects ib.adnxs.com secure.adnxs.com	21 KB
23	cookielaw.org cmp-cdn.cookielaw.org cdn.cookielaw.org	184 KB
21	amazon-adsystem.com ir-na.amazon-adsystem.com Failed c.amazon-adsystem.com aax-eu.amazon-adsystem.com	42 KB
20	bidr.io 10 redirects match.prod.bidr.io	10 KB
19	2mdn.net s0.2mdn.net	966 KB
19	yahoo.com 4 redirects c2shb.ssp.yahoo.com pr-bh.ybp.yahoo.com	9 KB
19	crwdcntrl.net 13 redirects tags.crwdcntrl.net bcp.crwdcntrl.net sync.crwdcntrl.net	21 KB
17	creativecdn.com 17 redirects creativecdn.com	6 KB
17	bfmio.com display.bfmio.com sync.bfmio.com	9 KB
15	1rx.io 15 redirects sync.1rx.io	6 KB
15	owneriq.net 10 redirects px.owneriq.net	6 KB
15	33across.com ssc.33across.com ssc-cms.33across.com	4 KB
15	mathtag.com 15 redirects sync.mathtag.com	7 KB
13	bidswitch.net 3 redirects x.bidswitch.net	3 KB
13	simpli.fi 8 redirects um.simpli.fi	5 KB
12	360yield.com 12 redirects ice.360yield.com ad.360yield.com	4 KB
12	districtm.io dmx.districtm.io cdn.districtm.io	710 B
10	rfihub.com 10 redirects p.rfihub.com	7 KB
10	contextweb.com 10 redirects bh.contextweb.com	4 KB
10	rubiconproject.com pixel-eu.rubiconproject.com pixel-us-east.rubiconproject.com	2 KB
10	adform.net 10 redirects c1.adform.net	5 KB
10	quantserve.com 9 redirects pixel.quantserve.com	3 KB
10	w55c.net 10 redirects pm.w55c.net	7 KB
10	everesttech.net 7 redirects sync-tm.everesttech.net	2 KB
9	mfadsrvr.com 9 redirects rtb.mfadsrvr.com	5 KB
9	sharethrough.com btlr.sharethrough.com	1 KB
9	cdninstagram.com scontent-dfw5-2.cdninstagram.com scontent-dfw5-1.cdninstagram.com	2 MB
8	sitescout.com 8 redirects pixel-sync.sitescout.com	2 KB
8	id5-sync.com 7 redirects id5-sync.com	12 KB
8	turn.com 8 redirects d.turn.com ad.turn.com	3 KB
7	yieldmo.com ads.yieldmo.com	2 KB
7	sonobi.com apex.go.sonobi.com	5 KB
6	dyntrk.com 6 redirects gu.dyntrk.com	4 KB
6	casalemedia.com 3 redirects as-sec.casalemedia.com dsum-sec.casalemedia.com	5 KB
5	socdm.com 5 redirects tg.socdm.com	3 KB
5	emxdgt.com cs.emxdgt.com
5	smartadserver.com 5 redirects ssbsync.smartadserver.com	998 B
5	unrulymedia.com 5 redirects sync.targeting.unrulymedia.com	2 KB
5	stackadapt.com sync.srv.stackadapt.com	840 B
5	media.net contextual.media.net	2 KB
5	postrelease.com 5 redirects jadserve.postrelease.com	2 KB
5	clickagy.com 5 redirects aorta.clickagy.com	3 KB
4	mediarithmics.com 4 redirects cookie-matching.mediarithmics.com	2 KB
4	researchnow.com tags.researchnow.com	37 KB
4	pinterest.com assets.pinterest.com widgets.pinterest.com log.pinterest.com	29 KB
3	dotomi.com openx2-match.dotomi.com	310 B
3	mrpdata.net j.mrpdata.net	225 B
3	acuityplatform.com 3 redirects ums.acuityplatform.com	2 KB
3	teads.tv 1 redirects sync.teads.tv	586 B
3	googletagservices.com www.googletagservices.com	103 KB
3	google.com adservice.google.com www.google.com	1 KB
3	fastly.net confiant-integrations.global.ssl.fastly.net	152 KB
3	gstatic.com fonts.gstatic.com	56 KB
3	sharethis.com w.sharethis.com l.sharethis.com	9 KB
2	outbrain.com sync.outbrain.com Failed	1 KB
2	clarium.io protected-by.clarium.io	690 B
2	onetrust.com geolocation.onetrust.com	634 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	rlcdn.com 1 redirects ats.rlcdn.com api.rlcdn.com Failed	61 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	75 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	blismedia.com tr.blismedia.com	135 B
1	google.be adservice.google.be	853 B
1	bluekai.com 1 redirects tags.bluekai.com	295 B
1	ib-ibi.com global.ib-ibi.com	72 B
1	privacymanager.io geo.privacymanager.io	594 B
1	indexww.com js-sec.indexww.com	13 KB
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	6 KB
0	advertising.com Failed pixel.advertising.com Failed
0	yieldlab.net Failed ad.yieldlab.net Failed
0	zemanta.com Failed b1sync.zemanta.com Failed
0	deepintent.com Failed match.deepintent.com Failed
0	technoratimedia.com Failed sync.technoratimedia.com Failed
0	ipredictive.com Failed sync.ipredictive.com Failed
0	erne.co Failed green.erne.co Failed
0	justpremium.com Failed match.justpremium.com Failed
0	smadex.com Failed cm.smadex.com Failed
0	clientgear.com Failed event.clientgear.com Failed
0	perf-serving.com Failed prod.perf-serving.com Failed
0	w.org Failed s.w.org Failed
771	92

	Domain	Requested by
74	ce.lijit.com	1 redirects ap.lijit.com us-u.openx.net rtb.gumgum.com
70	babesinhairland.com	32 redirects babesinhairland.com
59	rtb.gumgum.com	ap.lijit.com rtb.gumgum.com
51	i.pinimg.com	babesinhairland.com
46	cm.g.doubleclick.net	27 redirects bcp.crwdcntrl.net googleads.g.doubleclick.net eu-u.openx.net ap.lijit.com rtb.gumgum.com
35	eu-u.openx.net	7 redirects monu.delivery eu-u.openx.net us-u.openx.net
33	us-u.openx.net	8 redirects googleads.g.doubleclick.net eu-u.openx.net ap.lijit.com us-u.openx.net
31	ap.lijit.com	14 redirects monu.delivery ap.lijit.com
26	match.adsrvr.org	js-sec.indexww.com monu.delivery eu-u.openx.net rtb.gumgum.com
22	cmp-cdn.cookielaw.org	monu.delivery cmp-cdn.cookielaw.org babesinhairland.com
20	match.prod.bidr.io	10 redirects eu-u.openx.net ap.lijit.com
19	ads.pubmatic.com	monu.delivery ap.lijit.com rtb.gumgum.com
19	s0.2mdn.net	babesinhairland.com 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com s0.2mdn.net
17	creativecdn.com	17 redirects
17	ib.adnxs.com	9 redirects monu.delivery googleads.g.doubleclick.net
15	sync.1rx.io	15 redirects
15	px.owneriq.net	10 redirects ap.lijit.com
15	g2.gumgum.com	monu.delivery js.gumgum.com
15	sync.mathtag.com	15 redirects
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net babesinhairland.com 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
14	c2shb.ssp.yahoo.com	monu.delivery
14	ipwatch.monu.delivery	monu.delivery
13	x.bidswitch.net	3 redirects ap.lijit.com rtb.gumgum.com
13	um.simpli.fi	8 redirects ap.lijit.com
13	bcp.crwdcntrl.net	12 redirects tags.crwdcntrl.net
12	aax-eu.amazon-adsystem.com	6 redirects ap.lijit.com us-u.openx.net
10	ad.360yield.com	10 redirects
10	p.rfihub.com	10 redirects
10	bh.contextweb.com	10 redirects
10	c1.adform.net	10 redirects
10	pixel.quantserve.com	9 redirects ap.lijit.com
10	pm.w55c.net	10 redirects
10	sync.bfmio.com	monu.delivery sync.bfmio.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com tpc.googlesyndication.com babesinhairland.com
10	sync-tm.everesttech.net	7 redirects rtb.gumgum.com
9	rtb.mfadsrvr.com	9 redirects
9	btlr.sharethrough.com	monu.delivery
9	c.amazon-adsystem.com	monu.delivery c.amazon-adsystem.com
8	pixel-sync.sitescout.com	8 redirects
8	ssc-cms.33across.com	monu.delivery rtb.gumgum.com
8	id5-sync.com	7 redirects
8	imps.monu.delivery	babesinhairland.com
8	scontent-dfw5-2.cdninstagram.com	babesinhairland.com
7	secure.adnxs.com	4 redirects ap.lijit.com rtb.gumgum.com
7	ads.yieldmo.com	monu.delivery
7	apex.go.sonobi.com	monu.delivery
7	display.bfmio.com	monu.delivery
7	hbopenbid.pubmatic.com	monu.delivery
7	bloggernetwork-d.openx.net	monu.delivery
7	ssc.33across.com	monu.delivery
7	dmx.districtm.io	monu.delivery
7	d.turn.com	7 redirects
6	gu.dyntrk.com	6 redirects
5	tg.socdm.com	5 redirects
5	cs.emxdgt.com	rtb.gumgum.com
5	ssbsync.smartadserver.com	5 redirects
5	sync.targeting.unrulymedia.com	5 redirects
5	sync.srv.stackadapt.com	rtb.gumgum.com
5	pr-bh.ybp.yahoo.com	4 redirects us-u.openx.net
5	contextual.media.net	ap.lijit.com
5	jadserve.postrelease.com	5 redirects
5	pixel-us-east.rubiconproject.com	ap.lijit.com
5	data.adsrvr.org	ap.lijit.com
5	pixel-eu.rubiconproject.com	ap.lijit.com
5	aorta.clickagy.com	5 redirects
5	cdn.districtm.io	monu.delivery
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	sync.crwdcntrl.net	1 redirects bcp.crwdcntrl.net
5	securepubads.g.doubleclick.net	1 redirects babesinhairland.com securepubads.g.doubleclick.net
4	cookie-matching.mediarithmics.com	4 redirects
4	tags.researchnow.com	babesinhairland.com
4	googleads4.g.doubleclick.net	babesinhairland.com
3	openx2-match.dotomi.com	us-u.openx.net
3	j.mrpdata.net	us-u.openx.net
3	ums.acuityplatform.com	3 redirects ap.lijit.com
3	sync.teads.tv	1 redirects googleads.g.doubleclick.net us-u.openx.net
3	googleads.g.doubleclick.net	0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com babesinhairland.com
3	www.googletagservices.com	securepubads.g.doubleclick.net 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
3	0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net confiant-integrations.global.ssl.fastly.net
3	confiant-integrations.global.ssl.fastly.net	monu.delivery confiant-integrations.global.ssl.fastly.net
3	fonts.gstatic.com	fonts.googleapis.com
3	monu.delivery	babesinhairland.com monu.delivery
2	sync.outbrain.com	rtb.gumgum.com
2	rtb.openx.net	1 redirects us-u.openx.net
2	ice.360yield.com	2 redirects
2	protected-by.clarium.io	0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
2	www.google.com	0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com tpc.googlesyndication.com
2	geolocation.onetrust.com	cmp-cdn.cookielaw.org
2	dpm.demdex.net	2 redirects
2	js.gumgum.com	1 redirects babesinhairland.com
2	ats.rlcdn.com	1 redirects babesinhairland.com
2	l.sharethis.com	w.sharethis.com babesinhairland.com
2	www.google-analytics.com	babesinhairland.com www.google-analytics.com
2	assets.pinterest.com	babesinhairland.com assets.pinterest.com
2	connect.facebook.net	babesinhairland.com connect.facebook.net
2	fonts.googleapis.com	babesinhairland.com s0.2mdn.net
1	tr.blismedia.com	us-u.openx.net
1	ad.turn.com	1 redirects
1	cdn.cookielaw.org	cmp-cdn.cookielaw.org
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.be	securepubads.g.doubleclick.net
1	tags.bluekai.com	1 redirects
1	global.ib-ibi.com	bcp.crwdcntrl.net
1	log.pinterest.com	babesinhairland.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	geo.privacymanager.io	ats.rlcdn.com
1	scontent-dfw5-1.cdninstagram.com	babesinhairland.com
1	js-sec.indexww.com	monu.delivery
1	widgets.pinterest.com	assets.pinterest.com
1	c.sharethis.mgr.consensu.org	w.sharethis.com
1	tags.crwdcntrl.net	monu.delivery
1	w.sharethis.com	babesinhairland.com
1	maxcdn.bootstrapcdn.com	babesinhairland.com
0	pixel.advertising.com Failed	us-u.openx.net
0	ad.yieldlab.net Failed	us-u.openx.net
0	b1sync.zemanta.com Failed	rtb.gumgum.com
0	match.deepintent.com Failed	rtb.gumgum.com
0	sync.technoratimedia.com Failed	rtb.gumgum.com
0	sync.ipredictive.com Failed	rtb.gumgum.com us-u.openx.net
0	green.erne.co Failed	us-u.openx.net
0	match.justpremium.com Failed	us-u.openx.net
0	image6.pubmatic.com Failed	ads.pubmatic.com
0	cm.smadex.com Failed	eu-u.openx.net
0	event.clientgear.com Failed	eu-u.openx.net
0	prod.perf-serving.com Failed	eu-u.openx.net
0	api.rlcdn.com Failed	js-sec.indexww.com
0	s.w.org Failed	babesinhairland.com
0	ir-na.amazon-adsystem.com Failed	babesinhairland.com
771	128

This site contains links to these domains. Also see Links.

Domain
astore.amazon.com
www.bloglovin.com
www.facebook.com
www.instagram.com
www.pinterest.com
feeds.feedburner.com
www.youtube.com
www.amazon.com
www.sweetheartshairdesign.com
sweetheartshair.com
twitter.com
www.linkedin.com
www.childrenwithhairloss.us
howsweetdesigns.com
restored316designs.com
www.studiopress.com
wordpress.org
cookiepedia.co.uk
tcf.cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
babesinhairland.com Go Daddy Secure Certificate Authority - G2	`2021-03-03` - `2022-04-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.gumgum.com Amazon	`2020-11-14` - `2021-12-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-04-07` - `2021-07-06`	3 months	crt.sh
*.pinimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-08` - `2022-07-09`	a year	crt.sh
*.privacymanager.io Amazon	`2020-10-24` - `2021-11-23`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.ib-ibi.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-03-08`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-18` - `2021-09-08`	6 months	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.bfmio.com Amazon	`2021-04-23` - `2022-05-22`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.yieldmo.com Amazon	`2021-05-25` - `2022-06-23`	a year	crt.sh
*.sharethrough.com Amazon	`2020-09-09` - `2021-10-11`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.google.be GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
protected-by.clarium.io Gandi Standard SSL CA 2	`2020-04-03` - `2022-04-26`	2 years	crt.sh
teads.tv R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
tags.researchnow.com Amazon	`2021-05-19` - `2022-06-17`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.id5-sync.com R3	`2021-06-01` - `2021-08-30`	3 months	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2021-04-09` - `2022-03-20`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
*.srv.stackadapt.com Amazon	`2020-12-09` - `2022-01-07`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.mrpdata.net Amazon	`2020-12-04` - `2022-01-02`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-05-01` - `2021-07-30`	3 months	crt.sh

This page contains 117 frames:

Primary Page: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Frame ID: DC0098570F5E0F44DBC604FCB5B2EDCB
Requests: 309 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 0BF199B8F324F367AD56F4A64552DC07
Requests: 1 HTTP requests in this frame

Frame: http://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: 7B949BD059B85C1B7133E4E223C28237
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=13511/rand=573709179/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr
Frame ID: 33ADAB36AE48FCCB9F567A781C6946A7
Requests: 7 HTTP requests in this frame

Frame: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D3C15A4A0BF22EC390FE2DD29A0B2F9F
Requests: 1 HTTP requests in this frame

Frame: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 482F9EE02EEB63A92D272BD7F631980A
Requests: 15 HTTP requests in this frame

Frame: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9FDB33FC1DA824E91A7FBBE2FDBBF480
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COOA3AIQ5fvLmwIYqMKfrQEwAQ&v=APEucNWSCbd3FR9L7LKJYr7CPQCB1HZ_sKMx75gLdXyNbNWCqjyXVngz8WZilUysVy4eWdj3hkS2ziwdYKZ3TO1x4sPTochT_f5MxiAQoHyujJOzhW-JQUZuoU2wGhWEMzQcI_Zae2xc8OQn33RvlgdEaOq9zSdkciDKPdDAj-xksOZTN4a0Cjc
Frame ID: 451A74800D9735041419A0EE8C9109F9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHFzgEQz92pAhj-g4mqATAB&v=APEucNW5E3J1TfubULHWyjX_rVmC9l4DsQInbwEj6ak124jaQUhzIVUGuTZlux7UwEfYJJIr3ZFKlkd-7j_wuL1HWpCDgfGGekq9uT-1fOzGL8fvVVFEGkrxcS-7C90PC1V945uZ_RBqSlWr2Y0kE-dhAaiP6JSyLk-joAhvce8ogvDqB5Xa1KY
Frame ID: 919F6C7F425A1EC5DFA57F3F8216A753
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 6493A1E9ECE3241089C6B65A0E7DB089
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C7E0D42B6643FAE8DDBFFD645E6CD03D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EDC1578C8DA62E616A58C1232EA04777
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/8947800/1621401132077/index.html
Frame ID: 7761818507013D94B134A7893E2528DC
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FF384A86EC4AE43CADC101ADCFB75778
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1907043113059267957/index.html
Frame ID: 5CB7C4274308B3189B3E82377CDE2B20
Requests: 13 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Frame ID: B6B4900826E9C6DB636FB7CC3D6C7647
Requests: 11 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: AB9F77794B7793D68DE6E1A6D4B0D64C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: C82E42B53AA7E46E8ED7174C8EEDC553
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Frame ID: EA00D7A1DDE28786DF2171AE692FA9EA
Requests: 11 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Frame ID: 13F61A113A1D1F25EA73F4C6FB53FBB0
Requests: 25 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Frame ID: FD7024F75BBECB258317375AE3BB77B8
Requests: 11 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1624810512330
Frame ID: 421077F360A18FE88300F85DC521602D
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Frame ID: 525D68BD565FAD48CC08CEE2BDEDA674
Requests: 11 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Frame ID: A1327C5088623A61896F23909DFC9508
Requests: 25 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Frame ID: 9F5B86FCA56568956E9385311FF4D6B8
Requests: 25 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1624810512189
Frame ID: BF3DEE00372AFECFB75F85BB43830F40
Requests: 2 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1624810512342
Frame ID: 639992B07849A20CE35B632F429AA58D
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bFQb0ON20r6RjGaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: F1947C838526C322C503AB4AF8CDE3EE
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Frame ID: 24747A5B76991352A45334A8B9BDC27E
Requests: 25 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 6475E98AF517F50BEBAF124172994018
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: E41D28882E944C0BF53B389B2C13E1EA
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13208641
Frame ID: BA9F4061655EF3C1866E31671027EF87
Requests: 25 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: 15047F5421EA59CE75253079656471A0
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bFQb0ON20r6RjGaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: C669EA9A5C1A88CF0F8256BB91D94A45
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: 4DEE6EBC716D894A96A02ED6C14E9FE7
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Frame ID: 4348958C2A8C4031F0A3D8748D14B33F
Requests: 11 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 703E2BCB7E7CF2D7F04C95CACA2B3426
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bFQb0ON20r6RjGaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 7C4DED79898BBB969EFCA33072A0F355
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: FDAD2EC4E9BB8754A9D68893B812486C
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1624810512214
Frame ID: 37DC480A6E4FEEA177343D6B3A31FD7A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 447454232D8FCA9A4F4863FBBE61653F
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1624810512531
Frame ID: 3C290AFE87F81BC87A45C1D43253F1DA
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: 62F9C3BE6CA65FE55A999F74C8400579
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bFQb0ON20r6RjGaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 00F8AC89C4F2C331B4D3D16EFD0649CC
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=
Frame ID: 3FE2EC2788E506611B14D4938786A009
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Frame ID: 10C6D6217FD2E2386093ABDF5BE4458B
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: ACAC3D3BEFA3B2F3E430033E4096112B
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: 96E0A66ADE859AB463D799BA54B76345
Requests: 16 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Frame ID: 32E7DE3DD6DDA09826D4A37F9EFA20FE
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Frame ID: B194ADF4A84CF9184C1C61C83C23FBEE
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: 28347D84647F7327C960CD2BAEE613A0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Frame ID: 6B177682CBC07796F1680A7DBC5235BB
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: 13F21DE649298B3E150B267B8A594EB1
Requests: 16 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=
Frame ID: 56EC6EB428435D878C319E1AC76DF705
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: C20B6791B627F17D74F5E4080CCFB708
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=
Frame ID: 5EF80D73F0982A3AC97CCF2DD23E4BA4
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: A39CFBD3FD0FC2FB787ADC0005D7D12C
Requests: 16 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Frame ID: 9106C094C349E6CB4055AEA9E278A9BD
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Frame ID: 014C3B20D6DAB53692A1988983CE0EF9
Requests: 8 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Frame ID: FE1D2B086D10270872C505FFA0A6666F
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Frame ID: 7047DE5A1B52D4F8556029DD6AA9D7BF
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: D6FEB9B73BD6A89C1FADEA4EBB856554
Requests: 16 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=
Frame ID: D833B30D978D60F30B39FB1877464D56
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: 31E84F22C52BE6B1530C7E537FE2FA6D
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
Frame ID: 27768DF0BAD2933701E9E48B607DA285
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YNikEwAB9olpMgBg&gdpr=1&gdpr_consent=&_test=YNikEwAB9olpMgBg
Frame ID: 2B1B0D9E411CB6D7FFB30D1F85C91501
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jYTQ4ZTBjYS02ZTg4LTQ5NmMtODA0MS0xZmJiZWNmY2RjNDM=&gdpr=1&gdpr_consent=
Frame ID: 2ADBE2D2B4EDA525964A7A6635488F31
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Frame ID: 9802998B6C07FB2AD529623E8A450B74
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 8730EAE16216AAFB893213216C7549F6
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 60F9FA3CD76A8B4FE1D8971C35644CAC
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 63FE799AB64E10DEA12BBFFB3D778C29
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YNikF8Co5soAAKkMCykAAAAA
Frame ID: 8380D7E0D6F76114D6E2FCDF6D2E676A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1871878971171637113
Frame ID: 8392A9A8E42CBC668AD2884163A89B71
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1
Frame ID: CE5CEEE5396218B5C85DCD94DE193DD9
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
Frame ID: 93F107725D7E78B862DECEE84351D66D
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YNikEwACJIa_1wAC
Frame ID: FBE8ECE606AC7E2C8735AFF072DA29C3
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82ODIyYTgzNy0zNmU4LTQ2NWQtOGM1Ny1lZmQyMmMzMGY2YzU=&gdpr=1&gdpr_consent=
Frame ID: 87F72CA68FB67A1BDA2672FC8ED65B0D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Frame ID: B52C9AF38F09598DAB36897CAB0ABC70
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: D31168FA6046E3D80FD7A261C34D71A6
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 08E9DCBA71BC5A026BF1E8CCF57CA16E
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 7C7AC82EC498C72A22D3E7321F553AAD
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YNikF8Co5soAAKkMC2MAAAAA
Frame ID: 6B7A11562B40BEB131D3B602C84B0FEE
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1871316021157751687
Frame ID: E563E89669E6E96792D9283E9CF77562
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1
Frame ID: 4F30CD12B128833BDBB56D22F6BF571A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
Frame ID: CBE0438E14D7D372DBE0DA68FECA3DDE
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
Frame ID: F83C6C34275221A20B2102F0E2052EF4
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jYTQ4ZTBjYS02ZTg4LTQ5NmMtODA0MS0xZmJiZWNmY2RjNDM=&gdpr=1&gdpr_consent=
Frame ID: 8133939EECCD7784B77B20811D6B137D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Frame ID: C6269EE5E3FAAD5AED359F89440FE9CA
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 8EDED937A2482A0FF53A63C3D899398A
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 4144CC8B17BA4C27BFD6EDCB8F194E3D
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: D75E24D5DC79B22BC80FD402701C1B10
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YNikF8Co5soAAKkMC5gAAAAA
Frame ID: AD104FDEC96070BA4146AE9C5DDCBA54
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1875819620917243488
Frame ID: D42B1E3BCD7F56DC9B38DBBAFDB74626
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1
Frame ID: A9B75EF3DF08829A6FF3FDDE9020A75D
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
Frame ID: 90CA86CDB7EC53171754312081B3750D
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
Frame ID: 0830A554AE95AEE6D3B2D2417BB1487E
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jYTQ4ZTBjYS02ZTg4LTQ5NmMtODA0MS0xZmJiZWNmY2RjNDM=&gdpr=1&gdpr_consent=
Frame ID: AAC7AFB977A3ECEC13C4C5C67554E1A7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Frame ID: 9758D59FB9A73219B38E6E245B7002D3
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: BB2ED0EF5B00CD646806CA912E66FD1C
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: AB1610DDCC6F41BB2309DF9925F35D2A
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 9CF9F5468887F72D1A2D801F77D6A03E
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YNikGMCo5soAAKkMC9wAAAAA
Frame ID: 36F67402A8D7AD41E64CA05D61F02596
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1871316021157751788
Frame ID: E8664A087EBCF23D99E233820BDD3D89
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1
Frame ID: 07A28B97334FFA9318D4601EE4172A02
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Frame ID: B833970CAE64AEC42F9D7E509E6A9956
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: 399D9D79D86E9945CC3D191069948E3B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Frame ID: 6EC271FF7744ECA1DB8D8325229A12BA
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: 74FB27F7ED3F42FF891BE8C46082D0F9
Requests: 14 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=
Frame ID: 9CA2F02F3D42F31941EFC191DBA1016E
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82ODIyYTgzNy0zNmU4LTQ2NWQtOGM1Ny1lZmQyMmMzMGY2YzU=&gdpr=1&gdpr_consent=
Frame ID: 075D5F7BE8747267A7B9FA829EDFEE56
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Frame ID: 61C032A4AAE4DD293CD7A121A57229C3
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 948C561BF7671EBAEA090F9E6A8A491D
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 1A390485016AB2B0A79FFE9399D934D7
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: E194220C57805BB8BFB7406A70F63B76
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YNikGMCo5soAAKkMDCoAAAAA
Frame ID: DBB3D5F89B5FEBABEF25AC342EACE037
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1871597496198972629
Frame ID: 6312860F1A5D3F5B26F54473BE07A3CB
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum
Frame ID: 14755E921A2B52AA2677BF2130713FAA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Page Statistics

771
Requests

88 %
HTTPS

26 %
IPv6

92
Domains

128
Subdomains

80
IPs

9
Countries

6735 kB
Transfer

10653 kB
Size

0
Cookies

41 Outgoing links

These are links going to different origins than the main page.

URL: http://astore.amazon.com/babeinhair-20?_encoding=UTF8&node=2
Title: Our Book

Search URL Search Domain Scan URL

URL: https://www.bloglovin.com/blogs/babes-in-hairland-3998652
Title: Bloglovin

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BabesInHairlandBlog/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/babesinhairlandblog/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/babesinhairland/
Title: Pinterest

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/BabesInHairland
Title: RSS

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BabesinHairland/featured
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BabesInHairlandBlog/posts/1343679815702191
Title: read the entire the FB post and comments HERE

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/076115678X/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=076115678X&linkCode=as2&tag=babeinhair-20&linkId=26cc3bedbcc3c812e6b9e2ebf7eec398
Title: Curly Girl: The Handbook

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/076115678X/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=076115678X&linkCode=as2&tag=babeinhair-20&linkId=e92dd2478b2807d53ad84aa04b2e645f
Title: Curly Girl: The Handbook, click HERE.

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/B008D5I61Y/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B008D5I61Y&linkCode=as2&tag=babeinhair-20&linkId=643dbc625294e92f4136487c02121783
Title: Cantu’s Coconut Curling Cream

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/B00OFUU3KI/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B00OFUU3KI&linkCode=as2&tag=babeinhair-20&linkId=cee41ba817083fbf99074b986da941aa
Title: Cantu Care for Kids Conditioning Detangler

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/B008D5I61Y/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B008D5I61Y&linkCode=as2&tag=babeinhair-20&linkId=f6488716d237c105c5ec49b52c441992
Title: HERE to purchase Cantu Curling Cream

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/B00OFUU3KI/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B00OFUU3KI&linkCode=as2&tag=babeinhair-20&linkId=d8a5c1f63e4beff3442de1fa28009fb0
Title: HERE for Cantu’s Conditioning Detangler Spray

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/B003E0VMWI/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B003E0VMWI&linkCode=as2&tag=babeinhair-20&linkId=18484bd5a9a591d478c734fc033f7fb2
Title: Fairy Tales Detangling Spray

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/B003E0VMWI/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B003E0VMWI&linkCode=as2&tag=babeinhair-20&linkId=2f66c388a8a1ca0f9d26274e2a254f4b
Title: Fairy Tales Static Free Detangling Spray, click HERE.

Search URL Search Domain Scan URL

URL: http://www.sweetheartshairdesign.com/
Title: Sweet Hearts Hair Design

Search URL Search Domain Scan URL

URL: https://sweetheartshair.com/product/sweethearts-hair-detangler/
Title: Detangling Spray go HERE

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/B00821ZHMK/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B00821ZHMK&linkCode=as2&tag=babeinhair-20&linkId=d6267b640af0b2d7797fde7230905019
Title: Wet Brush Pro Detangle Hair Brush

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/B00821ZHMK/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B00821ZHMK&linkCode=as2&tag=babeinhair-20&linkId=fa485627b3e90bd7145513a8359adbf1
Title: purchase or find out more about The Wet Brush, click HERE.

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/B00JWWJ0B2/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B00JWWJ0B2&linkCode=as2&tag=babeinhair-20&linkId=015910acdba95f05ee61ae2806eb92de
Title: THIS Silk Pillowcase

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Title: Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/share?url=https://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/&text=How%20to%20Care%20for%20Your%20Daughter%E2%80%99s%20Curly%20Hair%20%E2%80%93%20Tips%2C%20Tricks%20%26%20Advice%20
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Title: Linkedin

Search URL Search Domain Scan URL

URL: http://www.childrenwithhairloss.us//

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/B6gGFQtHrOl/
Title: Merry Christmas! Wishing you and your

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/B6d-YlnH4ok/
Title: Happy Christmas Eve! This will forever be my favor

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/B6bD0uDH8_f/
Title: I miss her being in elementary school when Christm

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/B6Jh5sSH4O0/
Title: High double buns for the win! . . #babesinhairland

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/B5Yz82PnhrS/
Title: Pre Thanksgiving fun at our house! It's been snowi

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/B5TSxzaH88I/
Title: Memory Monday! Be sure to get your Thanksgiving ha

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/B4loPUUnM6t/
Title: Let's just pretend it's a week ago and this just h

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/B4OFRF1H3-T/
Title: Happy Fall y'all! Just got back from a glorious tr

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/B3Xw8RPnFw1/
Title: I'm rather slow posting these, but McKayla went to

Search URL Search Domain Scan URL

URL: http://howsweetdesigns.com/
Title: How Sweet Designs

Search URL Search Domain Scan URL

URL: http://restored316designs.com/themes
Title: Divine Theme

Search URL Search Domain Scan URL

URL: https://www.studiopress.com/
Title: Genesis Framework

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://tcf.cookiepedia.co.uk/?lang=en
Title: | View Full Legal Text Opens in a new window

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://babesinhairland.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.4.0.1 HTTP 301
https://babesinhairland.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.4.0.1

Request Chain 1

http://babesinhairland.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.1 HTTP 301
https://babesinhairland.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.1

Request Chain 2

http://babesinhairland.com/wp-content/themes/restored316-divine/style.css?ver=1.0.4 HTTP 301
https://babesinhairland.com/wp-content/themes/restored316-divine/style.css?ver=1.0.4

Request Chain 3

http://babesinhairland.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2 HTTP 301
https://babesinhairland.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2

Request Chain 4

http://babesinhairland.com/wp-content/plugins/jquery-pin-it-button-for-images/css/client.css?ver=3.0.6 HTTP 301
https://babesinhairland.com/wp-content/plugins/jquery-pin-it-button-for-images/css/client.css?ver=3.0.6

Request Chain 5

http://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.7.2 HTTP 307
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.7.2

Request Chain 7

http://babesinhairland.com/wp-includes/css/dashicons.min.css?ver=5.7.2 HTTP 301
https://babesinhairland.com/wp-includes/css/dashicons.min.css?ver=5.7.2

Request Chain 8

http://babesinhairland.com/wp-content/plugins/simple-social-icons/css/style.css?ver=3.0.2 HTTP 301
https://babesinhairland.com/wp-content/plugins/simple-social-icons/css/style.css?ver=3.0.2

Request Chain 9

http://babesinhairland.com/wp-content/plugins/yet-another-related-posts-plugin/style/styles_thumbnails.css?ver=5.22.0 HTTP 301
https://babesinhairland.com/wp-content/plugins/yet-another-related-posts-plugin/style/styles_thumbnails.css?ver=5.22.0

Request Chain 10

http://babesinhairland.com/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=13.4.2 HTTP 301
https://babesinhairland.com/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=13.4.2

Request Chain 11

http://babesinhairland.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1 HTTP 301
https://babesinhairland.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Request Chain 12

http://babesinhairland.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP 301
https://babesinhairland.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Request Chain 14

http://babesinhairland.com/wp-content/themes/restored316-divine/js/responsive-menu.js?ver=1.0.0 HTTP 301
https://babesinhairland.com/wp-content/themes/restored316-divine/js/responsive-menu.js?ver=1.0.0

Request Chain 15

http://babesinhairland.com/wp-content/plugins/simple-social-icons/svgxuse.js?ver=1.1.21 HTTP 301
https://babesinhairland.com/wp-content/plugins/simple-social-icons/svgxuse.js?ver=1.1.21

Request Chain 16

http://babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.2 HTTP 301
https://babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.2

Request Chain 18

http://connect.facebook.net/en_US/sdk.js HTTP 307
https://connect.facebook.net/en_US/sdk.js

Request Chain 19

http://babesinhairland.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2 HTTP 301
https://babesinhairland.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2

Request Chain 20

http://babesinhairland.com/wp-content/uploads/profile.png HTTP 301
https://babesinhairland.com/wp-content/uploads/profile.png

Request Chain 21

http://babesinhairland.com/wp-content/uploads/YourAdHere3ab.jpg HTTP 301
https://babesinhairland.com/wp-content/uploads/YourAdHere3ab.jpg

Request Chain 22

http://babesinhairland.com/wp-content/uploads/BOMB-ad-300x250JPG-1.jpg HTTP 301
https://babesinhairland.com/wp-content/uploads/BOMB-ad-300x250JPG-1.jpg

Request Chain 23

http://babesinhairland.com/wp-content/uploads/ChildrenWHairLossAd100x300.jpg HTTP 301
https://babesinhairland.com/wp-content/uploads/ChildrenWHairLossAd100x300.jpg

Request Chain 25

http://babesinhairland.com/wp-content/plugins/instagram-feed/img/placeholder.png HTTP 301
https://babesinhairland.com/wp-content/plugins/instagram-feed/img/placeholder.png

Request Chain 26

http://assets.pinterest.com/js/pinit.js HTTP 307
https://assets.pinterest.com/js/pinit.js

Request Chain 27

http://babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/css/ssba.css?ver=5.7.2 HTTP 301
https://babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/css/ssba.css?ver=5.7.2

Request Chain 28

http://babesinhairland.com/wp-content/plugins/yet-another-related-posts-plugin/style/related.css?ver=5.22.0 HTTP 301
https://babesinhairland.com/wp-content/plugins/yet-another-related-posts-plugin/style/related.css?ver=5.22.0

Request Chain 29

http://babesinhairland.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.4.0.1 HTTP 301
https://babesinhairland.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.4.0.1

Request Chain 30

http://babesinhairland.com/wp-content/plugins/jquery-pin-it-button-for-images/js/jpibfi.client.js?ver=3.0.6 HTTP 301
https://babesinhairland.com/wp-content/plugins/jquery-pin-it-button-for-images/js/jpibfi.client.js?ver=3.0.6

Request Chain 31

http://babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=5.7.2 HTTP 301
https://babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=5.7.2

Request Chain 32

http://babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=13.4.2 HTTP 301
https://babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=13.4.2

Request Chain 33

http://babesinhairland.com/wp-includes/js/wp-embed.min.js?ver=5.7.2 HTTP 301
https://babesinhairland.com/wp-includes/js/wp-embed.min.js?ver=5.7.2

Request Chain 34

http://babesinhairland.com/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=2.9.1 HTTP 301
https://babesinhairland.com/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=2.9.1

Request Chain 37

http://babesinhairland.com/wp-content/plugins/simple-social-icons/symbol-defs.svg HTTP 0
https://babesinhairland.com/wp-content/plugins/simple-social-icons/symbol-defs.svg

Request Chain 38

http://babesinhairland.com/wp-content/uploads/header.png HTTP 301
https://babesinhairland.com/wp-content/uploads/header.png

Request Chain 45

http://babesinhairland.com/wp-content/uploads/Screen-Shot-2017-05-16-at-10.04.47-AM.png HTTP 301
https://babesinhairland.com/wp-content/uploads/Screen-Shot-2017-05-16-at-10.04.47-AM.png

Request Chain 50

http://babesinhairland.com/wp-content/uploads/Screen-Shot-2017-05-16-at-10.07.32-AM.png HTTP 301
https://babesinhairland.com/wp-content/uploads/Screen-Shot-2017-05-16-at-10.07.32-AM.png

Request Chain 55

http://babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/fonts/ssbp.woff?xj3ol1 HTTP 301
https://babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/fonts/ssbp.woff?xj3ol1

Request Chain 59

http://babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/fonts/ssbp.ttf?xj3ol1 HTTP 301
https://babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/fonts/ssbp.ttf?xj3ol1

Request Chain 61

http://ats.rlcdn.com/ats.js HTTP 301
https://ats.rlcdn.com/ats.js

Request Chain 64

http://js.gumgum.com/services.js HTTP 301
https://js.gumgum.com/services.js

Request Chain 67

http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 301
https://securepubads.g.doubleclick.net/tag/js/gpt.js

Request Chain 143

http://babesinhairland.com/wp-content/uploads/sb-instagram-feed-images/74611878_494760484453465_4282114128014529382_nlow.jpg HTTP 301
https://babesinhairland.com/wp-content/uploads/sb-instagram-feed-images/74611878_494760484453465_4282114128014529382_nlow.jpg

Request Chain 144

https://bcp.crwdcntrl.net/5/c=13511/rand=573709179/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=13511/rand=573709179/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr

Request Chain 145

http://babesinhairland.com/wp-content/plugins/simple-social-icons/symbol-defs.svg HTTP 301
https://babesinhairland.com/wp-content/plugins/simple-social-icons/symbol-defs.svg

Request Chain 146

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/e3e558fef8f80c45d31051cb2e61b102/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4266901740972347906

Request Chain 147

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=e3e558fef8f80c45d31051cb2e61b102&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=e3e558fef8f80c45d31051cb2e61b102&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=63372857739706555413232315337093838843

Request Chain 148

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=3db360d8-a40e-4d00-847b-3c8d7ca5a0d8

Request Chain 150

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YNikDwACN-VougA4 HTTP 302
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YNikDwACN-VougA4&_test=YNikDwACN-VougA4

Request Chain 151

https://id5-sync.com/s/19/9.gif?puid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1 HTTP 302
https://id5-sync.com/c/19/19/9/1.gif?puid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1&gdpr_consent= HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOWo8LZfnJi51FSpdN3RLPEpiNZX-evjdug0EssA/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F8%2F2.gif%3Fpuid%3D%24%21%7BTURN_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/224/8/2.gif?puid=4266901740972347906&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F7%2F3.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://tags.bluekai.com/site/5907?limit=0&id=f4df576341470c036731eac8a120c1cf&redir=https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID HTTP 302
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOWo8LZfnJi51FSpdN3RLPEpiNZX-evjdug0EssA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZTNlNTU4ZmVmOGY4MGM0NWQzMTA1MWNiMmU2MWIxMDI&google_redir={xENCODEDURL}&id5id=ID5-ZHMOWo8LZfnJi51FSpdN3RLPEpiNZX-evjdug0EssA

Request Chain 338

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBudqgv7vLLlV4UYyHid4U&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBudqgv7vLLlV4UYyHid4U&google_cver=1&C=1

Request Chain 339

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YNikEcJyk9hLCOh0LWheMQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBudqgv7vLLlV4UYyHid4U&google_cver=1

Request Chain 340

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEH4VGyEIMkB35O2DbYwmy8s&google_cver=1

Request Chain 341

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAzMDcxMjY0ODgzNjA2MzMwMw%3D%3D

Request Chain 347

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB85RxblA7qFk0T3nR2_zj4&google_cver=1

Request Chain 348

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWYxYmFkMjYtMmNlNC02MGI3LTU1NjctMzVjZDE0ZmYyYjc1

Request Chain 349

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEOQvuqw4O_6sj2TFbsVwLrw&google_cver=1

Request Chain 350

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZDA3NjdlZjQ4MmJkNjlkMWU5NDc2OGYxNTE5ZWMyN2UzMDNmM2Y4MA==

Request Chain 385

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1

Request Chain 388

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1

Request Chain 389

https://ap.lijit.com/beacon?informer=13208641 HTTP 302
https://ap.lijit.com/beacon?informer=13208641&dnr=1

Request Chain 390

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1

Request Chain 392

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1

Request Chain 393

https://ap.lijit.com/beacon?informer=13208641 HTTP 302
https://ap.lijit.com/beacon?informer=13208641&dnr=1

Request Chain 394

https://ap.lijit.com/beacon?informer=13208641 HTTP 302
https://ap.lijit.com/beacon?informer=13208641&dnr=1

Request Chain 398

https://ap.lijit.com/beacon?informer=13208641 HTTP 302
https://ap.lijit.com/beacon?informer=13208641&dnr=1

Request Chain 414

https://id5-sync.com/s/441/9.gif?puid=e_e75e0462-28dd-402e-ad52-51eb30c928db&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/441/9/1.gif?puid=e_e75e0462-28dd-402e-ad52-51eb30c928db&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOE-aNF-HhhO1cZxR_ljZ8LROTtE8eMOjW-CLanQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOE-aNF-HhhO1cZxR_ljZ8LROTtE8eMOjW-CLanQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/441/124/8/2.gif?puid=40b3141a-2e0c-4166-b5a8-15f957ea8ea7&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_tc= HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEL5BqELupMWkrbJbQRgtKxU&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEL5BqELupMWkrbJbQRgtKxU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEL5BqELupMWkrbJbQRgtKxU%26sd%3DY2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY%26action%3DGET_ID%26etid%3D%26domid%3D1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=21822931341783706&opid=apx&ops=&utidl=tech:goo:CAESEL5BqELupMWkrbJbQRgtKxU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A18289642914&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY

Request Chain 415

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qiRtCTJu1LXxrd5

Request Chain 416

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx

Request Chain 417

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1179862143521709837

Request Chain 418

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBX0FVN0JzVWdBQURkeVp4NjhoQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBX0FVN0JzVWdBQURkeVp4NjhoQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1&google_tc= HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Request Chain 419

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=849160d8-a412-4b00-8819-83c2bca93e3d

Request Chain 420

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=9MLkmKPGsZPvx-HD-sqtwvTBs5Xvl7LF8ZMNAF-b

Request Chain 421

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=163499063222359301

Request Chain 423

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjAwZWM2NDMtZmNhZS02ZGIyLTc5MjItYWM3NTAwZmI4OWQz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjAwZWM2NDMtZmNhZS02ZGIyLTc5MjItYWM3NTAwZmI4OWQz&google_tc=

Request Chain 424

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMzvAp29udujgHpF3Pr92_U&google_cver=1

Request Chain 425

https://aorta.clickagy.com/pixel.gif?ch=185&cm=f73322e226fec3339194a7f5&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=84&3pid=c:28753d24e082ffceb614ddb265acfb14

Request Chain 426

https://px.owneriq.net/eucm/p/sv?gdpr=1&gdpr_consent= HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6780969162044315887&ref=%2Feucm%2Fp%2Fsv HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 428

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=QtJFZRXWEG5Z10A5FtYMbxbURWtZ2xI-R4QIdOa6

Request Chain 429

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1 HTTP 302
https://ap.lijit.com/dsp/google/reporting?gdpr=1

Request Chain 430

https://ums.acuityplatform.com/tum?umid=27&uid=f73322e226fec3339194a7f5&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=66&3pid=588459528942

Request Chain 432

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=f73322e226fec3339194a7f5/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent= HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=f73322e226fec3339194a7f5/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1&gdpr_consent=

Request Chain 433

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1

Request Chain 434

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=

Request Chain 437

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=49&3pid=9jf4kSeyk5Mz&ev=1&pid=558511&gdpr_consent=&gdpr=1

Request Chain 439

https://um.simpli.fi/lj_match?r=1624810515323&gdpr=1&gdpr_consent= HTTP 302
https://um.simpli.fi/no_match_opted_out

Request Chain 440

https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=

Request Chain 442

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=f73322e226fec3339194a7f5&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=3&3pid=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=

Request Chain 443

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

Request Chain 444

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=86&3pid=4uDYLn6kWCXxxm7v2zxe&pi=sovrn&gdpr_consent=&gdpr=1

Request Chain 445

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=87&3pid=ab8811c2-1404-42b1-8d9d-acc3b1bc00c7

Request Chain 446

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=10&3pid=1871597496198972778

Request Chain 447

https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

Request Chain 449

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=

Request Chain 454

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qiRtCTJu1LXxrd5

Request Chain 455

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=03e18118-4ea6-45cf-9e46-3bde6c43c14d

Request Chain 456

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1179862143521709837

Request Chain 457

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBXzFrN0JzVWdBQURXa2NvX3RqUQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBXzFrN0JzVWdBQURXa2NvX3RqUQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1&google_tc= HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Request Chain 458

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=849160d8-a412-4b00-8819-83c2bca93e3d

Request Chain 459

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=9MLkmKPGsZPvx-HD-sqtwvTBs5Xvl7LF8ZMNAF-b

Request Chain 460

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3728927827574371485

Request Chain 463

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECRo-4R4FyauiTQ78iw6xyA&google_cver=1

Request Chain 464

https://ums.acuityplatform.com/tum?umid=27&uid=595422e682081e8201db0d30&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=66&3pid=588459528988

Request Chain 465

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=595422e682081e8201db0d30&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=3&3pid=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=

Request Chain 466

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1 HTTP 302
https://ap.lijit.com/dsp/google/reporting?gdpr=1

Request Chain 468

https://um.simpli.fi/lj_match?r=1624810515327&gdpr=1&gdpr_consent= HTTP 302
https://um.simpli.fi/no_match_opted_out

Request Chain 470

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=49&3pid=FQTU3JRPJuGG&ev=1&pid=558511&gdpr_consent=&gdpr=1

Request Chain 472

https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=

Request Chain 473

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

Request Chain 476

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=

Request Chain 477

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=87&3pid=2773dc18-2dc2-452a-9264-d0f09ed8759e

Request Chain 478

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=86&3pid=4uDYLn6kWCXxxm7v2zxe&pi=sovrn&gdpr_consent=&gdpr=1

Request Chain 479

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=10&3pid=1871597496198972778

Request Chain 480

https://px.owneriq.net/eucm/p/sv?gdpr=1&gdpr_consent= HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6780969182112137680&ref=%2Feucm%2Fp%2Fsv HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 482

https://aorta.clickagy.com/pixel.gif?ch=185&cm=595422e682081e8201db0d30&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=84&3pid=c:28753d24e082ffceb614ddb265acfb14

Request Chain 483

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=595422e682081e8201db0d30/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent= HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=595422e682081e8201db0d30/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1&gdpr_consent=

Request Chain 484

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1

Request Chain 485

https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

Request Chain 487

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=GbUFHk6xUBUCsABFF71MRBm2UhMC4FNDHOR_JHHQ

Request Chain 492

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=

Request Chain 493

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qiRtCTJu1LXxrd5

Request Chain 494

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=03e18118-4ea6-45cf-9e46-3bde6c43c14d HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=03e18118-4ea6-45cf-9e46-3bde6c43c14d HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=2773dc18-2dc2-452a-9264-d0f09ed8759e&ssp=openx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=03e18118-4ea6-45cf-9e46-3bde6c43c14d

Request Chain 495

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1179862143521709837

Request Chain 496

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBN0ZFN0JzVWdBQURrRWNvX3RqUQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Request Chain 497

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=849160d8-a412-4b00-8819-83c2bca93e3d

Request Chain 498

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=9MLkmKPGsZPvx-HD-sqtwvTBs5Xvl7LF8ZMNAF-b

Request Chain 499

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=233662229606982071

Request Chain 502

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEO8wPtHP5WL-O8fXLnYrCM&google_cver=1

Request Chain 503

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qiRtCTJu1LXxrd5

Request Chain 504

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=03e18118-4ea6-45cf-9e46-3bde6c43c14d

Request Chain 505

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1179862143521709837

Request Chain 506

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCTTlFN0JzVWdBQURmbmp4bEE3QQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Request Chain 507

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=849160d8-a412-4b00-8819-83c2bca93e3d

Request Chain 508

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=9MLkmKPGsZPvx-HD-sqtwvTBs5Xvl7LF8ZMNAF-b

Request Chain 509

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5118844631533354530

Request Chain 512

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO81z9u995fYCObboErDJP8&google_cver=1

Request Chain 513

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qiRtCTJu1LXxrd5

Request Chain 514

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=openx&bds_param=03e18118-4ea6-45cf-9e46-3bde6c43c14d

Request Chain 515

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1179862143521709837

Request Chain 516

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBV3AwN0JzVWdBQURmSTZjZk9zZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Request Chain 517

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=849160d8-a412-4b00-8819-83c2bca93e3d

Request Chain 518

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=9MLkmKPGsZPvx-HD-sqtwvTBs5Xvl7LF8ZMNAF-b

Request Chain 519

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3729744099337650414

Request Chain 522

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMzvAp29udujgHpF3Pr92_U&google_cver=1

Request Chain 523

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent= HTTP 302
https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1 HTTP 302
https://ce.lijit.com/merge?pid=86&3pid=4uDYLn6kWCXxxm7v2zxe&pi=sovrn&gdpr_consent=&gdpr=1&tc=1

Request Chain 524

https://ums.acuityplatform.com/tum?umid=27&uid=595422e682081e8201db0d30&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=66&3pid=588459528988

Request Chain 525

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=595422e682081e8201db0d30&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=3&3pid=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=

Request Chain 526

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=87&3pid=5d65403f-44b7-4c99-8f36-93f391eb8228

Request Chain 527

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=10&3pid=1875819620917243625

Request Chain 528

https://um.simpli.fi/lj_match?r=1624810515319&gdpr=1&gdpr_consent= HTTP 302
https://um.simpli.fi/no_match_opted_out

Request Chain 530

https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=

Request Chain 531

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=

Request Chain 532

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1

Request Chain 534

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=49&3pid=i7YOdonsOjld&ev=1&pid=558511&gdpr_consent=&gdpr=1

Request Chain 535

https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

Request Chain 538

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

Request Chain 540

https://px.owneriq.net/eucm/p/sv?gdpr=1&gdpr_consent= HTTP 302
https://px.owneriq.net/fr/epx.gif HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 541

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=GbUFHk6xUBUCsABFF71MRBm2UhMC4FNDHOR_JHHQ

Request Chain 543

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=595422e682081e8201db0d30/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent= HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=595422e682081e8201db0d30/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1&gdpr_consent=

Request Chain 544

https://aorta.clickagy.com/pixel.gif?ch=185&cm=595422e682081e8201db0d30&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=84&3pid=c:28753d24e082ffceb614ddb265acfb14

Request Chain 545

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1 HTTP 302
https://ap.lijit.com/dsp/google/reporting?gdpr=1

Request Chain 548

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=

Request Chain 552

https://um.simpli.fi/lj_match?r=1624810515354&gdpr=1&gdpr_consent= HTTP 302
https://um.simpli.fi/no_match_opted_out

Request Chain 555

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=49&3pid=QMTQTpYMfgIJ&ev=1&pid=558511&gdpr_consent=&gdpr=1

Request Chain 556

https://px.owneriq.net/eucm/p/sv?gdpr=1&gdpr_consent= HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6780969181870854525&ref=%2Feucm%2Fp%2Fsv HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 557

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1

Request Chain 558

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=GbUFHk6xUBUCsABFF71MRBm2UhMC4FNDHOR_JHHQ

Request Chain 559

https://aorta.clickagy.com/pixel.gif?ch=185&cm=97237eb20655b0045777729f&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=84&3pid=c:28753d24e082ffceb614ddb265acfb14

Request Chain 560

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1 HTTP 302
https://ap.lijit.com/dsp/google/reporting?gdpr=1

Request Chain 563

https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=

Request Chain 564

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=

Request Chain 565

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent= HTTP 302
https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1 HTTP 302
https://ce.lijit.com/merge?pid=86&3pid=4uDYLn6kWCXxxm7v2zxe&pi=sovrn&gdpr_consent=&gdpr=1&tc=1

Request Chain 566

https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

Request Chain 567

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=10&3pid=1871597496198972778

Request Chain 568

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=97237eb20655b0045777729f&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=3&3pid=48be60d8-a415-4200-a17b-8efb71569afd&gdpr=1&gdpr_consent=

Request Chain 569

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

Request Chain 573

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=97237eb20655b0045777729f/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent= HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=97237eb20655b0045777729f/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1&gdpr_consent=

Request Chain 574

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=87&3pid=ab8811c2-1404-42b1-8d9d-acc3b1bc00c7

Request Chain 579

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=

Request Chain 585

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YNikEwACJFe9DAAC HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YNikEwACJFe9DAAC&_test=YNikEwACJFe9DAAC

Request Chain 587

https://ad.turn.com/r/cs?pid=9&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7797158699854139906&gdpr=1&gdpr_consent=&us_privacy=

Request Chain 588

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=kzeftZxfijiKtrp7GQB9CQ==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 590

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=1179862143521709837

Request Chain 592

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28xWCEBWiw2aezlWVeMQJro_wPnMjuUukqrT98vIdnTlNu501_CueF6PWjELnKmjxy%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28xWCEBWiw2aezlWVeMQJro_wPnMjuUukqrT98vIdnTlNu501_CueF6PWjELnKmjxy%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_6822a837-36e8-465d-8c57-efd22c30f6c5&obuid=ENC(xWCEBWiw2aezlWVeMQJro_wPnMjuUukqrT98vIdnTlNu501_CueF6PWjELnKmjxy)

Request Chain 593

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=bb5cb1f9-1dcc-0b40-0bb9-e621024946f5

Request Chain 595

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-FAmOhAtE2pf5RJfJzuSj1_HrVeR9ZHIDT.uv~A

Request Chain 600

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://rtb.gumgum.com/usersync?b=idi&i=f502a74b-80ed-470a-b97e-75d9008256c2

Request Chain 601

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6291105096 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6291105096 HTTP 302
https://sync.1rx.io/usersync/tradedesk/7e797ce8-a37f-4616-825a-e52146533677 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003 HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003

Request Chain 602

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=ZI7lL5I0p9lK&ev=1&pid=558355

Request Chain 603

https://ssbsync.smartadserver.com/api/sync?callerId=15 HTTP 302
https://rtb.gumgum.com/usersync?b=sad&i=6201520359979757402&gdpr=1&gdpr_consent=

Request Chain 605

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=

Request Chain 606

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YNikEwAB9olpMgBg HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=YNikEwAB9olpMgBg&gdpr=1&gdpr_consent=&_test=YNikEwAB9olpMgBg

Request Chain 612

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YNikF8Co5soAAKkMCykAAAAA

Request Chain 613

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=1871878971171637113

Request Chain 614

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1

Request Chain 617

https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1&prevuid=03030001_60d8a41ad0881&knw=0 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030001_60d8a41ad0881 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=540394477&val=03030001_60d8a41ad0881

Request Chain 618

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=0458AB34211A46359E369788D37615FC

Request Chain 621

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent= HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072977&val=no-consent&gdpr=1&gdpr_consent=

Request Chain 622

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=1179862143521709837

Request Chain 624

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28H3YyJvXq8OYoD83UBlx2roWAbb_9aD_xD4Lx-S2RfvwfkxB2D8iIhPFxoLKpS00X%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28H3YyJvXq8OYoD83UBlx2roWAbb_9aD_xD4Lx-S2RfvwfkxB2D8iIhPFxoLKpS00X%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_6822a837-36e8-465d-8c57-efd22c30f6c5&obuid=ENC(H3YyJvXq8OYoD83UBlx2roWAbb_9aD_xD4Lx-S2RfvwfkxB2D8iIhPFxoLKpS00X)

Request Chain 625

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=bb5cb1f9-1dcc-0b40-0bb9-e621024946f5

Request Chain 627

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-bODU6.pE2pdSy69geTR7J36IY_Jzz.XWZTcc~A

Request Chain 632

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://rtb.gumgum.com/usersync?b=idi&i=f502a74b-80ed-470a-b97e-75d9008256c2

Request Chain 633

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8916768008 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8916768008 HTTP 302
https://sync.1rx.io/usersync/tradedesk/7e797ce8-a37f-4616-825a-e52146533677 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003 HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003

Request Chain 634

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=Rpreblq0HGqQ&ev=1&pid=558355

Request Chain 635

https://ssbsync.smartadserver.com/api/sync?callerId=15 HTTP 302
https://rtb.gumgum.com/usersync?b=sad&i=6201520359979757402&gdpr=1&gdpr_consent=

Request Chain 637

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=

Request Chain 638

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YNikEwACJIa_1wAC

Request Chain 644

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YNikF8Co5soAAKkMC2MAAAAA

Request Chain 645

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=1871316021157751687

Request Chain 646

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1

Request Chain 649

https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1&prevuid=03030002_60d8a41ad79b5&knw=0 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030002_60d8a41ad79b5 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=540394477&val=03030002_60d8a41ad79b5

Request Chain 650

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=79302ECBCB99410ABCA6A4DBE3F65F74

Request Chain 653

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent= HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072977&val=no-consent&gdpr=1&gdpr_consent=

Request Chain 656

https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1&prevuid=03030003_60d8a41adfb1f&knw=0 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030003_60d8a41adfb1f

Request Chain 657

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=146DB681919846B2BD056E4297FCC766

Request Chain 660

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent= HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072977&val=no-consent&gdpr=1&gdpr_consent=

Request Chain 661

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=1179862143521709837

Request Chain 663

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28YARKYxV827ygRX0zbv1L3Tk0DnrT_H1d1kUfTYMn2BmwkmN0GxpKP-sIpY3NhJn9%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28YARKYxV827ygRX0zbv1L3Tk0DnrT_H1d1kUfTYMn2BmwkmN0GxpKP-sIpY3NhJn9%29

Request Chain 664

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=bb5cb1f9-1dcc-0b40-0bb9-e621024946f5

Request Chain 666

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-nMzzlcRE2pesMyTJLWdenjhLHkqQDG_jLxt0~A

Request Chain 671

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://rtb.gumgum.com/usersync?b=idi&i=f502a74b-80ed-470a-b97e-75d9008256c2

Request Chain 672

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=810729213 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=810729213 HTTP 302
https://sync.1rx.io/usersync/tradedesk/7e797ce8-a37f-4616-825a-e52146533677 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003 HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003

Request Chain 673

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=fhCGtBbUE4gF&ev=1&pid=558355

Request Chain 674

https://ssbsync.smartadserver.com/api/sync?callerId=15 HTTP 302
https://rtb.gumgum.com/usersync?b=sad&i=6201520359979757402&gdpr=1&gdpr_consent=

Request Chain 676

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=

Request Chain 683

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YNikF8Co5soAAKkMC5gAAAAA

Request Chain 684

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=1875819620917243488

Request Chain 685

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1

Request Chain 686

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=1179862143521709837

Request Chain 688

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28slHW2hiDdBdhFOz7-RIFIrRhNIOyRbtKtx2fWJnMAGEMuPqqIkLH5o6khbM_4j--%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28slHW2hiDdBdhFOz7-RIFIrRhNIOyRbtKtx2fWJnMAGEMuPqqIkLH5o6khbM_4j--%29

Request Chain 689

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=bb5cb1f9-1dcc-0b40-0bb9-e621024946f5

Request Chain 691

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-nMzzlcRE2pesMyTJLWdenjhLHkqQDG_jLxt0~A

Request Chain 696

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://rtb.gumgum.com/usersync?b=idi&i=f502a74b-80ed-470a-b97e-75d9008256c2

Request Chain 697

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4424149116 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4424149116 HTTP 302
https://sync.1rx.io/usersync/tradedesk/7e797ce8-a37f-4616-825a-e52146533677 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003 HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003

Request Chain 698

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=AqLbzUPvQBRz&ev=1&pid=558355

Request Chain 699

https://ssbsync.smartadserver.com/api/sync?callerId=15 HTTP 302
https://rtb.gumgum.com/usersync?b=sad&i=6201520359979757402&gdpr=1&gdpr_consent=

Request Chain 701

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=

Request Chain 708

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YNikGMCo5soAAKkMC9wAAAAA

Request Chain 709

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=1871316021157751788

Request Chain 710

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1

Request Chain 712

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=

Request Chain 714

https://aorta.clickagy.com/pixel.gif?ch=185&cm=595422e682081e8201db0d30&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=84&3pid=c:28753d24e082ffceb614ddb265acfb14

Request Chain 715

https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=

Request Chain 717

https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

Request Chain 718

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=49&3pid=qtjlo6BnWLpq&ev=1&pid=558511&gdpr_consent=&gdpr=1

Request Chain 719

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent= HTTP 302
https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1 HTTP 302
https://ce.lijit.com/merge?pid=86&3pid=4uDYLn6kWCXxxm7v2zxe&pi=sovrn&gdpr_consent=&gdpr=1&tc=1

Request Chain 720

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=595422e682081e8201db0d30&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=3&3pid=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=

Request Chain 721

https://um.simpli.fi/lj_match?r=1624810515568&gdpr=1&gdpr_consent= HTTP 302
https://um.simpli.fi/no_match_opted_out

Request Chain 724

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=10&3pid=1871597496198972778 HTTP 302
https://ce.lijit.com/merge?pid=10&3pid=1871597496198972778&dnr=1

Request Chain 725

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1

Request Chain 727

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

Request Chain 729

https://px.owneriq.net/eucm/p/sv?gdpr=1&gdpr_consent= HTTP 302
https://px.owneriq.net/fr/epx.gif HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 730

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=595422e682081e8201db0d30/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent= HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=595422e682081e8201db0d30/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1&gdpr_consent=

Request Chain 731

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1 HTTP 302
https://ap.lijit.com/dsp/google/reporting?gdpr=1

Request Chain 734

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=87&3pid=ab8811c2-1404-42b1-8d9d-acc3b1bc00c7

Request Chain 739

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=

Request Chain 740

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
https://sync.bfmio.com/sync?pid=106&uid=401e94ba-67bb-4dbf-ba51-150789679d4d

Request Chain 741

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
https://sync.bfmio.com/sync?pid=106&uid=401e94ba-67bb-4dbf-ba51-150789679d4d

Request Chain 742

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
https://sync.bfmio.com/sync?pid=106&uid=401e94ba-67bb-4dbf-ba51-150789679d4d

Request Chain 743

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
https://sync.bfmio.com/sync?pid=106&uid=401e94ba-67bb-4dbf-ba51-150789679d4d

Request Chain 744

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
https://sync.bfmio.com/sync?pid=106&uid=401e94ba-67bb-4dbf-ba51-150789679d4d

Request Chain 746

https://us-u.openx.net/w/1.0/cm?id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id= HTTP 302
https://ad.yieldlab.net/m?dt_id=2448064&ext_id=869ee2c3-6544-0a13-1c55-d7ca35774687

Request Chain 749

https://eu-u.openx.net/w/1.0/cm?id=05b4ec5e-f604-4a08-bcaf-b4806bac0361&r=https://sync.teads.tv/um?eid=64&uid= HTTP 302
https://sync.teads.tv/um?eid=64&uid=f91b4fb4-d354-084c-1db0-c9b0c35c8785

Request Chain 751

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=14b769f4-2973-88ec-accc-745ba22a8c53 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=14b769f4-2973-88ec-accc-745ba22a8c53&dcc=t

Request Chain 760

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://rtb.gumgum.com/usersync?b=idi&i=f502a74b-80ed-470a-b97e-75d9008256c2

Request Chain 761

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4516161979 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4516161979 HTTP 302
https://sync.1rx.io/usersync/tradedesk/151fa5dd-6740-4acd-938a-1d3baf788e8c HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003 HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003

Request Chain 762

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=H4fsR0PnWvmU&ev=1&pid=558355

Request Chain 763

https://ssbsync.smartadserver.com/api/sync?callerId=15 HTTP 302
https://rtb.gumgum.com/usersync?b=sad&i=6201520359979757402&gdpr=1&gdpr_consent=

Request Chain 770

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YNikGMCo5soAAKkMDCoAAAAA

Request Chain 771

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=1871597496198972629

Request Chain 772

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum

771 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/ 123 KB
40 KB 1727ms
1607ms Document
text/html 192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

HTTP/1.1

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

Sucuri/Cloudproxy /

Resource Hash

8d91995862fb6bfce55aeed1035c54c4e2f4c83eb0cfb01df6d711aa7d0e7ea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: babesinhairland.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Sucuri/Cloudproxy
Date: Sun, 27 Jun 2021 16:15:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Sucuri-ID: 19026
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Link: <https://babesinhairland.com/wp-json/>; rel="https://api.w.org/", <https://babesinhairland.com/wp-json/wp/v2/posts/13787>; rel="alternate"; type="application/json", <https://babesinhairland.com/?p=13787>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Referrer-Policy
X-Sucuri-Cache: EXPIRED

GET
H2

200

cv.css
babesinhairland.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/
Redirect Chain

http://babesinhairland.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.4.0.1
https://babesinhairland.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.4.0.1

76 KB
16 KB

60ms
20ms

Stylesheet
text/css

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://babesinhairland.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.4.0.1

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

7a8fee0a8096e3de089202f91f26ec7a5fdf7aa08106b35a8e5bc39fbcd978c2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 15501
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Tue, 16 Mar 2021 03:03:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.4.0.1
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 333
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

sbi-styles.min.css
babesinhairland.com/wp-content/plugins/instagram-feed/css/
Redirect Chain

http://babesinhairland.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.1
https://babesinhairland.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.1

16 KB
4 KB

20ms
20ms

Stylesheet
text/css

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://babesinhairland.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.1

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

df15236d4098113e3479fc540a9bd1046ca6029f5508098e9c4245a0e12fab05

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3978
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 20 May 2021 18:35:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.1
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 302
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

style.css
babesinhairland.com/wp-content/themes/restored316-divine/
Redirect Chain

http://babesinhairland.com/wp-content/themes/restored316-divine/style.css?ver=1.0.4
https://babesinhairland.com/wp-content/themes/restored316-divine/style.css?ver=1.0.4

58 KB
17 KB

91ms
51ms

Stylesheet
text/css

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://babesinhairland.com/wp-content/themes/restored316-divine/style.css?ver=1.0.4

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

393e660d33c8d0ae580f2d9029cf6f412c556de3a876e6544cdd3c916898dded

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 16682
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 14 Sep 2017 01:49:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/themes/restored316-divine/style.css?ver=1.0.4
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 292
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

style.min.css
babesinhairland.com/wp-includes/css/dist/block-library/
Redirect Chain

http://babesinhairland.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
https://babesinhairland.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2

57 KB
12 KB

73ms
34ms

Stylesheet
text/css

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://babesinhairland.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 11763
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 15 Apr 2021 10:46:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 294
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

client.css
babesinhairland.com/wp-content/plugins/jquery-pin-it-button-for-images/css/
Redirect Chain

http://babesinhairland.com/wp-content/plugins/jquery-pin-it-button-for-images/css/client.css?ver=3.0.6
https://babesinhairland.com/wp-content/plugins/jquery-pin-it-button-for-images/css/client.css?ver=3.0.6

2 KB
1 KB

20ms
19ms

Stylesheet
text/css

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://babesinhairland.com/wp-content/plugins/jquery-pin-it-button-for-images/css/client.css?ver=3.0.6

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

d5bb8e9097a2f622718cd4922fe78ee9957d7710c58adb81e119a48ce9ed9791

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 686
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 14 Oct 2020 20:29:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/plugins/jquery-pin-it-button-for-images/css/client.css?ver=3.0.6
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 311
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/
Redirect Chain

http://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.7.2
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.7.2

23 KB
6 KB

36ms
21ms

Stylesheet
text/css

2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.7.2

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617, 617
age: 4590474
cdn-cachedat: 2021-05-05 14:56:30
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aefd9eb1b00001776ae3ea000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: e9b67703255eb7bbe071bc1ab7351f16
cf-ray: 665ff8f1cdc31776-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

Redirect headers

Location: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.7.2
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK css
fonts.googleapis.com/ 9 KB
1 KB 18ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Playfair+Display%7CLato%3A400%2C400italic%2C700%2C700italic%7CSource+Serif+Pro%7COswald%3A300%2C400&ver=5.7.2

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fab481879e9b2ea0d82718242d3da2c28f577d2af05c643aeae8e75e8647b9eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 27 Jun 2021 16:15:09 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Sun, 27 Jun 2021 16:15:09 GMT

GET
H2

200

dashicons.min.css
babesinhairland.com/wp-includes/css/
Redirect Chain

http://babesinhairland.com/wp-includes/css/dashicons.min.css?ver=5.7.2
https://babesinhairland.com/wp-includes/css/dashicons.min.css?ver=5.7.2

58 KB
35 KB

60ms
38ms

Stylesheet
text/css

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://babesinhairland.com/wp-includes/css/dashicons.min.css?ver=5.7.2

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 15 Apr 2021 10:46:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-includes/css/dashicons.min.css?ver=5.7.2
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 279
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

style.css
babesinhairland.com/wp-content/plugins/simple-social-icons/css/
Redirect Chain

http://babesinhairland.com/wp-content/plugins/simple-social-icons/css/style.css?ver=3.0.2
https://babesinhairland.com/wp-content/plugins/simple-social-icons/css/style.css?ver=3.0.2

1 KB
837 B

53ms
31ms

Stylesheet
text/css

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://babesinhairland.com/wp-content/plugins/simple-social-icons/css/style.css?ver=3.0.2

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

f230538018f9156f925bd667c6ac4f437ae4541b9d421424728592d359b499c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 447
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Tue, 21 Apr 2020 18:29:55 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/plugins/simple-social-icons/css/style.css?ver=3.0.2
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 298
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

styles_thumbnails.css
babesinhairland.com/wp-content/plugins/yet-another-related-posts-plugin/style/
Redirect Chain

http://babesinhairland.com/wp-content/plugins/yet-another-related-posts-plugin/style/styles_thumbnails.css?ver=5.22.0
https://babesinhairland.com/wp-content/plugins/yet-another-related-posts-plugin/style/styles_thumbnails.css?ver=5.22.0

517 B
613 B

56ms
35ms

Stylesheet
text/css

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://babesinhairland.com/wp-content/plugins/yet-another-related-posts-plugin/style/styles_thumbnails.css?ver=5.22.0

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

9c9e475d04f59873b52fb2512dfc901f441628235b82f9ed6a3e43b6ff360a82

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 223
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 26 May 2021 18:26:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/plugins/yet-another-related-posts-plugin/style/styles_thumbnails.css?ver=5.22.0
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 326
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

ytprefs.min.css
babesinhairland.com/wp-content/plugins/youtube-embed-plus/styles/
Redirect Chain

http://babesinhairland.com/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=13.4.2
https://babesinhairland.com/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=13.4.2

6 KB
2 KB

53ms
49ms

Stylesheet
text/css

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://babesinhairland.com/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=13.4.2

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

54b16a534f27d39f8edb7dd908ecf182b4be466f86f28ac0f01f415f2ba9d1cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1680
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Tue, 16 Mar 2021 03:03:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=13.4.2
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 307
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

jquery.min.js Show response
babesinhairland.com/wp-includes/js/jquery/
Redirect Chain

http://babesinhairland.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
https://babesinhairland.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

87 KB
39 KB

60ms
56ms

Script
application/javascript

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://babesinhairland.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 16 Dec 2020 16:27:35 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 281
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

jquery-migrate.min.js Show response
babesinhairland.com/wp-includes/js/jquery/
Redirect Chain

http://babesinhairland.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
https://babesinhairland.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

11 KB
5 KB

57ms
54ms

Script
application/javascript

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://babesinhairland.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4618
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 16 Dec 2020 16:27:35 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 289
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK st_insights.js Show response
w.sharethis.com/button/ 26 KB
8 KB 32ms
16ms Script
application/javascript 2600:9000:2104:8c00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://w.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: HTTP/1.1
Server: 2600:9000:2104:8c00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f8284365ba340253ee9c71cfb5efcc37f10a23e8b8b5dd134ec7bbab05073845

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 07:42:40 GMT
Content-Encoding: gzip
Age: 30749
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 7567
Server: nginx/1.16.1
ETag: W/"60256fd5-676f"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
Cache-Control: max-age=259200
X-Amz-Cf-Pop: AMS1-C1
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: -_hfr_hUuUuvQwn3CkCyQGrkrqmnYsPzNR9aRFHc3ONQ1y8vUMCV1g==
Expires: Wed, 30 Jun 2021 07:42:40 GMT

GET
H2

200

responsive-menu.js Show response
babesinhairland.com/wp-content/themes/restored316-divine/js/
Redirect Chain

http://babesinhairland.com/wp-content/themes/restored316-divine/js/responsive-menu.js?ver=1.0.0
https://babesinhairland.com/wp-content/themes/restored316-divine/js/responsive-menu.js?ver=1.0.0

881 B
741 B

47ms
47ms

Script
application/javascript

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://babesinhairland.com/wp-content/themes/restored316-divine/js/responsive-menu.js?ver=1.0.0

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

caf9ba0c928dfb166f5f2adea37b154ead7462478f787e1e53ceeda27ae705e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 341
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Mon, 27 Feb 2017 17:08:29 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/themes/restored316-divine/js/responsive-menu.js?ver=1.0.0
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 304
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

svgxuse.js Show response
babesinhairland.com/wp-content/plugins/simple-social-icons/
Redirect Chain

http://babesinhairland.com/wp-content/plugins/simple-social-icons/svgxuse.js?ver=1.1.21
https://babesinhairland.com/wp-content/plugins/simple-social-icons/svgxuse.js?ver=1.1.21

9 KB
3 KB

48ms
47ms

Script
application/javascript

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://babesinhairland.com/wp-content/plugins/simple-social-icons/svgxuse.js?ver=1.1.21

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

860e4b944663ab48a4929f7f995379090822e06521ab6321612490be84de42fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2742
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Tue, 21 Apr 2020 18:29:55 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/plugins/simple-social-icons/svgxuse.js?ver=1.1.21
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 296
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

ytprefs.min.js Show response
babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/
Redirect Chain

http://babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.2
https://babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.2

10 KB
4 KB

48ms
48ms

Script
application/javascript

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.2

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

ddda47b049ec774960fe39b5c0fca40c15abf80158daec17c8e29146d1d1c31e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3915
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Tue, 16 Mar 2021 03:03:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.2
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 307
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 17a629-baa3-4516-93c8-2f929a29d754.js Show response
monu.delivery/site/7/5/ 515 KB
141 KB 138ms
124ms Script
application/javascript 2600:1901:0:333a::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: HTTP/1.1
Server: 2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 429b80a45d2956c684096828b42a23397a043560a715efd33235abb25d21ea57

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
Content-Encoding: gzip
Content-Type: application/javascript
Age: 0
Transfer-Encoding: chunked
X-Cache: MISS
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Last-Modified: Fri, 25 Jun 2021 17:09:51 GMT
Server: nginx
Vary: Accept-Encoding
x-goog-hash: crc32c=Yfd7lg==, md5=mFk7hAbDSFDzFBAKfmL4bA==
x-goog-generation: 1624640991720835
Via: 1.1 google
Cache-Control: max-age=7200
x-goog-stored-content-length: 527729
X-GUploader-UploadID: ADPycdvPK5hxWRSWibPUC9q2g8KZF6wS-YumSyb2Xpe4lW5FjayWTm9XbBN8xdQo4fDaoIM8a5OawDx-1kN3bkwNHSkGt3sytA
Expires: Sun, 27 Jun 2021 18:15:09 GMT

GET
H2

200

sdk.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/sdk.js
https://connect.facebook.net/en_US/sdk.js

3 KB
2 KB

6ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

99fca8368b4c30000d57b8bd52eaeda6861af2404215bba179834621ec6b83e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: +nMHgPsg5UWe98V0i6KtFg==
cross-origin-resource-policy: cross-origin
expires: Sun, 27 Jun 2021 16:18:02 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: gh3ITu56/Rlhh0RXh+hN7fSuE6lavEfvLOCZUCGgu7WV9gn625q33zPgz2zDkfKr3Je6kd/Mc9qp7pxH6pOYqA==
x-fb-trip-id: 2050670934
x-fb-content-md5: 8b622416475275d5c2dd47950a787e83
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Sun, 27 Jun 2021 16:15:09 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "bae436993097476ec18e071cc6e9694b"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

Redirect headers

Location: https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.6
Non-Authoritative-Reason: HSTS

GET
H2

200

wp-emoji-release.min.js Show response
babesinhairland.com/wp-includes/js/
Redirect Chain

http://babesinhairland.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
https://babesinhairland.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2

14 KB
5 KB

18ms
18ms

Script
application/javascript

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://babesinhairland.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4942
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 03 Feb 2021 22:54:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 284
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

profile.png
babesinhairland.com/wp-content/uploads/
Redirect Chain

http://babesinhairland.com/wp-content/uploads/profile.png
https://babesinhairland.com/wp-content/uploads/profile.png

197 KB
198 KB

35ms
35ms

Image
image/png

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://babesinhairland.com/wp-content/uploads/profile.png

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

80519b748f4b8535d7d0be4f67ff397bfadf10580f2fabd6eb79fbc608565159

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 202186
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Mon, 27 Feb 2017 19:43:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/uploads/profile.png
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 266
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

YourAdHere3ab.jpg
babesinhairland.com/wp-content/uploads/
Redirect Chain

http://babesinhairland.com/wp-content/uploads/YourAdHere3ab.jpg
https://babesinhairland.com/wp-content/uploads/YourAdHere3ab.jpg

29 KB
30 KB

54ms
54ms

Image
image/jpeg

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://babesinhairland.com/wp-content/uploads/YourAdHere3ab.jpg

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

01bc53d4891be400d81d52d44a82d21ae53beb7ed6c50c2df137d8a06aeb9bb8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 30075
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 02 Mar 2017 04:53:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/uploads/YourAdHere3ab.jpg
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 272
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

BOMB-ad-300x250JPG-1.jpg
babesinhairland.com/wp-content/uploads/
Redirect Chain

http://babesinhairland.com/wp-content/uploads/BOMB-ad-300x250JPG-1.jpg
https://babesinhairland.com/wp-content/uploads/BOMB-ad-300x250JPG-1.jpg

59 KB
59 KB

54ms
54ms

Image
image/jpeg

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://babesinhairland.com/wp-content/uploads/BOMB-ad-300x250JPG-1.jpg

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

3dfe97f4a77c2c40074e1ba976547598ef1bc1f336d67b35217f68cc729b378a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 59932
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Mon, 08 Oct 2018 19:53:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/uploads/BOMB-ad-300x250JPG-1.jpg
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 279
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

ChildrenWHairLossAd100x300.jpg
babesinhairland.com/wp-content/uploads/
Redirect Chain

http://babesinhairland.com/wp-content/uploads/ChildrenWHairLossAd100x300.jpg
https://babesinhairland.com/wp-content/uploads/ChildrenWHairLossAd100x300.jpg

30 KB
31 KB

54ms
54ms

Image
image/jpeg

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://babesinhairland.com/wp-content/uploads/ChildrenWHairLossAd100x300.jpg

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

859a299f6ba1ab8b2f235363828f6f3185e86505e12183832acb764b3ac0029c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 31208
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Tue, 05 Jan 2016 19:28:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/uploads/ChildrenWHairLossAd100x300.jpg
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 285
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 babesinhairlandblog.jpg
babesinhairland.com/wp-content/uploads/sb-instagram-feed-images/ 6 KB
7 KB 20ms
18ms Image
image/jpeg 192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://babesinhairland.com/wp-content/uploads/sb-instagram-feed-images/babesinhairlandblog.jpg

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

924f2fb8066b66f4c163d433908df4c2c997250c5146d8a210c917b3e334206f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 6326
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Tue, 19 May 2020 20:23:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

placeholder.png
babesinhairland.com/wp-content/plugins/instagram-feed/img/
Redirect Chain

http://babesinhairland.com/wp-content/plugins/instagram-feed/img/placeholder.png
https://babesinhairland.com/wp-content/plugins/instagram-feed/img/placeholder.png

176 B
532 B

18ms
18ms

Image
image/png

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://babesinhairland.com/wp-content/plugins/instagram-feed/img/placeholder.png

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 176
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 20 May 2021 18:35:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/plugins/instagram-feed/img/placeholder.png
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 289
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

pinit.js Show response
assets.pinterest.com/js/
Redirect Chain

http://assets.pinterest.com/js/pinit.js
https://assets.pinterest.com/js/pinit.js

361 B
431 B

22ms
6ms

Script
application/javascript

2a02:26f0:6c00:2a7::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a7::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: br
x-cdn: akamai
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=195
accept-ranges: bytes
content-length: 203
access-control-expose-headers: X-CDN

Redirect headers

Location: https://assets.pinterest.com/js/pinit.js
Non-Authoritative-Reason: HSTS

GET
H2

200

ssba.css
babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/css/
Redirect Chain

http://babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/css/ssba.css?ver=5.7.2
https://babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/css/ssba.css?ver=5.7.2

122 KB
21 KB

44ms
43ms

Stylesheet
text/css

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/css/ssba.css?ver=5.7.2

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

f4d4eda42f85c6ccbbb5de2aff596085b3b1d380c8585464f2e53df2cad66f8e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 06 Jan 2021 18:50:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/css/ssba.css?ver=5.7.2
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 304
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

related.css
babesinhairland.com/wp-content/plugins/yet-another-related-posts-plugin/style/
Redirect Chain

http://babesinhairland.com/wp-content/plugins/yet-another-related-posts-plugin/style/related.css?ver=5.22.0
https://babesinhairland.com/wp-content/plugins/yet-another-related-posts-plugin/style/related.css?ver=5.22.0

495 B
674 B

43ms
43ms

Stylesheet
text/css

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://babesinhairland.com/wp-content/plugins/yet-another-related-posts-plugin/style/related.css?ver=5.22.0

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

a48e3091c3e26309f1329bb7ee2812cf158deb93cd80fe6439e53e8d57e58d3d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 284
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 26 May 2021 18:26:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/plugins/yet-another-related-posts-plugin/style/related.css?ver=5.22.0
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 316
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

cv.js Show response
babesinhairland.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/
Redirect Chain

http://babesinhairland.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.4.0.1
https://babesinhairland.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.4.0.1

23 KB
9 KB

18ms
18ms

Script
application/javascript

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://babesinhairland.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.4.0.1

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

8be3ffe5523bec1b0c3336590a969ba5a8a9e93d879558ffe7157f17f248ecbf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 8892
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Tue, 16 Mar 2021 03:03:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.4.0.1
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 331
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

jpibfi.client.js Show response
babesinhairland.com/wp-content/plugins/jquery-pin-it-button-for-images/js/
Redirect Chain

http://babesinhairland.com/wp-content/plugins/jquery-pin-it-button-for-images/js/jpibfi.client.js?ver=3.0.6
https://babesinhairland.com/wp-content/plugins/jquery-pin-it-button-for-images/js/jpibfi.client.js?ver=3.0.6

14 KB
6 KB

39ms
38ms

Script
application/javascript

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://babesinhairland.com/wp-content/plugins/jquery-pin-it-button-for-images/js/jpibfi.client.js?ver=3.0.6

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

41ecb8fd0d1474f9c108f5c08824dbbe7d7c81494268d0849abb76e5c6217400

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 6001
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 14 Oct 2020 20:29:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/plugins/jquery-pin-it-button-for-images/js/jpibfi.client.js?ver=3.0.6
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 316
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

ssba.js Show response
babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/js/
Redirect Chain

http://babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=5.7.2
https://babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=5.7.2

2 KB
1 KB

39ms
39ms

Script
application/javascript

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=5.7.2

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 864
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 06 Jan 2021 18:50:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=5.7.2
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 302
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

fitvids.min.js Show response
babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/
Redirect Chain

http://babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=13.4.2
https://babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=13.4.2

3 KB
1 KB

39ms
38ms

Script
application/javascript

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=13.4.2

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1050
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Tue, 16 Mar 2021 03:03:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=13.4.2
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 307
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

wp-embed.min.js Show response
babesinhairland.com/wp-includes/js/
Redirect Chain

http://babesinhairland.com/wp-includes/js/wp-embed.min.js?ver=5.7.2
https://babesinhairland.com/wp-includes/js/wp-embed.min.js?ver=5.7.2

1 KB
1 KB

18ms
18ms

Script
application/javascript

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://babesinhairland.com/wp-includes/js/wp-embed.min.js?ver=5.7.2

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 777
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 03 Feb 2021 22:54:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-includes/js/wp-embed.min.js?ver=5.7.2
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 276
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

sbi-scripts.min.js Show response
babesinhairland.com/wp-content/plugins/instagram-feed/js/
Redirect Chain

http://babesinhairland.com/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=2.9.1
https://babesinhairland.com/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=2.9.1

25 KB
10 KB

18ms
18ms

Script
application/javascript

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://babesinhairland.com/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=2.9.1

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

2717481d28d98b22e3277c45a2a0529b5044aef42d8f262ca7e11e73240c563d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 9333
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 20 May 2021 18:35:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=2.9.1
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 301
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cc_af.js Show response
tags.crwdcntrl.net/c/13511/ 37 KB
11 KB 67ms
25ms Script
application/json 65.9.77.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/13511/cc_af.js
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35c73f9c2955390a1ff1e4caf89302da9fd3759caac58aeab47491f238c2e8d6

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 26 Jun 2021 20:12:31 GMT
content-encoding: gzip
etag: W/"2c5bd072799166d50f4c55655290d1e4"
last-modified: Fri, 24 Apr 2020 15:00:16 GMT
server: AmazonS3
age: 72171
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: h59ZtGgLSFPK2q3IPF9zYjFxVCc_SZ-EaDRF1jtpGXlDmP3amjctZQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 2604
date: Sun, 27 Jun 2021 15:31:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Sun, 27 Jun 2021 17:31:45 GMT

GET

symbol-defs.svg
babesinhairland.com/wp-content/plugins/simple-social-icons/
Redirect Chain

http://babesinhairland.com/wp-content/plugins/simple-social-icons/symbol-defs.svg
https://babesinhairland.com/wp-content/plugins/simple-social-icons/symbol-defs.svg

0
0

GET
H2

200

header.png
babesinhairland.com/wp-content/uploads/
Redirect Chain

http://babesinhairland.com/wp-content/uploads/header.png
https://babesinhairland.com/wp-content/uploads/header.png

28 KB
28 KB

72ms
72ms

Image
image/png

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://babesinhairland.com/wp-content/uploads/header.png

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

767a2699978d5f976aad931075245e00e525bb26cbc9699148f0ee81791b628f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 28666
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Mon, 27 Feb 2017 17:05:45 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/uploads/header.png
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 265
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
fonts.gstatic.com/s/oswald/v36/ 23 KB
24 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/oswald/v36/TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Playfair+Display%7CLato%3A400%2C400italic%2C700%2C700italic%7CSource+Serif+Pro%7COswald%3A300%2C400&ver=5.7.2

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81b683dd9d42cd417d7d9b29ab60b1d30c8f3b6d0cd6dde6587725805559a7d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://babesinhairland.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 13:47:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 28 Jan 2021 20:31:25 GMT
Server: sffe
Age: 440844
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 24052
X-XSS-Protection: 0
Expires: Wed, 22 Jun 2022 13:47:45 GMT

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Origin: http://babesinhairland.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H/1.1 200
OK nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v22/ 28 KB
28 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/playfairdisplay/v22/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Playfair+Display%7CLato%3A400%2C400italic%2C700%2C700italic%7CSource+Serif+Pro%7COswald%3A300%2C400&ver=5.7.2

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5348e4d76366efc13f2bcb5a5ce138e581e90d570a09d0ec66a8cab4920be6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://babesinhairland.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 12:30:06 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 28 Jan 2021 20:30:38 GMT
Server: sffe
Age: 445503
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 28568
X-XSS-Protection: 0
Expires: Wed, 22 Jun 2022 12:30:06 GMT

GET
H2 200 PicMonkey-Image3-768x1088.jpg
babesinhairland.com/wp-content/uploads/ 128 KB
129 KB 612ms
611ms Image
image/jpeg 192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://babesinhairland.com/wp-content/uploads/PicMonkey-Image3-768x1088.jpg

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

cd40be7044447066cdf5b56767a13f3d75fbf041f82af86ed584b743556e5df6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 131505
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Tue, 16 May 2017 20:56:49 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG_6712_edited-1a-380x501.jpg
babesinhairland.com/wp-content/uploads/ 30 KB
31 KB 612ms
610ms Image
image/jpeg 192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://babesinhairland.com/wp-content/uploads/IMG_6712_edited-1a-380x501.jpg

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

b73c021e58f6dd7800ef1baea88cf7d6884c8caa55448c9d2fa20acbac866d3e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 30976
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Tue, 16 May 2017 21:05:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET ir
ir-na.amazon-adsystem.com/e/ 0
0

GET
H2

200

Screen-Shot-2017-05-16-at-10.04.47-AM.png
babesinhairland.com/wp-content/uploads/
Redirect Chain

http://babesinhairland.com/wp-content/uploads/Screen-Shot-2017-05-16-at-10.04.47-AM.png
https://babesinhairland.com/wp-content/uploads/Screen-Shot-2017-05-16-at-10.04.47-AM.png

157 KB
157 KB

18ms
18ms

Image
image/png

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://babesinhairland.com/wp-content/uploads/Screen-Shot-2017-05-16-at-10.04.47-AM.png

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

5e3ba50735e39b68f1b1fee83e1925282766044ea5d671b764ed4a1dc04489b6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 160409
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Tue, 16 May 2017 16:22:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/uploads/Screen-Shot-2017-05-16-at-10.04.47-AM.png
X-Sucuri-Cache: MISS
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 296
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET ir
ir-na.amazon-adsystem.com/e/ 0
0

GET
H2 200 PicMonkey-Collage-380x380.jpg
babesinhairland.com/wp-content/uploads/ 15 KB
15 KB 611ms
610ms Image
image/jpeg 192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://babesinhairland.com/wp-content/uploads/PicMonkey-Collage-380x380.jpg

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

19bcc24c9bbfc76a64d4578491ebf057cba9fff8d6fa566e027832a5ee91b913

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 15390
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Tue, 16 May 2017 16:34:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET ir
ir-na.amazon-adsystem.com/e/ 0
0

GET
H2

200

Screen-Shot-2017-05-16-at-10.07.32-AM.png
babesinhairland.com/wp-content/uploads/
Redirect Chain

http://babesinhairland.com/wp-content/uploads/Screen-Shot-2017-05-16-at-10.07.32-AM.png
https://babesinhairland.com/wp-content/uploads/Screen-Shot-2017-05-16-at-10.07.32-AM.png

94 KB
94 KB

18ms
18ms

Image
image/png

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://babesinhairland.com/wp-content/uploads/Screen-Shot-2017-05-16-at-10.07.32-AM.png

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

b86d04082bc03dd77a69851d3ee615b51b0ae6b0f0765c18b26bb3ef4d7f1ee1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 95909
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Tue, 16 May 2017 16:22:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/uploads/Screen-Shot-2017-05-16-at-10.07.32-AM.png
X-Sucuri-Cache: MISS
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 296
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame 0BF1 2 KB
1 KB 46ms
14ms Document
text/html 2600:9000:2104:5200:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: w.sharethis.com
URL: http://w.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:5200:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
cache-control: max-age=3600, public
date: Sun, 27 Jun 2021 16:14:33 GMT
etag: W/"865-g9QqzjbIJI1xmvSY3DM2A/8Cpl8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: HmNN7hmR3X5qlPOsW2yqCyyxFX0cgB_FM3gKNMw9exKjvaaOttLGLQ==
age: 36

GET
H2 200 icon-search.png
babesinhairland.com/wp-content/themes/restored316-divine/images/ 1 KB
2 KB 39ms
38ms Image
image/png 192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://babesinhairland.com/wp-content/themes/restored316-divine/images/icon-search.png

Requested by

Host: babesinhairland.com
URL: https://babesinhairland.com/wp-content/themes/restored316-divine/style.css?ver=1.0.4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

c799c70d3cae050e7292913344ed2b50f1646d2c30b82cf7a8d94497450ef587

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://babesinhairland.com/wp-content/themes/restored316-divine/style.css?ver=1.0.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:09 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1238
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Mon, 27 Feb 2017 17:08:29 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1381641459&t=pageview&_s=1&dl=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ul=en-us&de=UTF-8&dt=How%20to%20Care%20for%20Your%20Daughter%27s%20Curly%20Hair%20-%20Tips%2C%20Tricks%20%26%20Advice&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2065726215&gjid=1475509500&cid=251415359.1624810510&tid=UA-30849097-1&_gid=648294116.1624810510&_r=1&_slc=1&z=233969423

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://babesinhairland.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 247 KB
73 KB 13ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=09226164f3b741689214eaaca51bb903

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

35576be509080878428d8e25359c712735a23db97d00e98848c79335f60d0278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: http://babesinhairland.com
Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: uV6S+O5JaXo7gklhwyzwlQ==
cross-origin-resource-policy: cross-origin
expires: Mon, 27 Jun 2022 14:39:48 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74749
x-fb-rlafr: 0
x-fb-debug: MJMss/52xQC8Tyizlm15PAWeyeOoxHoC9aiyK50o9Hwj8AvKgVLIWof7EHkHKoSjdF9gsO7fbUXyxjaoPx3GJg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: c429cc243321fe12a2abaa733bb711be
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 27 Jun 2021 16:15:09 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "617647a3bc5f1ed428d2e10b07f0a83a"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET

ssbp.woff
babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/fonts/
Redirect Chain

http://babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/fonts/ssbp.woff?xj3ol1
https://babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/fonts/ssbp.woff?xj3ol1

0
0

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
340 B 99ms
25ms XHR
text/plain 52.29.0.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1624810509322.17347&hostname=babesinhairland.com&location=%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&bsamesite=true&consent_cookie_duration=263&consent_duration=263&gdpr_domain=.consensu.org&gdpr_method=cookie&url=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&title=How%20to%20Care%20for%20Your%20Daughter%27s%20Curly%20Hair%20-%20Tips%2C%20Tricks%20%26%20Advice&sop=false&description=Stop%20struggling%20with%20those%20curls.%20Find%20out%20how%20to%20care%20for%20your%20daughter%27s%20curly%20hair%20(or%20your%20curls)%20with%20tips%2C%20tricks%2C%20and%20advice%20from%20other%20curly%20girls!
Requested by: Host: w.sharethis.com
URL: http://w.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-0-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 68 KB
19 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:2a7::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.7464435467668493
Requested by: Host: assets.pinterest.com
URL: http://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a7::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: eb51506c619bb5ea0d447dc5a08683c9b73ecbe1e65dce794674622cd2e56f58

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: br
x-cdn: akamai
etag: "2424d1362506bd5cb853b5162df0158b"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=260
accept-ranges: bytes
content-length: 18804
access-control-expose-headers: X-CDN

GET
H2 200 / Show response
widgets.pinterest.com/v3/pidgets/users/babesinhairland/pins/ 67 KB
9 KB 418ms
341ms Script
application/javascript 151.101.132.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v3/pidgets/users/babesinhairland/pins/?sub=www&callback=PIN_1624810509668.f.callback[0]

Requested by

Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit_main.js?0.7464435467668493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.132.84 Madrid, Spain, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3fb10f8a991455ca0b954e257f094e8193b90ff67e2bc89c19a43751e8ba72e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-pinterest-sli-response-type: success
content-encoding: gzip
x-content-type-options: nosniff
pinterest-version: aeab49a
date: Sun, 27 Jun 2021 16:15:10 GMT
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
pinterest-generated-by: coreapp-ngwidgets-prod-0a01c465
x-pinterest-direct: true
x-envoy-upstream-service-time: 212
accept-ranges: bytes
vary: Accept-Encoding
x-pinterest-rid: 4604442158916689

GET

ssbp.ttf
babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/fonts/
Redirect Chain

http://babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/fonts/ssbp.ttf?xj3ol1
https://babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/fonts/ssbp.ttf?xj3ol1

0
0

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
315 B 256ms
256ms Image
text/plain 52.29.0.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1624810509322.17347&hostname=babesinhairland.com&location=%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&bsamesite=true&consent_cookie_duration=263&consent_duration=263&gdpr_domain=.consensu.org&gdpr_method=cookie&url=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&title=How%20to%20Care%20for%20Your%20Daughter%27s%20Curly%20Hair%20-%20Tips%2C%20Tricks%20%26%20Advice&sop=false&description=Stop%20struggling%20with%20those%20curls.%20Find%20out%20how%20to%20care%20for%20your%20daughter%27s%20curly%20hair%20(or%20your%20curls)%20with%20tips%2C%20tricks%2C%20and%20advice%20from%20other%20curly%20girls!&gdpr_domain=.consensu.org&gdpr_method=cookie&description=Stop%20struggling%20with%20those%20curls.%20Find%20out%20how%20to%20care%20for%20your%20daughter%27s%20curly%20hair%20(or%20your%20curls)%20with%20tips%2C%20tricks%2C%20and%20advice%20from%20other%20curly%20girls!&img_pview=true
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-0-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2

200

ats.js Show response
ats.rlcdn.com/
Redirect Chain

http://ats.rlcdn.com/ats.js
https://ats.rlcdn.com/ats.js

184 KB
60 KB

72ms
29ms

Script
application/x-javascript

65.9.77.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cffabe0948ab31d5e6574c15c4e0d494ecc146d91cd0434d684c9ace31f9c068

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: KFvtQEF49ZQSVuqNgx9QL0DaILhmyKFe
content-encoding: gzip
etag: W/"535a44cb49d4769cf9ec82fbcba860c8"
last-modified: Fri, 11 Jun 2021 10:13:39 GMT
server: AmazonS3
age: 47323
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 0186e9c41d0aebb13c1398b95b7f4757.cloudfront.net (CloudFront)
date: Sun, 27 Jun 2021 03:40:14 GMT
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: YeI8Uek_E21ozg5p6jfrG_8Xh7tyl74mW1zr-H7yu31HqPdd9I2w0g==

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
Via: 1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: AMS1-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://ats.rlcdn.com/ats.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: 0wfVFs3xhnUwum6nLY2aqePeTwFzAIfS0qN9Ovqj2sHrin-d-NeDhA==

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/ 393 KB
70 KB 50ms
31ms Script
text/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 76a07adcb6d4d762c8c401ca6e79d13e21310e902c60d20765d7c553715cd202

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 16:15:08 GMT
Content-Encoding: gzip
Age: 3166
X-Cache: HIT
Connection: keep-alive
Content-Length: 70949
x-amz-id-2: csgcuBc0MP8hz3xDVRadhxFlNbA2bJ+qI/SsriUGUoigmgaGG2iYiBnZR9NjvFQImBk/MeqH4Kk=
X-Served-By: cache-fra19144-FRA
Last-Modified: Sun, 27 Jun 2021 14:36:08 GMT
Server: AmazonS3
X-Timer: S1624810509.885745,VS0,VE0
ETag: "bc05feae9a072304c0c044be2e14da6d"
x-amz-request-id: BWACN1QFJ1PYTGVK
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 45

GET
H/1.1 200
OK xdomain_cookie.min.js Show response
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ 5 KB
2 KB 107ms
107ms Script
application/javascript 2600:1901:0:333a::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Server: 2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
Content-Encoding: gzip
Content-Type: application/javascript
Age: 2042
Transfer-Encoding: chunked
X-Cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Last-Modified: Tue, 25 Aug 2020 07:36:03 GMT
Server: nginx
Vary: Accept-Encoding
x-goog-hash: crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
x-goog-generation: 1598340963244234
Via: 1.1 google
Cache-Control: max-age=31104000, public
x-goog-stored-content-length: 4733
X-GUploader-UploadID: ABg5-Ux2gEGrm1DFNt1pK-xZXYc3xlRZC9oAXgi76x6y9YrEnPmOtUd-43ZOdg6jd8-mKytZ3FI_KKfnlo_BKHoz-SMo2tmFsQ
Expires: Wed, 22 Jun 2022 16:15:09 GMT

GET
H2

200

services.js Show response
js.gumgum.com/
Redirect Chain

http://js.gumgum.com/services.js
https://js.gumgum.com/services.js

98 KB
37 KB

249ms
207ms

Script
application/javascript

65.9.77.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.gumgum.com/services.js
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33645f814144ba5aecb4a3750ae619fbcddecaf7fbfb4c4cf842ff10d20cb0d7

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NBi2rtU1MwEhlev02NzmyDSqT3g0OAU8
content-encoding: gzip
x-amz-meta-timing-allow-origin: *
server: AmazonS3
x-amz-cf-pop: AMS1-C1
etag: W/"bbe01470b27ed1ec978dc238cd307f2e"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
cache-control: max-age=31536000
date: Sun, 27 Jun 2021 16:15:11 GMT
last-modified: Wed, 16 Jun 2021 17:35:44 GMT
x-amz-meta-access-control-allow-origin: *
x-amz-cf-id: 2uhy0wM_eMBbtAq3Do8KQg_YXSHs-ckclYl10df-8s3sJbm5RSpRRg==

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
Via: 1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: AMS1-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://js.gumgum.com/services.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: uExMIk_nOOIblQyLCbYo5_JtcBXBartXYmKZY2XjqTWnvka_HEeERg==

GET
H/1.1 200
OK apstag.js Show response
c.amazon-adsystem.com/aax2/ 123 KB
33 KB 39ms
24ms Script
application/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Server: 65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 0f4b08d07ecca9f8fcaf108ea78bb163fc98cfc19a844bd0f87412ab34a41873

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 10:14:08 GMT
Content-Encoding: gzip
Age: 21660
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Timing-Allow-Origin: *
Server: Server
ETag: c457e964d47ff007ca9e04843536c474
x-amz-version-id: SOzAdyP7.FQsxAjkeGom0RVGr_hQgEwt
Via: 1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: jNULvt8PEdENOi6yMEPxuuVdBNjgw3-3mJLEzVr9huRX-Kg9eGRuEA==

GET
H/1.1 200
OK 182762-63174106385307.js Show response
js-sec.indexww.com/ht/p/ 37 KB
13 KB 455ms
439ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://js-sec.indexww.com/ht/p/182762-63174106385307.js
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 16:15:10 GMT
Content-Encoding: gzip
Last-Modified: Sun, 27 Jun 2021 16:11:25 GMT
Server: Apache
ETag: "da152f-930a-5c5c19fe61d25"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12788
Expires: Sun, 27 Jun 2021 17:15:10 GMT

GET
H2

200

gpt.js Show response
securepubads.g.doubleclick.net/tag/js/
Redirect Chain

http://securepubads.g.doubleclick.net/tag/js/gpt.js
https://securepubads.g.doubleclick.net/tag/js/gpt.js

67 KB
24 KB

90ms
32ms

Script
text/javascript

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

2e91afe0acc19cf30de860e2b21400bac60d148e2c298a4acc67c95f27d29a96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "914 / 433 of 1000 / last-modified: 1624659045"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23677
x-xss-protection: 0
expires: Sun, 27 Jun 2021 16:15:10 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:09:41 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 328
Content-Type: text/html; charset=UTF-8
Location: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Cache-Control: public, max-age=1800
Content-Length: 249
X-XSS-Protection: 0
Expires: Sun, 27 Jun 2021 16:39:41 GMT

GET 1f384.svg
s.w.org/images/core/emoji/13.0.1/svg/ 0
0

GET 1f332.svg
s.w.org/images/core/emoji/13.0.1/svg/ 0
0

GET
H2 200 76860594_185976749119410_7106986666272221396_n.jpg
scontent-dfw5-2.cdninstagram.com/v/t51.2885-15/ 191 KB
192 KB 373ms
124ms Image
image/jpeg 2a03:2880:f234:1c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-dfw5-2.cdninstagram.com/v/t51.2885-15/76860594_185976749119410_7106986666272221396_n.jpg?_nc_cat=100&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=ovjVvVnjPNsAX919f6D&_nc_ht=scontent-dfw5-2.cdninstagram.com&oh=b65aba4005c4c96187ba9c2a1d2ea413&oe=60DCB4F3
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f234:1c5:face:b00c:0:43fe Dallas, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e5dc31e395e9ba0e7a32323c76212a27ca6321dc0e78c2f7e0e504d8de1ef010

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2607863195
date: Sun, 27 Jun 2021 16:15:10 GMT
x-fb-trip-id: 1984883670
last-modified: Wed, 25 Dec 2019 16:05:57 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3526400071
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 195913

GET
H2 200 78795352_1426706324159316_426875193349088390_n.jpg
scontent-dfw5-2.cdninstagram.com/v/t51.2885-15/ 185 KB
185 KB 366ms
125ms Image
image/jpeg 2a03:2880:f234:1c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-dfw5-2.cdninstagram.com/v/t51.2885-15/78795352_1426706324159316_426875193349088390_n.jpg?_nc_cat=108&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=N3o6LiyV6P8AX_cKph7&_nc_ht=scontent-dfw5-2.cdninstagram.com&oh=bdd606a83164619b5cf388b02b9b5b35&oe=60DE1B55
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f234:1c5:face:b00c:0:43fe Dallas, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 37eee3142be6be85225cd65f4f91bc594881b692aba3f39dfdbb8f8de8624515

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 811554697
date: Sun, 27 Jun 2021 16:15:10 GMT
x-fb-trip-id: 1984883670
last-modified: Tue, 24 Dec 2019 20:20:13 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1565735123
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 189658

GET
H2 200 79951002_507654169879202_1773215499231922356_n.jpg
scontent-dfw5-1.cdninstagram.com/v/t51.2885-15/ 153 KB
154 KB 382ms
125ms Image
image/jpeg 2a03:2880:f234:c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-dfw5-1.cdninstagram.com/v/t51.2885-15/79951002_507654169879202_1773215499231922356_n.jpg?_nc_cat=101&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=a4owWkAlLvoAX8p2orf&_nc_ht=scontent-dfw5-1.cdninstagram.com&oh=b96f4f98f3bc00fb538d3137b6b7db72&oe=60DD11D0
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f234:c5:face:b00c:0:43fe Dallas, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6d5be1cf7ed69b3f27646a39b4e8c9afac4a13ce6fbedf33404a3e969d24e798

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 234075956
date: Sun, 27 Jun 2021 16:15:10 GMT
x-fb-trip-id: 1984883670
last-modified: Mon, 23 Dec 2019 17:10:01 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4117004544
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 157174

GET
H2 200 77432716_168415114259691_7809923488106798953_n.jpg
scontent-dfw5-2.cdninstagram.com/v/t51.2885-15/ 225 KB
225 KB 235ms
125ms Image
image/jpeg 2a03:2880:f234:1c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-dfw5-2.cdninstagram.com/v/t51.2885-15/77432716_168415114259691_7809923488106798953_n.jpg?_nc_cat=108&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=rL6Lei0zBccAX_iKs-O&_nc_ht=scontent-dfw5-2.cdninstagram.com&oh=049c3395732ccbf572acf11ddfab1e40&oe=60DDDE75
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f234:1c5:face:b00c:0:43fe Dallas, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 1a92bb208274251f43fc39719410f29d4639a29d416b9d27c8083306f05f8e7a

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 621381636
date: Sun, 27 Jun 2021 16:15:10 GMT
x-fb-trip-id: 1984883670
last-modified: Mon, 16 Dec 2019 21:46:31 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2616209537
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 230390

GET
H2 200 74601364_174627057021249_1641997034062104669_n.jpg
scontent-dfw5-2.cdninstagram.com/v/t51.2885-15/ 52 KB
52 KB 151ms
125ms Image
image/jpeg 2a03:2880:f234:1c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-dfw5-2.cdninstagram.com/v/t51.2885-15/74601364_174627057021249_1641997034062104669_n.jpg?_nc_cat=108&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=JgVsU7frPyYAX8ea0fs&_nc_ht=scontent-dfw5-2.cdninstagram.com&oh=42dcd657f52aad17bc87756650040a73&oe=60DC8FD9
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f234:1c5:face:b00c:0:43fe Dallas, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 260212e0acb13706f031e2f619aca9771b9904765989b8e48f3455aeefb9691f

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 4268180600
date: Sun, 27 Jun 2021 16:15:10 GMT
x-fb-trip-id: 1984883670
last-modified: Wed, 27 Nov 2019 23:46:16 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 563856012
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 53492

GET
H2 200 74531930_479537676307631_8407627592128265781_n.jpg
scontent-dfw5-2.cdninstagram.com/v/t51.2885-15/ 148 KB
148 KB 365ms
365ms Image
image/jpeg 2a03:2880:f234:1c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-dfw5-2.cdninstagram.com/v/t51.2885-15/74531930_479537676307631_8407627592128265781_n.jpg?_nc_cat=108&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=ifYelAqPqYkAX-Lo_EM&_nc_oc=AQn-_8-TLIKBht-w33OjTygFP7u7uFxXTagr-U6cveqGN-xr47ZDAbr1PjWloOq69EQ&_nc_ht=scontent-dfw5-2.cdninstagram.com&oh=f71573bca44203746b00032d848143e3&oe=60DDAB1D
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f234:1c5:face:b00c:0:43fe Dallas, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b68a57ef12aa892428ab8cddf579df161ffdcf3ce08d043e722389bb822b413f

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 3614668999
date: Sun, 27 Jun 2021 16:15:10 GMT
x-fb-trip-id: 1984883670
last-modified: Mon, 25 Nov 2019 20:15:22 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1176716696
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 151791

GET
H2 200 72575443_569209330288837_5557142559230859461_n.jpg
scontent-dfw5-2.cdninstagram.com/v/t51.2885-15/ 144 KB
144 KB 365ms
364ms Image
image/jpeg 2a03:2880:f234:1c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-dfw5-2.cdninstagram.com/v/t51.2885-15/72575443_569209330288837_5557142559230859461_n.jpg?_nc_cat=102&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=WqISDDD0cLAAX8pr9Ve&_nc_ht=scontent-dfw5-2.cdninstagram.com&oh=cef1ef7fdf4f8e06976d6261aab2fc31&oe=60DE8853
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f234:1c5:face:b00c:0:43fe Dallas, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 78d00d28d5e9614aabd17c85e08b0f3048d26bdc9d263fd503bf78a470d393cb

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 178086623
date: Sun, 27 Jun 2021 16:15:10 GMT
x-fb-trip-id: 1984883670
last-modified: Fri, 08 Nov 2019 02:37:51 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3099942208
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 147721

GET
H2 200 74611878_494760484453465_4282114128014529382_n.jpg
scontent-dfw5-2.cdninstagram.com/v/t51.2885-15/ 477 KB
477 KB 365ms
365ms Image
image/jpeg 2a03:2880:f234:1c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-dfw5-2.cdninstagram.com/v/t51.2885-15/74611878_494760484453465_4282114128014529382_n.jpg?_nc_cat=104&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=2Qg8dP2DPgkAX--eK4X&_nc_ht=scontent-dfw5-2.cdninstagram.com&oh=db1dabae3011e610d3b9b1e8593ae53a&oe=60DDC463
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f234:1c5:face:b00c:0:43fe Dallas, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 179e097e74eb709f774a541e8d199490ef290f650264b14ecddf6b1a090da2be

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 3628147049
date: Sun, 27 Jun 2021 16:15:10 GMT
x-fb-trip-id: 1984883670
last-modified: Tue, 29 Oct 2019 23:09:43 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4279752291
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 488464

GET
H2 200 70523040_754375591681571_3568500529940775419_n.jpg
scontent-dfw5-2.cdninstagram.com/v/t51.2885-15/ 337 KB
337 KB 366ms
365ms Image
image/jpeg 2a03:2880:f234:1c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-dfw5-2.cdninstagram.com/v/t51.2885-15/70523040_754375591681571_3568500529940775419_n.jpg?_nc_cat=107&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=Xf-hEy-d8pYAX_941AC&_nc_ht=scontent-dfw5-2.cdninstagram.com&oh=e422ee39c366243b46c782d20e2bc0df&oe=60DDC4C0
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f234:1c5:face:b00c:0:43fe Dallas, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6b2e634aa420c8d558ab6fc13942c11617f3e834464e28a2a2737c2ae3ac5335

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 383379063
date: Sun, 27 Jun 2021 16:15:10 GMT
x-fb-trip-id: 1984883670
last-modified: Tue, 08 Oct 2019 20:53:09 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4121644722
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 345230

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gpt/202106181457/ 164 KB
52 KB 23ms
22ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://confiant-integrations.global.ssl.fastly.net/gpt/202106181457/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3efe24ee7ab5d24740d7d930448575fe7c48e2596016736947cf303e97510bca

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
Content-Encoding: gzip
Age: 362
X-Cache: HIT
Connection: keep-alive
Content-Length: 53094
x-amz-id-2: iWcjgK/xyv8Fc1enRZ0wtowmAFpbKXuY59Ods8+akUfKH6wTZSXcku+c5GBoENk7nk3TB48gPQw=
X-Served-By: cache-fra19144-FRA
Last-Modified: Fri, 18 Jun 2021 19:00:51 GMT
Server: AmazonS3
X-Timer: S1624810510.521053,VS0,VE0
ETag: "68dd9189d524766bd29ca0b23e2f1aa3"
x-amz-request-id: QBSFGTYXCB5K8V2F
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 169

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/prebid/202106181457/ 90 KB
30 KB 23ms
22ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://confiant-integrations.global.ssl.fastly.net/prebid/202106181457/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5e9645a277b6522f623130a70519cc50790466ea096e9b81f36a0f0f73e0d62

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
Content-Encoding: gzip
Age: 474
X-Cache: HIT
Connection: keep-alive
Content-Length: 29631
x-amz-id-2: RN9GLwgEqBrOkHF0+Zkh1zYGQPGC41Nu4bbZXOHJH+qKkQTY7yLFjb0FNVSj2ux45jl6xSsdS68=
X-Served-By: cache-fra19144-FRA
Last-Modified: Fri, 18 Jun 2021 19:00:53 GMT
Server: AmazonS3
X-Timer: S1624810510.551036,VS0,VE0
ETag: "9e7204ffee955212a808adbbbb12257c"
x-amz-request-id: XDAQA3XN94K033XJ
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 286

GET config
c.amazon-adsystem.com/cdn/prod/ 0
0

GET
H/1.1 200
OK aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 58ms
44ms XHR
application/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Server: 65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
Content-Encoding: gzip
ETag: W/"a4d296427fc806b21335359e398c025c"
Age: 24524
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 3000
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 07 Apr 2021 05:49:36 GMT
Server: AmazonS3
Date: Sun, 27 Jun 2021 09:26:27 GMT
Vary: Origin
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Via: 1.1 bdba42cf1410fb617eeb4ffd3e0b9cb7.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: zeus4hDmubaF3ObhnBOPk7VSXY_XDdQ9MYFho0QLODcvajMq8ka_Xg==

GET
H/1.1 200
OK xdomain_cookie.html Show response
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame 7B94 3 KB
2 KB 102ms
102ms Document
text/html 2600:1901:0:333a::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by: Host: monu.delivery
URL: http://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol: HTTP/1.1
Server: 2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Host: monu.delivery
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://babesinhairland.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

Server: nginx
Date: Sun, 27 Jun 2021 16:15:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-GUploader-UploadID: ABg5-UwIDE7hjHvJfV9n7r8bOu69APEWW76BRFQAspABrgbfAS_aJD1MF860znicqBMCKIpOV-Ppdh_1VkmD9wsiG-i1IX9yjQ
Expires: Wed, 22 Jun 2022 16:15:10 GMT
Last-Modified: Tue, 25 Aug 2020 07:36:09 GMT
x-goog-generation: 1598340969597109
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3440
x-goog-hash: crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-storage-class: STANDARD
Age: 2041
Cache-Control: max-age=31104000 public
X-Cache: HIT
Content-Encoding: gzip
Via: 1.1 google

GET
H/1.1 200
OK mmt.gif
imps.monu.delivery/ 37 B
730 B 42ms
22ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://imps.monu.delivery/mmt.gif?s=d92013a9-500e-40c1-bfdb-e8319fa5a732&a=p.l&u=7517a629-baa3-4516-93c8-2f929a29d754
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: HTTP/1.1
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 15:52:34 GMT
Age: 1356
X-GUploader-UploadID: ABg5-UxLTQayLwMVlj9pSc3waCq6GrPLEggjtrOgKHrgzJt-_KUwldTkMIhVbNyEqseflBHjXbXgjvrciM6Amz703YZvdhGKdg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 37
Last-Modified: Wed, 12 Jul 2017 09:13:19 GMT
Server: UploadServer
ETag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
Cache-Control: public, max-age=3600
x-goog-stored-content-length: 37
Accept-Ranges: bytes
Content-Type: image/gif
Expires: Sun, 27 Jun 2021 16:52:34 GMT

GET
H3-29 200 pubads_impl_2021062404.js Show response
securepubads.g.doubleclick.net/gpt/ 324 KB
112 KB 62ms
31ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062404.js?31061706

Requested by

Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

e2cfc5ee4e55ef850a3d79d800f56deb7ceb2cb11d8f6733450d34da4fd4e63f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Jun 2021 17:08:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114952
x-xss-protection: 0
expires: Sun, 27 Jun 2021 16:15:10 GMT

GET
H2 200 b70246e57038014a52981beb9446a492.jpg
i.pinimg.com/60x60_RS/b7/02/46/ 1 KB
2 KB 133ms
113ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/60x60_RS/b7/02/46/b70246e57038014a52981beb9446a492.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e62a33aa8ce3b6670e2e0dac0f116ca4732b389be4d7033ffbb499b481554683

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "0b92c9a9e5d25c46fd14beadd53e4373"
x-cdn: cloudflare
edge-start: 1624810510474
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa69684ed3-FRA
content-length: 1509
cf-request-id: 0aefd9f08400004ed3a01df000000001
server: cloudflare
origin-latency: 85

GET
H2 200 39552a6d16a905c0e5888d11c6f289e9.jpg
i.pinimg.com/237x/39/55/2a/ 24 KB
24 KB 117ms
111ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/39/55/2a/39552a6d16a905c0e5888d11c6f289e9.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9efd00b2b6d9b02c9ce8001160f677d1b5a3ff8e4fa1c036d8a8b56c0631c524

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "70b0601ec29990d8f4938b089b3de291"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510483
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa798c4ed3-FRA
content-length: 24239
cf-request-id: 0aefd9f08c00004ed35b9bc000000001
server: cloudflare
origin-latency: 81

GET
H2 200 3928c015b606fb7aa999ce65f246b6a1.jpg
i.pinimg.com/237x/39/28/c0/ 30 KB
30 KB 122ms
116ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/39/28/c0/3928c015b606fb7aa999ce65f246b6a1.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27a9d34abb053178da74db9c72fabb1b3ec08fea99e924676e0b5483e5dd2c21

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "2b0d02a1e71e02496fdad272f9c23e4a"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510486
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79904ed3-FRA
content-length: 30704
cf-request-id: 0aefd9f08c00004ed3e195a000000001
server: cloudflare
origin-latency: 80

GET
H2 200 01059ffce03f0b034628f1800d59b109.jpg
i.pinimg.com/237x/01/05/9f/ 19 KB
20 KB 123ms
117ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/01/05/9f/01059ffce03f0b034628f1800d59b109.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15b2d7962966deebbe498dc388596b7134f252d0ea4ead6418d626b92d9b14e9

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "bddfcbe891ab3624fbec5a83ce0e5004"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510480
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79914ed3-FRA
content-length: 19954
cf-request-id: 0aefd9f08d00004ed35aacb000000001
server: cloudflare
origin-latency: 86

GET
H2 200 b2643761e0bdcdcf8f878f8117056870.jpg
i.pinimg.com/237x/b2/64/37/ 21 KB
21 KB 117ms
111ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/b2/64/37/b2643761e0bdcdcf8f878f8117056870.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4893abac314a73d945f7a107e248483fe228399d3e59a1a16d283262da25aec0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "7ecab08f94fad6ef9eeda118e5ebb507"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510482
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79924ed3-FRA
content-length: 21259
cf-request-id: 0aefd9f08d00004ed38f992000000001
server: cloudflare
origin-latency: 83

GET
H2 200 fb63c624abc0d3612188660ad49be378.jpg
i.pinimg.com/237x/fb/63/c6/ 18 KB
18 KB 123ms
117ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/fb/63/c6/fb63c624abc0d3612188660ad49be378.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af79dd310d71adf5f0029246a128d05ef367c49a6d3e27f87d27920e18ec3605

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "27575b93ac5df5dc63f5685250fb3027"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510484
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79944ed3-FRA
content-length: 18597
cf-request-id: 0aefd9f08d00004ed3b73db000000001
server: cloudflare
origin-latency: 81

GET
H2 200 f42c74aab6a51d30e4963499db51eb0d.jpg
i.pinimg.com/237x/f4/2c/74/ 10 KB
10 KB 135ms
129ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/f4/2c/74/f42c74aab6a51d30e4963499db51eb0d.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6afc129e9a01d2e26245157dd83c234c868d38f9a9920936264db79c3c87645b

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "0b4b9d31091429da77f813f0a0f4a1da"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510516
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79954ed3-FRA
content-length: 10388
cf-request-id: 0aefd9f08d00004ed38d25e000000001
server: cloudflare
origin-latency: 61

GET
H2 200 bf34dad67cb5396bdd23607cd3abb491.jpg
i.pinimg.com/237x/bf/34/da/ 30 KB
30 KB 115ms
109ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/bf/34/da/bf34dad67cb5396bdd23607cd3abb491.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0192ca2b242aa948c52d4d21d0ba72fb05f69060d3fde28f8371f6a114f114a

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "c2517a1ed6f1cad82f8df242cdb26b44"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510481
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79964ed3-FRA
content-length: 30320
cf-request-id: 0aefd9f08d00004ed3ab8f1000000001
server: cloudflare
origin-latency: 81

GET
H2 200 20930152bd10cc5215c2c84f4e35dd3f.jpg
i.pinimg.com/237x/20/93/01/ 36 KB
36 KB 122ms
116ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/20/93/01/20930152bd10cc5215c2c84f4e35dd3f.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3c54ff47290bfa569249f470660410315a7fa8282a0ac501bda19bba3068098

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "a1bd6967bb4ce8b419047ce6a34e2af0"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510504
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79974ed3-FRA
content-length: 36604
cf-request-id: 0aefd9f08d00004ed38a3cd000000001
server: cloudflare
origin-latency: 63

GET
H2 200 066418b87b6f71196f067a1ac6360e2e.jpg
i.pinimg.com/237x/06/64/18/ 23 KB
23 KB 118ms
112ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/06/64/18/066418b87b6f71196f067a1ac6360e2e.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 046c9c9dd226e31d63fcd322f7caf9f9de63b898c4f29c6df36dd24c9f9fe35c

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "b9eae390b8d407a5b0470140c4f622af"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510484
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa799b4ed3-FRA
content-length: 23874
cf-request-id: 0aefd9f08e00004ed3b223d000000001
server: cloudflare
origin-latency: 82

GET
H2 200 c26aff1d70c8e66a2c6974f6c4abc331.jpg
i.pinimg.com/237x/c2/6a/ff/ 28 KB
28 KB 128ms
122ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/c2/6a/ff/c26aff1d70c8e66a2c6974f6c4abc331.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e1f1ef7172400a022ce88960359048cd55a49ec3774f52d4a1f4bcb59cddb20

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "c59f6ac72816a3f25cb8be0925538fb9"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510486
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa799c4ed3-FRA
content-length: 28898
cf-request-id: 0aefd9f08e00004ed35ebdb000000001
server: cloudflare
origin-latency: 67

GET
H2 200 2b197c7da3f46af1e574f3de343b52e3.jpg
i.pinimg.com/237x/2b/19/7c/ 20 KB
20 KB 123ms
117ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/2b/19/7c/2b197c7da3f46af1e574f3de343b52e3.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 561747fbaee4ab8fc34641af932e2697eabd08ba310039414f10162ea58edee8

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "fedec335c708e5517e2166ffea1ee153"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510505
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa799d4ed3-FRA
content-length: 20614
cf-request-id: 0aefd9f08e00004ed39dbff000000001
server: cloudflare
origin-latency: 63

GET
H2 200 34d5ce20cdc8c8a28e1f36861cb0cf54.jpg
i.pinimg.com/237x/34/d5/ce/ 14 KB
14 KB 50ms
44ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/34/d5/ce/34d5ce20cdc8c8a28e1f36861cb0cf54.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00b6494ed1f20fd79d438233767307905c04d6da43a9dfa72623b3dff435931

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "bce69c0646dafd47ecb7ec94479a86e9"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510484
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79a14ed3-FRA
content-length: 14308
cf-request-id: 0aefd9f08e00004ed3ba2f8000000001
server: cloudflare
origin-latency: 22

GET
H2 200 3bb1f5bd3fde25e15a4e61a3f3b2956e.jpg
i.pinimg.com/237x/3b/b1/f5/ 32 KB
32 KB 127ms
121ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/3b/b1/f5/3bb1f5bd3fde25e15a4e61a3f3b2956e.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5f4f0627b7e14e9557378d8c87d2628e2f4ed6234b95ee45f01ecfc53ad476d

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "ff77e52bd7c34a03e981733662b38070"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510514
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79a34ed3-FRA
content-length: 32326
cf-request-id: 0aefd9f08e00004ed387b99000000001
server: cloudflare
origin-latency: 54

GET
H2 200 e644cc924c1d7227f7493e92411b8544.jpg
i.pinimg.com/237x/e6/44/cc/ 25 KB
25 KB 127ms
122ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/e6/44/cc/e644cc924c1d7227f7493e92411b8544.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8b3dc7792f065b336d3b71011510c4d4f5a385402f10436f821cdb6d8be2b7

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "84e225ab0313fa04a412c63a8c1a0477"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510506
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79a54ed3-FRA
content-length: 25774
cf-request-id: 0aefd9f08f00004ed3dc981000000001
server: cloudflare
origin-latency: 61

GET
H2 200 ad3b042fa7970a9498425e73a9ef570f.jpg
i.pinimg.com/237x/ad/3b/04/ 15 KB
15 KB 128ms
123ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/ad/3b/04/ad3b042fa7970a9498425e73a9ef570f.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa1f5c79753ed4168ff0e27fdd56b67639889dec21fce1b28b0e2e0e5653f6ba

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "cc56df15f1e8755187c608d3a2e21c7d"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510522
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79a64ed3-FRA
content-length: 15667
cf-request-id: 0aefd9f09100004ed3d7068000000001
server: cloudflare
origin-latency: 50

GET
H2 200 bd715d06a8bac4269918c54a5c5225da.jpg
i.pinimg.com/237x/bd/71/5d/ 7 KB
7 KB 129ms
124ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/bd/71/5d/bd715d06a8bac4269918c54a5c5225da.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 129226b7f1f0a431034a959856825b66fb2cd310f83557de4b7fb17e53873423

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "614a4687171405615f61adc2bb045c68"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510530
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79a94ed3-FRA
content-length: 7507
cf-request-id: 0aefd9f08f00004ed3bf0b7000000001
server: cloudflare
origin-latency: 44

GET
H2 200 a04af54ec0d6537cd98f20f634c5653d.jpg
i.pinimg.com/237x/a0/4a/f5/ 17 KB
17 KB 123ms
117ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/a0/4a/f5/a04af54ec0d6537cd98f20f634c5653d.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b273893bf2b88f5a3144322a462363124a5608979cec217e87423e5964596aef

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "71531f4588ab9378646c62183c0c9910"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510512
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79ab4ed3-FRA
content-length: 17194
cf-request-id: 0aefd9f09000004ed3e4072000000001
server: cloudflare
origin-latency: 56

GET
H2 200 7011fa42aa32ca5806d5b7870da6fc5b.jpg
i.pinimg.com/237x/70/11/fa/ 19 KB
19 KB 127ms
121ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/70/11/fa/7011fa42aa32ca5806d5b7870da6fc5b.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8776b5cb758f0a7841d6ed7e77a71167796aeae3658b91c79c0288b6a942e648

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "dabff95fc08d56fb556c1dd180ec8509"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510509
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79ad4ed3-FRA
content-length: 19232
cf-request-id: 0aefd9f08f00004ed39923f000000001
server: cloudflare
origin-latency: 59

GET
H2 200 8756dd1bda594ad0194c717bb51d36dd.jpg
i.pinimg.com/237x/87/56/dd/ 20 KB
20 KB 129ms
123ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/87/56/dd/8756dd1bda594ad0194c717bb51d36dd.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00373c9334f35c416fe7503a06319c15f5663991a8a7c511c9c7d98bf6e0232

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "3344c7556ec649e83384eeda8fe8bf79"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510519
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79b14ed3-FRA
content-length: 20735
cf-request-id: 0aefd9f09000004ed3b9aea000000001
server: cloudflare
origin-latency: 51

GET
H2 200 6353e7e612a52d73e1bf7db427331e95.jpg
i.pinimg.com/237x/63/53/e7/ 18 KB
18 KB 129ms
123ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/63/53/e7/6353e7e612a52d73e1bf7db427331e95.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75a7261e493f6af3897e2f445a82ac859105c1d257fd0f7f22fbc3a2a947c9cc

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "544f844a8fa40949023ffa40a9918644"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510524
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79b24ed3-FRA
content-length: 18223
cf-request-id: 0aefd9f09100004ed3c2186000000001
server: cloudflare
origin-latency: 49

GET
H2 200 a527ac4737af570dbd5bd63783fc53cb.jpg
i.pinimg.com/237x/a5/27/ac/ 21 KB
21 KB 128ms
123ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/a5/27/ac/a527ac4737af570dbd5bd63783fc53cb.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bebdbec3b2a68a5d7f63ab9e69f3870b12f662d0c01e1835038e77c6e98f56b

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "90ef7bd816687863bfa4a2ca165af345"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510513
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79b34ed3-FRA
content-length: 21168
cf-request-id: 0aefd9f09000004ed35aacc000000001
server: cloudflare
origin-latency: 59

GET
H2 200 5d863cb9ce0621800a6ae5e66378cc7e.jpg
i.pinimg.com/237x/5d/86/3c/ 27 KB
27 KB 128ms
122ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/5d/86/3c/5d863cb9ce0621800a6ae5e66378cc7e.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c5e12ed8627ce3f4433ac7400d337e3504863363544e47fc6915a90c342bf99

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "695b3b36146290174cad3fbee954b7b3"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510507
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
x-amz-replication-status: COMPLETED
accept-ranges: bytes
cf-ray: 665ff8fa79b44ed3-FRA
content-length: 27435
cf-request-id: 0aefd9f09000004ed3e195b000000001
server: cloudflare
origin-latency: 63

GET
H2 200 856f543145d298b92050bc4c89dd5434.jpg
i.pinimg.com/237x/85/6f/54/ 15 KB
15 KB 129ms
124ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/85/6f/54/856f543145d298b92050bc4c89dd5434.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b29954a61fb85c954bc5b6128adb4ad258d27b18b43632f4a243a8ac97da0d86

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "89b1157d328c2ffd93f9cbf8c18c3eb3"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510517
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79b54ed3-FRA
content-length: 15691
cf-request-id: 0aefd9f09000004ed392018000000001
server: cloudflare
origin-latency: 57

GET
H2 200 7121ac491d46a54da80b7bed1d888d07.jpg
i.pinimg.com/237x/71/21/ac/ 25 KB
25 KB 127ms
122ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/71/21/ac/7121ac491d46a54da80b7bed1d888d07.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbd1a970b98c920e5be1e77d2e3421f0382d398009e88ca7f5fd9e2f52c12541

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "7ab2ed9bb9189f28db37993fa3d44f65"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510508
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79b64ed3-FRA
content-length: 25813
cf-request-id: 0aefd9f09000004ed3b73dc000000001
server: cloudflare
origin-latency: 61

GET
H2 200 cd266c4b2eeb08cab7550367f8808047.jpg
i.pinimg.com/237x/cd/26/6c/ 29 KB
29 KB 128ms
122ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/cd/26/6c/cd266c4b2eeb08cab7550367f8808047.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6719049b4abb3e0fde4b147f5165c6cee4765594f2933d21c56e0069a008cc5

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "39c54a9582c78d211b0246e3b17a5efa"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510519
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79b74ed3-FRA
content-length: 29868
cf-request-id: 0aefd9f09000004ed3949b8000000001
server: cloudflare
origin-latency: 52

GET
H2 200 1520c025f6b1e7e4ee723c24ad2591a8.jpg
i.pinimg.com/237x/15/20/c0/ 24 KB
25 KB 129ms
123ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/15/20/c0/1520c025f6b1e7e4ee723c24ad2591a8.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cd2d4a8fdd3cd7854869ed88200088dbade95d2b3aaeeb5d5d1391232dfd86e

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "596c1d9acf7f69a9bb184fcf7c209007"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510520
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79ba4ed3-FRA
content-length: 24986
cf-request-id: 0aefd9f09100004ed38f993000000001
server: cloudflare
origin-latency: 51

GET
H2 200 00bb00234b7f2b8d5c914ececf3d8f06.jpg
i.pinimg.com/237x/00/bb/00/ 28 KB
29 KB 126ms
121ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/00/bb/00/00bb00234b7f2b8d5c914ececf3d8f06.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65811929ff85715160ca21d13ddbebac0d3e4a1bf9ede506845b9d7181327377

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "59a48df848266cca1226eb64363160c0"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510511
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79bb4ed3-FRA
content-length: 29137
cf-request-id: 0aefd9f09100004ed3b223e000000001
server: cloudflare
origin-latency: 59

GET
H2 200 e59a58a4d704530e3a113f53c2277495.jpg
i.pinimg.com/237x/e5/9a/58/ 13 KB
14 KB 131ms
125ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/e5/9a/58/e59a58a4d704530e3a113f53c2277495.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 054f5df8abdc34b2db30d11e8ea01eb6fd8ab0e350082494581a21a820053ff8

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "4b0214175e0f2112110007affbfaa259"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510526
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79bd4ed3-FRA
content-length: 13787
cf-request-id: 0aefd9f09100004ed3af065000000001
server: cloudflare
origin-latency: 50

GET
H2 200 6d06fb7af8ae9733763f53442be63433.jpg
i.pinimg.com/237x/6d/06/fb/ 37 KB
37 KB 137ms
132ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/6d/06/fb/6d06fb7af8ae9733763f53442be63433.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3766d93ee6f48931ccd1ebd736c77e4c1179925d456c9df26f13639e660ec4d2

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "c6f05b9928b50ef8631710100f38ca32"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510525
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79bf4ed3-FRA
content-length: 38173
cf-request-id: 0aefd9f09100004ed35b9bd000000001
server: cloudflare
origin-latency: 51

GET
H2 200 c99617fa7898a8fd14880ca839d8240c.jpg
i.pinimg.com/237x/c9/96/17/ 19 KB
19 KB 137ms
132ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/c9/96/17/c99617fa7898a8fd14880ca839d8240c.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd8daa9185ee21208eec36103b532a995a7eb635e1b696cf384fb0392f0d40f6

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "1b9f4b40879572e72f35b3ac52fe0f42"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510540
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79c04ed3-FRA
content-length: 19610
cf-request-id: 0aefd9f09500004ed35ebdd000000001
server: cloudflare
origin-latency: 39

GET
H2 200 8ef150c934ab397a9692f9851ce01df1.jpg
i.pinimg.com/237x/8e/f1/50/ 32 KB
32 KB 129ms
124ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/8e/f1/50/8ef150c934ab397a9692f9851ce01df1.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4c930cf3b113474406d0e7401596df6b8aab4c0d805def0f0c23ad9cc758af6

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "f7c259e222501273878352bd5f669527"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510527
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79c14ed3-FRA
content-length: 32796
cf-request-id: 0aefd9f09200004ed3a612f000000001
server: cloudflare
origin-latency: 47

GET
H2 200 b7edcd266a2a377f582fbcb11b254d87.jpg
i.pinimg.com/237x/b7/ed/cd/ 32 KB
32 KB 137ms
132ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/b7/ed/cd/b7edcd266a2a377f582fbcb11b254d87.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 986a033d12c7403fa18201513e4396dba72e54e80e2f838b4222f2a8710ab6dd

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "67552ea74a3f233dbf985c19dc2d2e5f"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510537
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79c44ed3-FRA
content-length: 32304
cf-request-id: 0aefd9f09200004ed3ea9a6000000001
server: cloudflare
origin-latency: 41

GET
H2 200 1647ecc1a64b8d0f91598635bf12c03a.jpg
i.pinimg.com/237x/16/47/ec/ 45 KB
45 KB 145ms
140ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/16/47/ec/1647ecc1a64b8d0f91598635bf12c03a.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7485e293d4aa2733983180b494810000dc3b99dd87e1b695f09af5503c85428

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "4da76dfbd49e67f64f4b53af8c62c24d"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510536
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79c54ed3-FRA
content-length: 45823
cf-request-id: 0aefd9f09200004ed38522e000000001
server: cloudflare
origin-latency: 56

GET
H2 200 ecfb364a247b71fcb0f8d6e367e79d0f.jpg
i.pinimg.com/237x/ec/fb/36/ 28 KB
29 KB 131ms
126ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/ec/fb/36/ecfb364a247b71fcb0f8d6e367e79d0f.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ccce6782372362d3dcbcec3883b063b9977e7eb36656fca90c4ffda621d7216

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "c3c9f22b46109e80390415101bc681e0"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510534
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79cc4ed3-FRA
content-length: 29067
cf-request-id: 0aefd9f09200004ed36b96b000000001
server: cloudflare
origin-latency: 41

GET
H2 200 f479c8f9d198710b5cf35186b20284f5.jpg
i.pinimg.com/237x/f4/79/c8/ 12 KB
12 KB 145ms
140ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/f4/79/c8/f479c8f9d198710b5cf35186b20284f5.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d6b8af7425984c2b2e0fed1769c446ad58d41de60746619aa04c1d78713ba13

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "81e9b3181215de70202b3a7f8f87ff73"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510531
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79cd4ed3-FRA
content-length: 12505
cf-request-id: 0aefd9f09200004ed3b4396000000001
server: cloudflare
origin-latency: 66

GET
H2 200 18937ff5b80f3c739e8c32a199e33da7.jpg
i.pinimg.com/237x/18/93/7f/ 15 KB
15 KB 134ms
129ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/18/93/7f/18937ff5b80f3c739e8c32a199e33da7.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2a8da951e5fb1bab994537110bb58a21ef5bc369f948c841d7d5b4f0cf22003

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "e2ca1c3eb18694bf280df8ffa4760c11"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510533
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79cf4ed3-FRA
content-length: 15137
cf-request-id: 0aefd9f09300004ed3c4810000000001
server: cloudflare
origin-latency: 44

GET
H2 200 5acb3bdb4ea97ee8adc34ff66487bdc0.jpg
i.pinimg.com/237x/5a/cb/3b/ 21 KB
21 KB 137ms
132ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/5a/cb/3b/5acb3bdb4ea97ee8adc34ff66487bdc0.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d894250fc001c899f2f8da3112454d9198b2fd5c3d4460054bf1f5a7db2f309

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "11a964914765826510d98295376d29ea"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510538
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79d04ed3-FRA
content-length: 21327
cf-request-id: 0aefd9f09300004ed3da37a000000001
server: cloudflare
origin-latency: 39

GET
H2 200 1b645ad26391902ff4db2a38c48789fc.jpg
i.pinimg.com/237x/1b/64/5a/ 17 KB
17 KB 137ms
132ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/1b/64/5a/1b645ad26391902ff4db2a38c48789fc.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 859cfce2963648b03c58c353f1b2d5246c7b619758f9c8c07d5cfd89c0576972

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "3c24bd05dfe113f60e0e74277e2efc02"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510542
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79d34ed3-FRA
content-length: 17175
cf-request-id: 0aefd9f09700004ed38d260000000001
server: cloudflare
origin-latency: 35

GET
H2 200 296277c4bcf7700e48d160339832ad42.jpg
i.pinimg.com/237x/29/62/77/ 13 KB
14 KB 134ms
129ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/29/62/77/296277c4bcf7700e48d160339832ad42.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eacf80a59970025a895879880b174f7ecca299b6de4ff8cc23d1a9a415e483f5

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "31f6a174830c5bd8e8db54db1a23a349"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510539
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79dd4ed3-FRA
content-length: 13720
cf-request-id: 0aefd9f09600004ed399241000000001
server: cloudflare
origin-latency: 38

GET
H2 200 c12f76c453df7aa5f892763126beb08f.jpg
i.pinimg.com/237x/c1/2f/76/ 29 KB
29 KB 140ms
135ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/c1/2f/76/c12f76c453df7aa5f892763126beb08f.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef0ad40fa45b9dc51f10ab7194105007b2f5cd260e7990ceaf27e51583ade9bd

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "10a158bd7df3eedb483761b425af55cb"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510541
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79df4ed3-FRA
content-length: 29691
cf-request-id: 0aefd9f09600004ed3d4af3000000001
server: cloudflare
origin-latency: 39

GET
H2 200 5294e7507e400ee60bfa76bae01b6c0d.jpg
i.pinimg.com/237x/52/94/e7/ 21 KB
22 KB 140ms
135ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/52/94/e7/5294e7507e400ee60bfa76bae01b6c0d.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d6bd710b8a8747bbb6a1a20d4a7a15762b4bb639c75901c719d17e827f6f02b

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "90015a084840794345f3f40c18a552e1"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510543
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79e14ed3-FRA
content-length: 21964
cf-request-id: 0aefd9f09600004ed38f994000000001
server: cloudflare
origin-latency: 36

GET
H2 200 021907626e465260314baef122bdb787.jpg
i.pinimg.com/237x/02/19/07/ 24 KB
24 KB 144ms
139ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/02/19/07/021907626e465260314baef122bdb787.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1581a98c7cf9bf2b0299819f56357fbfa08a13626f000f204aea0e14cbca5b41

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "400bfa28380bbd58926372da405daea6"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510554
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79e24ed3-FRA
content-length: 24826
cf-request-id: 0aefd9f09a00004ed3b9aed000000001
server: cloudflare
origin-latency: 39

GET
H2 200 10d8ee93c2b315eca6f75036c3bc4d95.jpg
i.pinimg.com/237x/10/d8/ee/ 7 KB
7 KB 140ms
135ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/10/d8/ee/10d8ee93c2b315eca6f75036c3bc4d95.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afa07ffd0316f93d7980df193475bb8348d83c74faaabdd445dddc288518f48d

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "ed7eb598883eab0a3cb3798bd277835e"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510544
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79e54ed3-FRA
content-length: 7396
cf-request-id: 0aefd9f09700004ed3e195d000000001
server: cloudflare
origin-latency: 36

GET
H2 200 e6684a8f9a85768f5734b1f2663b81b3.jpg
i.pinimg.com/237x/e6/68/4a/ 20 KB
20 KB 145ms
140ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/e6/68/4a/e6684a8f9a85768f5734b1f2663b81b3.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dcba7b2b2f675c472efc594b7be7cb28fa05157895d601882df91de4b6b8c9f

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "34ad3afd3627688418a5894d867d08ac"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510545
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79e64ed3-FRA
content-length: 20618
cf-request-id: 0aefd9f09700004ed35b9be000000001
server: cloudflare
origin-latency: 50

GET
H2 200 3d097af73b4769b359b8ed1087f757af.jpg
i.pinimg.com/237x/3d/09/7a/ 8 KB
8 KB 143ms
138ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/3d/09/7a/3d097af73b4769b359b8ed1087f757af.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4776c46535052e39fc27cb2a91b9c759afc4541486e4ef8540287e308f3647ff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "846ba2fce3c4887449ebd7f4e21545e7"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510547
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79e84ed3-FRA
content-length: 8143
cf-request-id: 0aefd9f09800004ed3949ba000000001
server: cloudflare
origin-latency: 41

GET
H2 200 ab91ff1fcddc5b8deecd741531d9ed59.jpg
i.pinimg.com/237x/ab/91/ff/ 16 KB
16 KB 145ms
140ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/ab/91/ff/ab91ff1fcddc5b8deecd741531d9ed59.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b810b507cefa9ebf6eec323ec72e7d4e27800b6d46bab0c4df0d42a1b6cf938

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "b83b0e9a83ff1fa773bfca9711fd26eb"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510549
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa79e94ed3-FRA
content-length: 16060
cf-request-id: 0aefd9f09800004ed3c4811000000001
server: cloudflare
origin-latency: 45

GET
H2 200 95afa7220b58207ba474b57e7bc322e9.jpg
i.pinimg.com/237x/95/af/a7/ 30 KB
31 KB 48ms
44ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/95/af/a7/95afa7220b58207ba474b57e7bc322e9.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27ace02c9feb618341f3af57cde6c101efc0c7274adaaec3f87d17f6d062252e

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "f7370480e4570a78b91f76df8b363476"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510497
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa89eb4ed3-FRA
content-length: 31056
cf-request-id: 0aefd9f09800004ed35a393000000001
server: cloudflare
origin-latency: 6

GET
H2 200 c5306bc78426fed6c6b6171e3b2124df.jpg
i.pinimg.com/237x/c5/30/6b/ 48 KB
48 KB 143ms
139ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/c5/30/6b/c5306bc78426fed6c6b6171e3b2124df.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0af4ed368c1e4e168b14916ed2c851b5e30393d0aae6927cd4022cbe9d46f2d

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "1c5c78cfe4c5558ae7073a10a4e1116d"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510554
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa89ec4ed3-FRA
content-length: 48729
cf-request-id: 0aefd9f09800004ed38522f000000001
server: cloudflare
origin-latency: 37

GET
H2 200 956e4271f1f1765c951bddbc19113b13.jpg
i.pinimg.com/237x/95/6e/42/ 9 KB
9 KB 140ms
136ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/95/6e/42/956e4271f1f1765c951bddbc19113b13.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d25b73ed4010f9278e6b31c3d686b01745e63a806cbebb183c1b41a83ea63b9

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "1adc16c7446e1f0d0f1a77d70a70df75"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1624810510548
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa89ed4ed3-FRA
content-length: 8811
cf-request-id: 0aefd9f09800004ed3c2187000000001
server: cloudflare
origin-latency: 42

GET
H2 200 556ef1a6c5bd3ca436000c4f43c88af8.jpg
i.pinimg.com/237x/55/6e/f1/ 16 KB
16 KB 143ms
138ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/237x/55/6e/f1/556ef1a6c5bd3ca436000c4f43c88af8.jpg
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66c53c50b033ac5fd2a9ee8ba13bc3d9df5af078bd440a05a4b0973648a7a224

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
etag: "4b307c0341119a757ae72b82b0a578f9"
x-cdn: cloudflare
edge-start: 1624810510552
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 665ff8fa89ee4ed3-FRA
content-length: 15996
cf-request-id: 0aefd9f09800004ed3b4397000000001
server: cloudflare
origin-latency: 42

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa79b39de9e8642d83b281055cb5c154d6f6bac1308c216887dbb306ac3cabb8

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
geo.privacymanager.io/ 31 B
594 B 279ms
239ms Fetch
application/json 65.9.77.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: http://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c5846a520d69c8f9800059b170da9718a5c2557b6f517b608ce7ff455940f9da

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 02:29:08 GMT
via: 1.1 34495c55f60f27eca144ba9ae780fd5c.cloudfront.net (CloudFront), 1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
age: 49562
x-amzn-requestid: dccb0728-746b-49e4-89fe-cced039fff87
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-60d7e274-4010f1ae6a59e2134f6f6d33;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: LHR50-C1, AMS1-C1
x-amz-apigw-id: BkBSRE6gjoEFWWQ=
content-length: 31
x-amz-cf-id: 7ETyQoGoGdWWGmn5Mdo00Onp85dRZwcQjcGd3hIgcJ4i9Y93xnwcPQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET rid
match.adsrvr.org/track/ 0
0

GET identity
api.rlcdn.com/api/ 0
0

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
430 B 85ms
32ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=504384&u=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: http://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:10 GMT
X-AK-INITIAL-GEO: CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.124], XFF:[]
Server: Apache
Access-Control-Allow-Origin: http://babesinhairland.com
X-CS-CLIENT-GEO: 28
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 28
Expires: Sun, 27 Jun 2021 16:15:10 GMT

GET
H2 200 /
log.pinterest.com/ 0
333 B 199ms
127ms Image
text/plain 199.232.80.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=3pd4sgxYjNE5&tv=2021040501&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=1&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&viaSrc=canonical
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 4
x-cache-hits: 0
content-length: 0
x-served-by: cache-mrs10581-MRS
pragma: no-cache
server: envoy
x-timer: S1624810511.766052,VS0,VE93
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-pinterest-rid: 1166784476087887
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

74611878_494760484453465_4282114128014529382_nlow.jpg
babesinhairland.com/wp-content/uploads/sb-instagram-feed-images/
Redirect Chain

http://babesinhairland.com/wp-content/uploads/sb-instagram-feed-images/74611878_494760484453465_4282114128014529382_nlow.jpg
https://babesinhairland.com/wp-content/uploads/sb-instagram-feed-images/74611878_494760484453465_4282114128014529382_nlow.jpg

28 KB
28 KB

18ms
18ms

Image
image/jpeg

192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://babesinhairland.com/wp-content/uploads/sb-instagram-feed-images/74611878_494760484453465_4282114128014529382_nlow.jpg

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

06d5a416d6b7be6b75d935d8a06f05d628032d4ab45547c65cdc5f82e847d302

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:10 GMT
x-content-type-options: nosniff
x-sucuri-cache: HIT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 28458
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Tue, 18 Feb 2020 04:11:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 19026
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:10 GMT
X-Content-Type-Options: nosniff
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Location: https://babesinhairland.com/wp-content/uploads/sb-instagram-feed-images/74611878_494760484453465_4282114128014529382_nlow.jpg
X-Sucuri-Cache: HIT
Cache-Control: max-age=315360000
X-Sucuri-ID: 19026
Connection: keep-alive
Content-Length: 333
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

rt=ifr Show response
bcp.crwdcntrl.net/5/ct=y/c=13511/rand=573709179/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/ Frame 33AD
Redirect Chain

https://bcp.crwdcntrl.net/5/c=13511/rand=573709179/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr
https://bcp.crwdcntrl.net/5/ct=y/c=13511/rand=573709179/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr

1 KB
2 KB

78ms
78ms

Document
text/html

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=13511/rand=573709179/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/13511/cc_af.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2962a2f39903ffe4057dca6ccbcfbeed45b9955c37a184255ee2be1eb53f75af

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /5/ct=y/c=13511/rand=573709179/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _cc_cc=ctst
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
content-type: text/html;charset=utf-8
content-length: 1203
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.16.169
set-cookie: _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Thu, 24-Mar-2022 16:03:00 GMT;SameSite=None;Secure _cc_id=e3e558fef8f80c45d31051cb2e61b102;Path=/;Domain=crwdcntrl.net;Expires=Thu, 24-Mar-2022 16:03:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQSDVONTW1SEtNs0izMEg2MU0xNjQwNUxOMko1M0wyNDBiAIKEG0v4GeCAe9HbRlnG45kM%2FxkZGd4tmcMCY587eogZxt6977IAjL1rw1NuGPvSqUdsMPbhxQi9h75YwpgfT5zSgLH%2FbpwCV3LmpDqMCQCi8juI";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Thu, 24-Mar-2022 16:03:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGBIuLGEnwEGmBkYuGaAGOyCGRAqCUgCAFRRA4s%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Thu, 24-Mar-2022 16:03:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)

Redirect headers

date: Sun, 27 Jun 2021 16:15:11 GMT
content-length: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=13511/rand=573709179/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.21.204
set-cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
server: Jetty(9.4.38.v20210224)

GET

symbol-defs.svg
babesinhairland.com/wp-content/plugins/simple-social-icons/
Redirect Chain

http://babesinhairland.com/wp-content/plugins/simple-social-icons/symbol-defs.svg
https://babesinhairland.com/wp-content/plugins/simple-social-icons/symbol-defs.svg

0
0

GET
H2

200

tpid=4266901740972347906
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 33AD
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/e3e558fef8f80c45d31051cb2e61b102/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4266901740972347906

49 B
265 B

39ms
38ms

Image
image/gif

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4266901740972347906
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13511/rand=573709179/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:11 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.25.247
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4266901740972347906
pragma: no-cache
date: Sun, 27 Jun 2021 16:15:10 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

tpid=63372857739706555413232315337093838843
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame 33AD
Redirect Chain

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=e3e558fef8f80c45d31051cb2e61b102&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=e3e558fef8f80c45d31051cb2e61b102&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=63372857739706555413232315337093838843

49 B
265 B

38ms
38ms

Image
image/gif

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=63372857739706555413232315337093838843
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13511/rand=573709179/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:11 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.16.192
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

DCS: dcs-prod-irl1-1-v010-0e13354d5.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: RRsqBLjRQc8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=63372857739706555413232315337093838843
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 33AD
Redirect Chain

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=3db360d8-a40e-4d00-847b-3c8d7ca5a0d8

49 B
265 B

36ms
36ms

Image
image/gif

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=3db360d8-a40e-4d00-847b-3c8d7ca5a0d8
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13511/rand=573709179/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:11 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.30.210
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Date: Sun, 27 Jun 2021 16:15:03 GMT
Server: MT3 3799 851f7e8 master zrh-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=3db360d8-a40e-4d00-847b-3c8d7ca5a0d8
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 27 Jun 2021 16:15:02 GMT

GET
H/1.0 200
OK image.sbxx
global.ib-ibi.com/ Frame 33AD 0
72 B 537ms
99ms Image
text/plain 69.169.86.38
AMC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=e3e558fef8f80c45d31051cb2e61b102
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13511/rand=573709179/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_256_CBC
Server: 69.169.86.38 Cranford, United States, ASN29838 (AMC, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H2

200

tpid=YNikDwACN-VougA4&_test=YNikDwACN-VougA4
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 33AD
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YNikDwACN-VougA4
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YNikDwACN-VougA4&_test=YNikDwACN-VougA4

49 B
265 B

37ms
37ms

Image
image/gif

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YNikDwACN-VougA4&_test=YNikDwACN-VougA4
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13511/rand=573709179/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:11 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.25.242
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:11 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1624810511.446387,VS0,VE0
x-served-by: cache-fra19151-FRA
x-cache: HIT
location: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YNikDwACN-VougA4&_test=YNikDwACN-VougA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 33AD
Redirect Chain

https://id5-sync.com/s/19/9.gif?puid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1
https://id5-sync.com/c/19/19/9/1.gif?puid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1&gdpr_consent=
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOWo8LZfnJi51FSpdN3RLPEpiNZX-evjdug0EssA/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F8%2F2.gif%3Fpuid%3D%24%21%7BTURN_...
https://id5-sync.com/c/19/224/8/2.gif?puid=4266901740972347906&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F7%2F3.gif%3Fpui...
https://tags.bluekai.com/site/5907?limit=0&id=f4df576341470c036731eac8a120c1cf&redir=https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent=
https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOWo8LZfnJi51FSpdN3RLPEpi...
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZTNlNTU4ZmVmOGY4MGM0NWQzMTA1MWNiMmU2MWIxMDI&google_redir={xENCODEDURL}&id5id=ID5-ZHMOWo8LZfnJi51FSpdN3RLPEpiNZX-evjdug0EssA

170 B
523 B

101ms
32ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZTNlNTU4ZmVmOGY4MGM0NWQzMTA1MWNiMmU2MWIxMDI&google_redir={xENCODEDURL}&id5id=ID5-ZHMOWo8LZfnJi51FSpdN3RLPEpiNZX-evjdug0EssA

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13511/rand=573709179/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:11 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZTNlNTU4ZmVmOGY4MGM0NWQzMTA1MWNiMmU2MWIxMDI&google_redir={xENCODEDURL}&id5id=ID5-ZHMOWo8LZfnJi51FSpdN3RLPEpiNZX-evjdug0EssA
cache-control: no-cache
x-server: 10.45.18.52
content-length: 0
expires: 0

GET
H/1.1 200
OK geo.json Show response
ipwatch.monu.delivery/ 206 B
540 B 50ms
21ms XHR
application/javascript 2a01:7e00:1::b24f:afb0
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://ipwatch.monu.delivery/geo.json
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Server: 2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
server: nginx
content-type: application/json, application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, public, no-transform
connection: close
content-length: 206
expires: Sun, 27 Jun 2021 17:15:11 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 93 B
760 B 105ms
64ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 1027fa0863da4fa34d3281ceb5bef5f6e6827a0ed4923b75a6fb648b5ef4daa0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Jun 2021 16:15:11 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
478 B 124ms
71ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_728x90&cmd=bid&req=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&req(url)=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 7322be1a646dc7926df55b582bde674155f48591788822f87906b4c20903c65a

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Jun 2021 16:15:11 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
61 B 73ms
29ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: http://babesinhairland.com
access-control-allow-credentials: true
cf-ray: 665ff902c9704c9e-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 0aefd9f5c100004c9e50155000000001

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 65 B
632 B 336ms
113ms XHR
application/json 18.211.29.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bFQb0ON20r6RjGaKlId8sQ
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.29.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / 33Across
Resource Hash: c91f49e3df6b9709de93f81591758f2a2bf13bbc542fe283b4d30ce97c070df2

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://babesinhairland.com
access-control-allow-credentials: true

GET
H2 200 arj Show response
bloggernetwork-d.openx.net/w/1.0/ 173 B
355 B 90ms
32ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=286ec8f1-0a0f-4561-8831-3eaa3d490a4a&nocache=1624810511759&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&aus=728x90&divids=mmt-f6cee4b6-725c-4034-b6d3-d5c12b845ec7&aucs=&auid=539370378
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 3e3714acb99245a19cc356672f4ed934a595d4de49339a9e1cd10083026bd59a

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:11 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://babesinhairland.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
62 B 86ms
42ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://babesinhairland.com
date: Sun, 27 Jun 2021 16:15:11 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 105ms
54ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

f1639c853668f891e61b53b8585de074d841f934eb723f6ec3a3c05e75e92f76

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:11 GMT
X-Proxy-Origin: 82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f6dcf4e1-e39e-4044-a673-71fca997ae1a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://babesinhairland.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid_display Show response
display.bfmio.com/ 138 B
567 B 505ms
172ms XHR
text/plain 52.72.175.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://display.bfmio.com/prebid_display

Requested by

Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.175.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e5124e19529d1bab0b41651b7b3912e4b547a9a7345dc74b9c8d201b9903fa77

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding, User-Agent
Content-Type: text/plain;charset=iso-8859-1
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Expose-Headers: location
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 147

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 95 B
737 B 96ms
33ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22194a1abdc5ad488%22%3A%224038e93c4d4c13bc38d7%7C728x90%7Cgpid%3D%2F20842576%2FAUU01M%2FAUU01M-DDP.C%22%7D&ref=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&s=dd7a5ed4-acde-4a98-a3a2-dee132cfe9b2&pv=9e380750-8186-4500-8e45-011918686a40&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

4683d3f0458a208f4fef8bbccc7aa69b3a9108b1b37335fc2b268dc40bb30531

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:11 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: http://babesinhairland.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 120
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
227 B 127ms
40ms XHR
text/plain 52.17.188.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-f6cee4b6-725c-4034-b6d3-d5c12b845ec7%22%2C%22callback_id%22%3A%22210679a9713bfb8%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222568922370718770014%22%7D%5D&page_url=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&bust=1624810511765&pr=&scrd=1&dnt=false&description=Stop%20struggling%20with%20those%20curls.%20Find%20out%20how%20to%20care%20for%20your%20daughter%27s%20curly%20hair%20(or%20your%20curls)%20with%20tips%2C%20tricks%2C%20and%20advice%20from%20other%20curly%20girls!&title=How%20to%20Care%20for%20Your%20Daughter%27s%20Curly%20Hair%20-%20Tips%2C%20Tricks%20%26%20Advice&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.188.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-188-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://babesinhairland.com
pragma: no-cache
date: Sun, 27 Jun 2021 16:15:11 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
360 B 106ms
34ms XHR
application/json 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=95549&pi=3&bf=728x90&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ns=10240
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:11 GMT
content-type: application/json;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://babesinhairland.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
116 B 110ms
57ms XHR
text/plain 3.123.167.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.167.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://babesinhairland.com
date: Sun, 27 Jun 2021 16:15:11 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
373 B 54ms
54ms XHR
text/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&pid=ZzFph6V2kKRzD&cb=0&ws=1600x1200&v=7.66.00&t=2100&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2FAUU01M%2FAUU01M-DDP.C%22%7D%5D&cfgv=0&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
via: 1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://babesinhairland.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: CaOhq7OSHSq2iFd-CKXvoJ2gWw1swG4AKhXXBUT4JwcUQSAo_OKnOw==

GET
H/1.1 200
OK geo.json Show response
ipwatch.monu.delivery/ 206 B
540 B 41ms
20ms XHR
application/javascript 2a01:7e00:1::b24f:afb0
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://ipwatch.monu.delivery/geo.json
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Server: 2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
server: nginx
content-type: application/json, application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, public, no-transform
connection: close
content-length: 206
expires: Sun, 27 Jun 2021 17:15:11 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 95 B
737 B 93ms
32ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22294c83b4e955b3b%22%3A%224038e93c4d4c13bc38d7%7C728x90%7Cgpid%3D%2F20842576%2FAUU01M%2FAUU01M-DDP.A%22%7D&ref=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&s=bdb687c9-4c0a-4dce-9105-ea1bffc731f0&pv=9e380750-8186-4500-8e45-011918686a40&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

8adb963c45cdf18bbe764f74326f688ab14f877cd7341bcc268a449377705c2c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:11 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: http://babesinhairland.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 120
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
62 B 71ms
42ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://babesinhairland.com
date: Sun, 27 Jun 2021 16:15:11 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid_display Show response
display.bfmio.com/ 138 B
567 B 466ms
131ms XHR
text/plain 52.72.175.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://display.bfmio.com/prebid_display

Requested by

Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.175.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

d3aa2e8f993b8fad5640426559006a1bf9fd8bc168098cab0d7a3d72d4086d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding, User-Agent
Content-Type: text/plain;charset=iso-8859-1
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Expose-Headers: location
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 147

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
478 B 145ms
82ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_728x90&cmd=bid&req=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&req(url)=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 1ab745d6abd71e9cd8a1dd236d58f95025a0b89055281d10ce238fc0df2028fc

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Jun 2021 16:15:11 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 142 B
1 KB 136ms
85ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

260693715098c36fd5cf96688990d7fe5aab28a6160d4ba39100f4636b5bad0f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:11 GMT
X-Proxy-Origin: 82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 3aaac1bd-d1bc-41e3-aab3-a9316b250e6d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://babesinhairland.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 142
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
760 B 112ms
72ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: d702945fb7bfbc9db41c4fec1d51089e521be82dce8261c54c9264b9b41c5c8c

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Jun 2021 16:15:11 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
115 B 136ms
95ms XHR
text/plain 3.123.167.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.167.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://babesinhairland.com
date: Sun, 27 Jun 2021 16:15:11 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
630 B 312ms
113ms XHR
application/json 18.211.29.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bFQb0ON20r6RjGaKlId8sQ
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.29.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / 33Across
Resource Hash: e6d45298b7301860d772fb2c1a7a7eb8460ce16e11cc306b549920b07a129366

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://babesinhairland.com
access-control-allow-credentials: true

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
359 B 93ms
36ms XHR
application/json 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=95549&pi=3&bf=728x90&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ns=10240
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:11 GMT
content-type: application/json;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://babesinhairland.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
61 B 44ms
26ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: http://babesinhairland.com
access-control-allow-credentials: true
cf-ray: 665ff902c9714c9e-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 0aefd9f5c100004c9e69145000000001

GET
H2 200 arj Show response
bloggernetwork-d.openx.net/w/1.0/ 173 B
561 B 65ms
31ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b04ddd05-5b7d-4c05-a7ba-5775c26d39dd&nocache=1624810511783&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&aus=728x90&divids=mmt-9b984c03-b741-40b3-bdd4-3400df5d1f31&aucs=&auid=539370378
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 3610fbeb2f26d2bd4c960cc760fc557cd9252ca8414590d19d00a3b2ecb61ceb

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:11 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://babesinhairland.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
226 B 110ms
40ms XHR
text/plain 52.17.188.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-9b984c03-b741-40b3-bdd4-3400df5d1f31%22%2C%22callback_id%22%3A%2251628f0a383d835%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222568922370718770014%22%7D%5D&page_url=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&bust=1624810511783&pr=&scrd=1&dnt=false&description=Stop%20struggling%20with%20those%20curls.%20Find%20out%20how%20to%20care%20for%20your%20daughter%27s%20curly%20hair%20(or%20your%20curls)%20with%20tips%2C%20tricks%2C%20and%20advice%20from%20other%20curly%20girls!&title=How%20to%20Care%20for%20Your%20Daughter%27s%20Curly%20Hair%20-%20Tips%2C%20Tricks%20%26%20Advice&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.188.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-188-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://babesinhairland.com
pragma: no-cache
date: Sun, 27 Jun 2021 16:15:11 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
373 B 52ms
51ms XHR
text/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&pid=ZzFph6V2kKRzD&cb=1&ws=1600x1200&v=7.66.00&t=2100&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2FAUU01M%2FAUU01M-DDP.A%22%7D%5D&cfgv=0&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
via: 1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://babesinhairland.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: lJPIWe_BV_4MVbIr3gUrvodD2BKPG72Jr9hxJS3S3ZbGf3cTHyPCqg==

GET
H/1.1 200
OK geo.json Show response
ipwatch.monu.delivery/ 206 B
540 B 43ms
22ms XHR
application/javascript 2a01:7e00:1::b24f:afb0
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://ipwatch.monu.delivery/geo.json
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Server: 2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
server: nginx
content-type: application/json, application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, public, no-transform
connection: close
content-length: 206
expires: Sun, 27 Jun 2021 17:15:11 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
115 B 184ms
155ms XHR
text/plain 3.123.167.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.167.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://babesinhairland.com
date: Sun, 27 Jun 2021 16:15:11 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
115 B 237ms
209ms XHR
text/plain 3.123.167.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.167.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://babesinhairland.com
date: Sun, 27 Jun 2021 16:15:12 GMT
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
761 B 572ms
532ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 126b7022b7fb59498c46fdd588a819927b0208e6618436e367a9030f0b90da0c

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Jun 2021 16:15:12 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
118 B 54ms
41ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://babesinhairland.com
date: Sun, 27 Jun 2021 16:15:11 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
bloggernetwork-d.openx.net/w/1.0/ 173 B
373 B 54ms
31ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=838ef5ff-bd28-4139-8499-e6778a6a8d20&nocache=1624810511794&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&aus=300x250%2C300x600%2C160x600&divids=mmt-59c0ac00-7764-4c60-b309-726d8ae832b7&aucs=&auid=539370378
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: af56d72208ae082fe8ac092b6d8b1f0c983ac57ee42f5f44727e5b648fdeec8b

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:11 GMT
content-encoding: gzip
server: OXGW/16.209.0
timing-allow-origin: *
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://babesinhairland.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid_display Show response
display.bfmio.com/ 138 B
567 B 587ms
136ms XHR
text/plain 52.72.175.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://display.bfmio.com/prebid_display

Requested by

Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.175.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

894be11fa6c36fb727c3d2bd899816290f93821908a0bf5bf0602151c49bb2fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding, User-Agent
Content-Type: text/plain;charset=iso-8859-1
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Expose-Headers: location
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 147

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
321 B 30ms
26ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: http://babesinhairland.com
access-control-allow-credentials: true
cf-ray: 665ff902c9724c9e-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 0aefd9f5c100004c9ea9245000000001

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
478 B 277ms
151ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_300x250&cmd=bid&req=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&req(url)=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 019566f1f657fc60662596023865d8e7f4bd7cc7360dc561783ff7b548267397

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Jun 2021 16:15:12 GMT
Server: ATS/7.1.2.128
Age: 1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
478 B 439ms
180ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_300x600&cmd=bid&req=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&req(url)=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 8bf0667de0b6776d48dbcdf37a25e7e7e0f5d33df7c3b41d519fdd7ee61e50f2

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Jun 2021 16:15:12 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
478 B 437ms
160ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_160x600&cmd=bid&req=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&req(url)=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 1922280958d3110eeb115e6c304136e43201f1dd1742e6551d64ce8baa876eb6

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Jun 2021 16:15:12 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 118ms
46ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

21953c34315412b082146f20bae424143a76cbdb220337b4517cb71287fbc863

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:11 GMT
X-Proxy-Origin: 82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 6741241c-fc71-4216-a777-cb42167db119
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://babesinhairland.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 136 B
774 B 121ms
59ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2278dbd6941282e0c%22%3A%22177369c437c672237248%7C300x250%2C300x600%2C160x600%7Cgpid%3D%2F20842576%2FAUU01M%2FAUU01M-DDS.B%22%2C%227994cdddbc4a9c%22%3A%22dcc4cd9596e80d497120%7C300x250%2C300x600%2C160x600%7Cgpid%3D%2F20842576%2FAUU01M%2FAUU01M-DDS.B%22%2C%2280e8281050f04f5%22%3A%22d23fc2fbe929165f22f9%7C300x250%2C300x600%2C160x600%7Cgpid%3D%2F20842576%2FAUU01M%2FAUU01M-DDS.B%22%7D&ref=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&s=a9c6e487-e676-4001-aa80-9b6acaf4c056&pv=9e380750-8186-4500-8e45-011918686a40&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

67dc9453b3e8a58b6d91193b4866a2294cc3932d7f3d54c5ae417fb35d4e9967

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:11 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: http://babesinhairland.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 161
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
359 B 75ms
36ms XHR
application/json 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=95542&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ns=10240
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:11 GMT
content-type: application/json;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://babesinhairland.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
359 B 127ms
88ms XHR
application/json 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=95544&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ns=10240
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:11 GMT
content-type: application/json;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://babesinhairland.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
359 B 74ms
35ms XHR
application/json 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=95545&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ns=10240
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:11 GMT
content-type: application/json;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://babesinhairland.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
635 B 298ms
118ms XHR
application/json 18.211.29.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bFQb0ON20r6RjGaKlId8sQ
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.29.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / 33Across
Resource Hash: 12ad2021b07668fb3e60575a72c7bc306fc76b186bfed84d2716e500fac02bab

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://babesinhairland.com
access-control-allow-credentials: true

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
226 B 92ms
40ms XHR
text/plain 52.17.188.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-59c0ac00-7764-4c60-b309-726d8ae832b7%22%2C%22callback_id%22%3A%22882fd7116095336%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222568922370718770014%22%7D%5D&page_url=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&bust=1624810511800&pr=&scrd=1&dnt=false&description=Stop%20struggling%20with%20those%20curls.%20Find%20out%20how%20to%20care%20for%20your%20daughter%27s%20curly%20hair%20(or%20your%20curls)%20with%20tips%2C%20tricks%2C%20and%20advice%20from%20other%20curly%20girls!&title=How%20to%20Care%20for%20Your%20Daughter%27s%20Curly%20Hair%20-%20Tips%2C%20Tricks%20%26%20Advice&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.188.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-188-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://babesinhairland.com
pragma: no-cache
date: Sun, 27 Jun 2021 16:15:11 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
372 B 64ms
61ms XHR
text/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&pid=ZzFph6V2kKRzD&cb=2&ws=1600x1200&v=7.66.00&t=2100&slots=%5B%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F20842576%2FAUU01M%2FAUU01M-DDS.B%22%7D%5D&cfgv=0&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
via: 1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://babesinhairland.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: RP04URq05fLyWB21nkRsa5JiGOHJRMkLWiqxUcuhXNaSruRsJFpp2w==

GET
H/1.1 200
OK geo.json Show response
ipwatch.monu.delivery/ 206 B
540 B 41ms
21ms XHR
application/javascript 2a01:7e00:1::b24f:afb0
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://ipwatch.monu.delivery/geo.json
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Server: 2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
server: nginx
content-type: application/json, application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, public, no-transform
connection: close
content-length: 206
expires: Sun, 27 Jun 2021 17:15:11 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
373 B 58ms
58ms XHR
text/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&pid=ZzFph6V2kKRzD&cb=3&ws=1600x1200&v=7.66.00&t=2100&slots=%5B%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F20842576%2FAUU01M%2FAUU01M-DDS.C%22%7D%5D&cfgv=0&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
via: 1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://babesinhairland.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: PRz0tIzwLxhcegOYx3yrDx0VVUjQMAZcY5D9fCvXt0DgOuJCR0GCgw==

GET
H/1.1 200
OK geo.json Show response
ipwatch.monu.delivery/ 206 B
540 B 42ms
21ms XHR
application/javascript 2a01:7e00:1::b24f:afb0
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://ipwatch.monu.delivery/geo.json
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Server: 2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
server: nginx
content-type: application/json, application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, public, no-transform
connection: close
content-length: 206
expires: Sun, 27 Jun 2021 17:15:11 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
373 B 53ms
53ms XHR
text/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&pid=ZzFph6V2kKRzD&cb=4&ws=1600x1200&v=7.66.00&t=2100&slots=%5B%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F20842576%2FAUU01M%2FAUU01M-DDT.E%22%7D%5D&cfgv=0&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
via: 1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://babesinhairland.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 7eoWxyP_CipQt6l_xy3TdjNtjXJrfpbj-jYSNy7VyZlhXv8fbhrL7w==

GET
H/1.1 200
OK geo.json Show response
ipwatch.monu.delivery/ 206 B
540 B 42ms
22ms XHR
application/javascript 2a01:7e00:1::b24f:afb0
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://ipwatch.monu.delivery/geo.json
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Server: 2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
server: nginx
content-type: application/json, application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, public, no-transform
connection: close
content-length: 206
expires: Sun, 27 Jun 2021 17:15:11 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
372 B 51ms
50ms XHR
text/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&pid=ZzFph6V2kKRzD&cb=5&ws=1600x1200&v=7.66.00&t=2100&slots=%5B%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2FAUU01M%2FAUU01M-DDA.B%22%7D%5D&cfgv=0&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
via: 1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://babesinhairland.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: pHlwy7TOAbG8dcf0FmrTy4yPunavwyKN_VMru2yJS7AkjphILb8PPA==

GET
H/1.1 200
OK geo.json Show response
ipwatch.monu.delivery/ 206 B
540 B 41ms
21ms XHR
application/javascript 2a01:7e00:1::b24f:afb0
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://ipwatch.monu.delivery/geo.json
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Server: 2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
server: nginx
content-type: application/json, application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, public, no-transform
connection: close
content-length: 206
expires: Sun, 27 Jun 2021 17:15:11 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
372 B 57ms
53ms XHR
text/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&pid=ZzFph6V2kKRzD&cb=6&ws=1600x1200&v=7.66.00&t=2100&slots=%5B%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F20842576%2FAUU01M%2FAUU01M-DDR.A%22%7D%5D&cfgv=0&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
via: 1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://babesinhairland.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: g-vaoD-0-IDlt33fuTAnF9HTJfQsfR4v_vBbMmzKCH5JMpzHmpV6SA==

GET
H/1.1 200
OK geo.json Show response
ipwatch.monu.delivery/ 206 B
540 B 43ms
21ms XHR
application/javascript 2a01:7e00:1::b24f:afb0
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://ipwatch.monu.delivery/geo.json
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Server: 2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
server: nginx
content-type: application/json, application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, public, no-transform
connection: close
content-length: 206
expires: Sun, 27 Jun 2021 17:15:11 GMT

GET
H/1.1 200
OK geo.json Show response
ipwatch.monu.delivery/ 206 B
540 B 44ms
21ms XHR
application/javascript 2a01:7e00:1::b24f:afb0
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://ipwatch.monu.delivery/geo.json
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Server: 2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
server: nginx
content-type: application/json, application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, public, no-transform
connection: close
content-length: 206
expires: Sun, 27 Jun 2021 17:15:11 GMT

GET
H/1.1 200
OK geo.json Show response
ipwatch.monu.delivery/ 206 B
540 B 60ms
22ms XHR
application/javascript 2a01:7e00:1::b24f:afb0
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://ipwatch.monu.delivery/geo.json
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Server: 2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
server: nginx
content-type: application/json, application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, public, no-transform
connection: close
content-length: 206
expires: Sun, 27 Jun 2021 17:15:11 GMT

GET
H/1.1 200
OK geo.json Show response
ipwatch.monu.delivery/ 206 B
540 B 64ms
21ms XHR
application/javascript 2a01:7e00:1::b24f:afb0
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://ipwatch.monu.delivery/geo.json
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Server: 2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
server: nginx
content-type: application/json, application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, public, no-transform
connection: close
content-length: 206
expires: Sun, 27 Jun 2021 17:15:11 GMT

GET
H/1.1 200
OK geo.json Show response
ipwatch.monu.delivery/ 206 B
540 B 73ms
26ms XHR
application/javascript 2a01:7e00:1::b24f:afb0
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://ipwatch.monu.delivery/geo.json
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Server: 2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
server: nginx
content-type: application/json, application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, public, no-transform
connection: close
content-length: 206
expires: Sun, 27 Jun 2021 17:15:11 GMT

GET
H/1.1 200
OK geo.json Show response
ipwatch.monu.delivery/ 206 B
540 B 81ms
27ms XHR
application/javascript 2a01:7e00:1::b24f:afb0
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://ipwatch.monu.delivery/geo.json
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Server: 2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
server: nginx
content-type: application/json, application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, public, no-transform
connection: close
content-length: 206
expires: Sun, 27 Jun 2021 17:15:11 GMT

GET
H/1.1 200
OK geo.json Show response
ipwatch.monu.delivery/ 206 B
540 B 88ms
25ms XHR
application/javascript 2a01:7e00:1::b24f:afb0
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://ipwatch.monu.delivery/geo.json
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Server: 2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:11 GMT
server: nginx
content-type: application/json, application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, public, no-transform
connection: close
content-length: 206
expires: Sun, 27 Jun 2021 17:15:11 GMT

GET
H/1.1 200
OK mmt.gif
imps.monu.delivery/ 37 B
730 B 227ms
225ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://imps.monu.delivery/mmt.gif?s=d92013a9-500e-40c1-bfdb-e8319fa5a732&a=s.d&u=f6cee4b6-725c-4034-b6d3-d5c12b845ec7
Protocol: HTTP/1.1
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 15:52:34 GMT
Age: 1357
X-GUploader-UploadID: ABg5-UxLTQayLwMVlj9pSc3waCq6GrPLEggjtrOgKHrgzJt-_KUwldTkMIhVbNyEqseflBHjXbXgjvrciM6Amz703YZvdhGKdg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 37
Last-Modified: Wed, 12 Jul 2017 09:13:19 GMT
Server: UploadServer
ETag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
Cache-Control: public, max-age=3600
x-goog-stored-content-length: 37
Accept-Ranges: bytes
Content-Type: image/gif
Expires: Sun, 27 Jun 2021 16:52:34 GMT

GET
H/1.1 200
OK mmt.gif
imps.monu.delivery/ 37 B
730 B 265ms
19ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://imps.monu.delivery/mmt.gif?s=d92013a9-500e-40c1-bfdb-e8319fa5a732&a=s.d&u=9b984c03-b741-40b3-bdd4-3400df5d1f31
Protocol: HTTP/1.1
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 15:52:34 GMT
Age: 1358
X-GUploader-UploadID: ABg5-UxLTQayLwMVlj9pSc3waCq6GrPLEggjtrOgKHrgzJt-_KUwldTkMIhVbNyEqseflBHjXbXgjvrciM6Amz703YZvdhGKdg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 37
Last-Modified: Wed, 12 Jul 2017 09:13:19 GMT
Server: UploadServer
ETag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
Cache-Control: public, max-age=3600
x-goog-stored-content-length: 37
Accept-Ranges: bytes
Content-Type: image/gif
Expires: Sun, 27 Jun 2021 16:52:34 GMT

GET
H/1.1 200
OK mmt.gif
imps.monu.delivery/ 37 B
730 B 283ms
18ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://imps.monu.delivery/mmt.gif?s=d92013a9-500e-40c1-bfdb-e8319fa5a732&a=s.d&u=59c0ac00-7764-4c60-b309-726d8ae832b7
Protocol: HTTP/1.1
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 15:52:34 GMT
Age: 1358
X-GUploader-UploadID: ABg5-UxLTQayLwMVlj9pSc3waCq6GrPLEggjtrOgKHrgzJt-_KUwldTkMIhVbNyEqseflBHjXbXgjvrciM6Amz703YZvdhGKdg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 37
Last-Modified: Wed, 12 Jul 2017 09:13:19 GMT
Server: UploadServer
ETag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
Cache-Control: public, max-age=3600
x-goog-stored-content-length: 37
Accept-Ranges: bytes
Content-Type: image/gif
Expires: Sun, 27 Jun 2021 16:52:34 GMT

GET
H/1.1 200
OK mmt.gif
imps.monu.delivery/ 37 B
730 B 302ms
18ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://imps.monu.delivery/mmt.gif?s=d92013a9-500e-40c1-bfdb-e8319fa5a732&a=s.d&u=168c2501-db28-4f81-a42c-421822f063eb
Protocol: HTTP/1.1
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 15:52:34 GMT
Age: 1358
X-GUploader-UploadID: ABg5-UxLTQayLwMVlj9pSc3waCq6GrPLEggjtrOgKHrgzJt-_KUwldTkMIhVbNyEqseflBHjXbXgjvrciM6Amz703YZvdhGKdg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 37
Last-Modified: Wed, 12 Jul 2017 09:13:19 GMT
Server: UploadServer
ETag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
Cache-Control: public, max-age=3600
x-goog-stored-content-length: 37
Accept-Ranges: bytes
Content-Type: image/gif
Expires: Sun, 27 Jun 2021 16:52:34 GMT

GET
H/1.1 200
OK mmt.gif
imps.monu.delivery/ 37 B
730 B 320ms
18ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://imps.monu.delivery/mmt.gif?s=d92013a9-500e-40c1-bfdb-e8319fa5a732&a=s.d&u=80284279-b7da-4f76-b2aa-5bea9f07f95b
Protocol: HTTP/1.1
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 15:52:34 GMT
Age: 1358
X-GUploader-UploadID: ABg5-UxLTQayLwMVlj9pSc3waCq6GrPLEggjtrOgKHrgzJt-_KUwldTkMIhVbNyEqseflBHjXbXgjvrciM6Amz703YZvdhGKdg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 37
Last-Modified: Wed, 12 Jul 2017 09:13:19 GMT
Server: UploadServer
ETag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
Cache-Control: public, max-age=3600
x-goog-stored-content-length: 37
Accept-Ranges: bytes
Content-Type: image/gif
Expires: Sun, 27 Jun 2021 16:52:34 GMT

GET
H/1.1 200
OK mmt.gif
imps.monu.delivery/ 37 B
730 B 341ms
20ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://imps.monu.delivery/mmt.gif?s=d92013a9-500e-40c1-bfdb-e8319fa5a732&a=s.d&u=df98e700-2954-4a18-a169-750c006510ee
Protocol: HTTP/1.1
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 15:52:34 GMT
Age: 1358
X-GUploader-UploadID: ABg5-UxLTQayLwMVlj9pSc3waCq6GrPLEggjtrOgKHrgzJt-_KUwldTkMIhVbNyEqseflBHjXbXgjvrciM6Amz703YZvdhGKdg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 37
Last-Modified: Wed, 12 Jul 2017 09:13:19 GMT
Server: UploadServer
ETag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
Cache-Control: public, max-age=3600
x-goog-stored-content-length: 37
Accept-Ranges: bytes
Content-Type: image/gif
Expires: Sun, 27 Jun 2021 16:52:34 GMT

GET
H/1.1 200
OK mmt.gif
imps.monu.delivery/ 37 B
730 B 237ms
18ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://imps.monu.delivery/mmt.gif?s=d92013a9-500e-40c1-bfdb-e8319fa5a732&a=s.d&u=b6ca773d-eea7-4536-92fe-b03c0d8e826c
Protocol: HTTP/1.1
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 15:52:34 GMT
Age: 1358
X-GUploader-UploadID: ABg5-UxLTQayLwMVlj9pSc3waCq6GrPLEggjtrOgKHrgzJt-_KUwldTkMIhVbNyEqseflBHjXbXgjvrciM6Amz703YZvdhGKdg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 37
Last-Modified: Wed, 12 Jul 2017 09:13:19 GMT
Server: UploadServer
ETag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
Cache-Control: public, max-age=3600
x-goog-stored-content-length: 37
Accept-Ranges: bytes
Content-Type: image/gif
Expires: Sun, 27 Jun 2021 16:52:34 GMT

GET
H2 200 otSDKStub.js Show response
cmp-cdn.cookielaw.org/scripttemplates/ 13 KB
5 KB 44ms
16ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2598fd0548d38d4414901e577ef33247f82a30acdb68a74236496143f7077192

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JVAndnKaGjIy3NFOrT6xPQ==
age: 317
cf-polished: origSize=13478
last-modified: Fri, 05 Feb 2021 17:39:07 GMT
vary: Accept-Encoding
cf-request-id: 0aefd9f6d800004a555d8ac000000001
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 843842a4-201e-002b-2560-1f541a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 665ff904897f4a55-FRA
expires: Sun, 27 Jun 2021 20:15:12 GMT

GET
H2 200 bottom-center-default-global.json Show response
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 3 KB
1 KB 113ms
90ms XHR
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json

Requested by

Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: tXBT16ktnX7ktreh09r26A==
cf-request-id: 0aefd9f70900002be967a75000000001
x-ms-lease-status: unlocked
last-modified: Fri, 05 Feb 2021 17:34:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 491d1416-501e-0031-256f-6b35c5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 665ff904dc872be9-FRA

GET
H2 200 bottom-center-default-global.json Show response
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 3 KB
1 KB 107ms
84ms XHR
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json

Requested by

Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: tXBT16ktnX7ktreh09r26A==
cf-request-id: 0aefd9f70700002be9aa3df000000001
x-ms-lease-status: unlocked
last-modified: Fri, 05 Feb 2021 17:34:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 74294670-801e-0050-186f-6b1686000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 665ff904dc952be9-FRA

GET
H2 200 bottom-center-default-global.json Show response
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 3 KB
2 KB 99ms
78ms XHR
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json

Requested by

Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: tXBT16ktnX7ktreh09r26A==
cf-request-id: 0aefd9f70700002be931993000000001
x-ms-lease-status: unlocked
last-modified: Fri, 05 Feb 2021 17:34:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: b22002f9-b01e-005b-636f-6beded000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 665ff904dc932be9-FRA

GET
H2 200 bottom-center-default-global.json Show response
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 3 KB
1 KB 180ms
160ms XHR
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json

Requested by

Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: tXBT16ktnX7ktreh09r26A==
cf-request-id: 0aefd9f70800002be9b5870000000001
x-ms-lease-status: unlocked
last-modified: Fri, 05 Feb 2021 17:34:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 74294685-801e-0050-2d6f-6b1686000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 665ff904dc9b2be9-FRA

GET
H2 200 bottom-center-default-global.json Show response
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 3 KB
1 KB 192ms
172ms XHR
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json

Requested by

Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: tXBT16ktnX7ktreh09r26A==
cf-request-id: 0aefd9f70b00002be918331000000001
x-ms-lease-status: unlocked
last-modified: Fri, 05 Feb 2021 17:34:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 98648dc9-701e-0009-266f-6b9105000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 665ff904dcaf2be9-FRA

GET
H2 200 bottom-center-default-global.json Show response
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 3 KB
1 KB 104ms
85ms XHR
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json

Requested by

Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: tXBT16ktnX7ktreh09r26A==
cf-request-id: 0aefd9f70900002be9ad324000000001
x-ms-lease-status: unlocked
last-modified: Fri, 05 Feb 2021 17:34:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8e0b88f2-c01e-0041-6c6f-6b8c32000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 665ff904dca42be9-FRA

GET
H2 200 bottom-center-default-global.json Show response
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 3 KB
1 KB 192ms
174ms XHR
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json

Requested by

Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: tXBT16ktnX7ktreh09r26A==
cf-request-id: 0aefd9f70a00002be918330000000001
x-ms-lease-status: unlocked
last-modified: Fri, 05 Feb 2021 17:34:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 491d1435-501e-0031-416f-6b35c5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 665ff904dca82be9-FRA

GET
H2 200 bottom-center-default-global.json Show response
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 3 KB
1 KB 112ms
96ms XHR
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json

Requested by

Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: tXBT16ktnX7ktreh09r26A==
cf-request-id: 0aefd9f70700002be9afb2d000000001
x-ms-lease-status: unlocked
last-modified: Fri, 05 Feb 2021 17:34:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 928cedb3-101e-0020-706f-6baf71000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 665ff904dc912be9-FRA

GET
H2 200 bottom-center-default-global.json Show response
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 3 KB
1 KB 187ms
172ms XHR
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json

Requested by

Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: tXBT16ktnX7ktreh09r26A==
cf-request-id: 0aefd9f70700002be91832f000000001
x-ms-lease-status: unlocked
last-modified: Fri, 05 Feb 2021 17:34:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 74294683-801e-0050-2b6f-6b1686000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 665ff904dc8f2be9-FRA

GET
H2 200 bottom-center-default-global.json Show response
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 3 KB
1 KB 100ms
85ms XHR
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json

Requested by

Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: tXBT16ktnX7ktreh09r26A==
cf-request-id: 0aefd9f70900002be9463a8000000001
x-ms-lease-status: unlocked
last-modified: Fri, 05 Feb 2021 17:34:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: e777cc1b-a01e-0025-776f-6b7daa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 665ff904dca72be9-FRA

GET
H2 200 bottom-center-default-global.json Show response
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 3 KB
1 KB 112ms
97ms XHR
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json

Requested by

Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: tXBT16ktnX7ktreh09r26A==
cf-request-id: 0aefd9f70800002be991afa000000001
x-ms-lease-status: unlocked
last-modified: Fri, 05 Feb 2021 17:34:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: da82ad79-101e-0042-6b6f-6b6d56000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 665ff904dc972be9-FRA

GET
H2 200 bottom-center-default-global.json Show response
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 3 KB
1 KB 110ms
97ms XHR
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json

Requested by

Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: tXBT16ktnX7ktreh09r26A==
cf-request-id: 0aefd9f70900002be991afc000000001
x-ms-lease-status: unlocked
last-modified: Fri, 05 Feb 2021 17:34:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 931f05ce-d01e-002f-146f-6bd91d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 665ff904dca52be9-FRA

GET
H2 200 bottom-center-default-global.json Show response
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 3 KB
1 KB 99ms
87ms XHR
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json

Requested by

Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: tXBT16ktnX7ktreh09r26A==
cf-request-id: 0aefd9f70600002be95b315000000001
x-ms-lease-status: unlocked
last-modified: Fri, 05 Feb 2021 17:34:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 1d0ca185-201e-002b-7a6f-6b541a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 665ff904dc8e2be9-FRA

GET
H2 200 bottom-center-default-global.json Show response
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 3 KB
1 KB 97ms
85ms XHR
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json

Requested by

Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: tXBT16ktnX7ktreh09r26A==
cf-request-id: 0aefd9f70600002be9669c1000000001
x-ms-lease-status: unlocked
last-modified: Fri, 05 Feb 2021 17:34:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d254423b-a01e-0035-196f-6bb8c2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 665ff904dc8c2be9-FRA

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
408 B 52ms
30ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 665ff9058d4d2bd2-FRA
cf-request-id: 0aefd9f77500002bd256b98000000001

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
62 B 28ms
27ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://babesinhairland.com
date: Sun, 27 Jun 2021 16:15:12 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
bloggernetwork-d.openx.net/w/1.0/ 173 B
360 B 31ms
31ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7b52dde4-887d-4828-bb83-2c7c73361755&nocache=1624810512237&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&aus=300x250%2C300x600%2C160x600&divids=mmt-168c2501-db28-4f81-a42c-421822f063eb&aucs=&auid=539370378
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 44c7595c7616f1d5a528c80e4732e1adc4206f31c1126a6b85546357b6f78881

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://babesinhairland.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid_display Show response
display.bfmio.com/ 138 B
567 B 160ms
127ms XHR
text/plain 52.72.175.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://display.bfmio.com/prebid_display

Requested by

Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.175.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

9c7c1fa4f1cd4a94f5865e09ed103a1c208756cabd8be5d55b5dd704975adfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding, User-Agent
Content-Type: text/plain;charset=iso-8859-1
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Expose-Headers: location
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 147

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 140 B
692 B 63ms
62ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22100510e074eaab11%22%3A%22177369c437c672237248%7C300x250%2C300x600%2C160x600%7Cgpid%3D%2F20842576%2FAUU01M%2FAUU01M-DDS.C%22%2C%22101ba8df6ff54389%22%3A%22dcc4cd9596e80d497120%7C300x250%2C300x600%2C160x600%7Cgpid%3D%2F20842576%2FAUU01M%2FAUU01M-DDS.C%22%2C%221021b12a9e1225b7%22%3A%22d23fc2fbe929165f22f9%7C300x250%2C300x600%2C160x600%7Cgpid%3D%2F20842576%2FAUU01M%2FAUU01M-DDS.C%22%7D&ref=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&s=08fafb72-92b2-4074-a80d-151dc52e3a0a&pv=9e380750-8186-4500-8e45-011918686a40&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

f1038210fbb931b00eb5448b6433bff41d59925484996b802ecc82f89fa4fb66

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:12 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: http://babesinhairland.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 165
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 57ms
56ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

61d495d8536f5fe622fd3d8f38e49157575fa6089a1af7f214f94f6eb8c1ec51

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:12 GMT
X-Proxy-Origin: 82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: ea87b9b6-49e0-46e3-8d42-eb1ca925b4e2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://babesinhairland.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
359 B 35ms
35ms XHR
application/json 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=95542&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ns=10240
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:12 GMT
content-type: application/json;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://babesinhairland.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
359 B 40ms
36ms XHR
application/json 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=95544&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ns=10240
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:12 GMT
content-type: application/json;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://babesinhairland.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
359 B 39ms
36ms XHR
application/json 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=95545&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ns=10240
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:12 GMT
content-type: application/json;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://babesinhairland.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
226 B 44ms
41ms XHR
text/plain 52.17.188.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-168c2501-db28-4f81-a42c-421822f063eb%22%2C%22callback_id%22%3A%2211067ee6b610ed72%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222568922370718770014%22%7D%5D&page_url=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&bust=1624810512241&pr=&scrd=1&dnt=false&description=Stop%20struggling%20with%20those%20curls.%20Find%20out%20how%20to%20care%20for%20your%20daughter%27s%20curly%20hair%20(or%20your%20curls)%20with%20tips%2C%20tricks%2C%20and%20advice%20from%20other%20curly%20girls!&title=How%20to%20Care%20for%20Your%20Daughter%27s%20Curly%20Hair%20-%20Tips%2C%20Tricks%20%26%20Advice&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.188.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-188-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://babesinhairland.com
pragma: no-cache
date: Sun, 27 Jun 2021 16:15:12 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
478 B 261ms
258ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_300x250&cmd=bid&req=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&req(url)=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: a0e15b3008ff0758230aeed2aa0f561fe61082f59136c3ef7bbeaaf7c1eeb762

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Jun 2021 16:15:12 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
478 B 203ms
200ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_300x600&cmd=bid&req=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&req(url)=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 675ed6c8b6651c2fa81d779adfab9c6b20b19e76e49651b1e3487a68887f22d3

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Jun 2021 16:15:12 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
478 B 166ms
163ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_160x600&cmd=bid&req=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&req(url)=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 243340307167f5bd8847e2fea6324a9fcf6f201c2f3867bfd18fc9919b5ab216

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Jun 2021 16:15:12 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
84 B 25ms
23ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Jun 2021 16:15:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: http://babesinhairland.com
access-control-allow-credentials: true
cf-ray: 665ff9059eb04c9e-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 0aefd9f77f00004c9e57a21000000001

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 67 B
634 B 113ms
111ms XHR
application/json 18.211.29.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bFQb0ON20r6RjGaKlId8sQ
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.29.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / 33Across
Resource Hash: 3da855756d952f2de9bc25a89e94be01895d9bfa2618c715470bfe3c7bde650c

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://babesinhairland.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
115 B 118ms
117ms XHR
text/plain 3.123.167.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.167.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://babesinhairland.com
date: Sun, 27 Jun 2021 16:15:12 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
115 B 67ms
66ms XHR
text/plain 3.123.167.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.167.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://babesinhairland.com
date: Sun, 27 Jun 2021 16:15:12 GMT
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
761 B 120ms
120ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 136a2ab137338e37851efa49d09d883f939a483cd6f609b76b4c416abcf54c29

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Jun 2021 16:15:12 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ 107 B
853 B 52ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=babesinhairland.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062404.js?31061706

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 37ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=babesinhairland.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062404.js?31061706

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 65 KB
26 KB 573ms
571ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3048066275316788&correlator=869148958870614&output=ldjh&impl=fifs&eid=31061706%2C31060400%2C31061003%2C31061415&vrg=2021062404&ptt=17&sc=0&sfv=1-0-38&ecs=20210627&iu_parts=20842576%2CAUU01M%2CAUU01M-DDP.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=pos%3D1%26monu%3D728x90_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dnot_approved%26ix_eb%3Dnot_approved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26target_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie_enabled=1&bc=23&abxe=1&lmt=1624810512&dt=1624810512280&dlt=1624810509033&idt=1211&frm=20&biw=1600&bih=1200&oid=3&adxs=211&adys=7195&adks=1552028411&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&vis=1&scr_x=0&scr_y=0&psz=730x55&msz=728x0&ga_vid=251415359.1624810510&ga_sid=1624810512&ga_hid=1381641459&ga_fc=false&fws=0&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062404.js?31061706

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

5786cb29a5fc0b680709e71c8e318d4d751bf24e207689214db9e2638b04e5eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26400
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://babesinhairland.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D3C1 6 KB
3 KB 54ms
13ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062404.js?31061706

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 27 Jun 2021 16:15:12 GMT
expires: Mon, 27 Jun 2022 16:15:12 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 560ms
559ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3048066275316788&correlator=3369188920920597&output=ldjh&impl=fifs&eid=31061706%2C31060400%2C31061003%2C31061415&vrg=2021062404&ptt=17&sc=0&sfv=1-0-38&ecs=20210627&iu_parts=20842576%2CAUU01M%2CAUU01M-DDP.C&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=pos%3D3%26monu%3D728x90_B3%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dnot_approved%26ix_eb%3Dnot_approved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26target_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie_enabled=1&bc=23&abxe=1&lmt=1624810512&dt=1624810512309&dlt=1624810509033&idt=1211&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=60&adks=3778069295&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&vis=1&scr_x=0&scr_y=0&psz=1600x65&msz=728x0&ga_vid=251415359.1624810510&ga_sid=1624810512&ga_hid=1381641459&ga_fc=false&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062404.js?31061706

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

4544acb7ac7d4390b2be6914690dbc8a6942bc49381cc34531f34438962dc813

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7400
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://babesinhairland.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
226 B 22ms
22ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 665ff9060e822bd2-FRA
cf-request-id: 0aefd9f7c500002bd2e4306000000001

GET
H2 200 otBannerSdk.js Show response
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/ 366 KB
81 KB 41ms
40ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js

Requested by

Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3e760afd8b413ecb7bd30370d4e5e2bfd5a847e8dc2c0f0e39d7621eba92c4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2hymstrqSFu7c4C3tsoodg==
age: 2620
cf-polished: origSize=374787
last-modified: Fri, 05 Feb 2021 17:39:17 GMT
vary: Accept-Encoding
cf-request-id: 0aefd9f7ce00004a5565393000000001
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 992d63c4-001e-005e-7f60-1f3f36000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 665ff9061e0c4a55-FRA
expires: Sun, 27 Jun 2021 20:15:12 GMT

GET
H2 204 services Show response
g2.gumgum.com/zones/95549/ 0
276 B 41ms
39ms XHR
text/plain 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/zones/95549/services?dp=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&pu=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ogu=https%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&rf=&r=3.83.1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.83.1%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10240&bf=9817fedb5be462d49a60039995f085b2f602fcc6&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1624810512372&to=-120&vpii=false&vph=1200&vpw=1600&productIds=1%2C5&gdprApplies=0
Requested by: Host: js.gumgum.com
URL: http://js.gumgum.com/services.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: http://babesinhairland.com
date: Sun, 27 Jun 2021 16:15:12 GMT
access-control-allow-credentials: true
server: nginx
timing-allow-origin: *
etag: "0d41d8cd98f00b204e9800998ecf8427e"
p3p: CP="This is not a P3P policy"

GET
H2 200 en.json Show response
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/d3a41f70-70b4-4dcf-8a71-84c30d7fbc6c/ 37 KB
9 KB 45ms
44ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/d3a41f70-70b4-4dcf-8a71-84c30d7fbc6c/en.json

Requested by

Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbafb4fa88edf10e79c8a8361b4eb2f365b5d5af700354e140af131ed2bcd208

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: 6aAZFzb6UKpVDwi1VwLGeA==
cf-request-id: 0aefd9f81500002be91eb3b000000001
x-ms-lease-status: unlocked
last-modified: Fri, 05 Feb 2021 17:34:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: e777cc4e-a01e-0025-2a6f-6b7daa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 665ff906896e2be9-FRA

GET
H2 200 iab2Data.json Show response
cdn.cookielaw.org/vendorlist/ 252 KB
35 KB 23ms
20ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2Data.json

Requested by

Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e28f989c45acf94de84baf9e08f9598c5d2c48d6c3f7b30d79be176676336a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: vNf+MhzaceVC7sAH9uGwJA==
age: 3119
vary: Accept-Encoding
content-length: 35665
cf-request-id: 0aefd9f81600002be95312e000000001
x-ms-lease-status: unlocked
last-modified: Sun, 27 Jun 2021 13:00:02 GMT
server: cloudflare
etag: 0x8D9396B7A49B795
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1488ee36-f01e-0043-4568-6bf20f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 665ff906897a2be9-FRA

GET
H2 200 otTCF.js Show response
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/ 67 KB
15 KB 16ms
16ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otTCF.js

Requested by

Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a394d231cf4239d223b519366211f838236e4a3c2b76037e013bf8dabd43a749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: KgOdlQGhgiHAfAnDQiJaFQ==
age: 320
cf-polished: origSize=68680
last-modified: Fri, 05 Feb 2021 17:39:14 GMT
vary: Accept-Encoding
cf-request-id: 0aefd9f81500004a5520255000000001
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3498ee4a-701e-0036-775e-1f59a6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 665ff9068f2c4a55-FRA
expires: Sun, 27 Jun 2021 20:15:12 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
62 B 41ms
41ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://babesinhairland.com
date: Sun, 27 Jun 2021 16:15:10 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
226 B 41ms
40ms XHR
text/plain 52.17.188.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-80284279-b7da-4f76-b2aa-5bea9f07f95b%22%2C%22callback_id%22%3A%2213230d597122dad2%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222568922370718770014%22%7D%5D&page_url=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&bust=1624810512452&pr=&scrd=1&dnt=false&description=Stop%20struggling%20with%20those%20curls.%20Find%20out%20how%20to%20care%20for%20your%20daughter%27s%20curly%20hair%20(or%20your%20curls)%20with%20tips%2C%20tricks%2C%20and%20advice%20from%20other%20curly%20girls!&title=How%20to%20Care%20for%20Your%20Daughter%27s%20Curly%20Hair%20-%20Tips%2C%20Tricks%20%26%20Advice&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.188.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-188-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://babesinhairland.com
pragma: no-cache
date: Sun, 27 Jun 2021 16:15:12 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
763 B 67ms
66ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: ec30ff8fa57c8addab76d43208f9607f485c0abd64b7dbccfa4e8e5a44b1fd57

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Jun 2021 16:15:12 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 100

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
61 B 24ms
24ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Jun 2021 16:15:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: http://babesinhairland.com
access-control-allow-credentials: true
cf-ray: 665ff906e8b14c9e-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 0aefd9f84f00004c9e7c01b000000001

GET
H2 200 arj Show response
bloggernetwork-d.openx.net/w/1.0/ 173 B
355 B 31ms
31ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=fed11225-c9ad-4819-97fd-b331a3da59e8&nocache=1624810512454&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&aus=300x250%2C300x600%2C160x600&divids=mmt-80284279-b7da-4f76-b2aa-5bea9f07f95b&aucs=&auid=539370378
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4f165a5cc596ad4fdc6a35632841b126f1936e8c2d972f828a271f29940a908a

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://babesinhairland.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 42ms
42ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0f7fabf9f87c312ec0836ed9bf44e7d97de0594fee5cfc3c46567871670b99ba

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:12 GMT
X-Proxy-Origin: 82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b2658131-9e53-4b34-84c7-f2345c91edff
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://babesinhairland.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
478 B 75ms
75ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_300x250&cmd=bid&req=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&req(url)=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 9440bbc7e43fa576e1ca35a4f4c501a46115180d3d6ac3188965ebb711cfff68

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Jun 2021 16:15:12 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
478 B 298ms
297ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_300x600&cmd=bid&req=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&req(url)=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 0469df31d92093bd8e779bb3f5925ff458c6e1ba022b5fdcc10b37eb70be67bd

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Jun 2021 16:15:12 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
478 B 123ms
74ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_160x600&cmd=bid&req=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&req(url)=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: b09a18afa6c958f20492e1605db0397d7d99ec116f324e668a56131b622beb1f

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Jun 2021 16:15:12 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 140 B
659 B 59ms
57ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221489655fa6bbbe68%22%3A%22177369c437c672237248%7C300x250%2C300x600%2C160x600%7Cgpid%3D%2F20842576%2FAUU01M%2FAUU01M-DDT.E%22%2C%2214981e3913326de3%22%3A%22dcc4cd9596e80d497120%7C300x250%2C300x600%2C160x600%7Cgpid%3D%2F20842576%2FAUU01M%2FAUU01M-DDT.E%22%2C%221500126e62d210d1%22%3A%22d23fc2fbe929165f22f9%7C300x250%2C300x600%2C160x600%7Cgpid%3D%2F20842576%2FAUU01M%2FAUU01M-DDT.E%22%7D&ref=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&s=4f00aa1a-e57c-4178-808d-85568d7005d5&pv=9e380750-8186-4500-8e45-011918686a40&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

51b6309ada49254e25272f0a5855f9b151c1ef6908a5d4717f0bdfb767364d9c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:12 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: http://babesinhairland.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 132
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 67 B
638 B 112ms
111ms XHR
application/json 18.211.29.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bFQb0ON20r6RjGaKlId8sQ
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.29.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / 33Across
Resource Hash: 3680ac311a8a337cbeceb7c1e4bd14e69940b8196571d296896be9a3b9a2cbd7

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://babesinhairland.com
access-control-allow-credentials: true

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
359 B 40ms
38ms XHR
application/json 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=95542&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ns=10240
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:12 GMT
content-type: application/json;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://babesinhairland.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
359 B 41ms
39ms XHR
application/json 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=95544&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ns=10240
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:12 GMT
content-type: application/json;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://babesinhairland.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
359 B 40ms
38ms XHR
application/json 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=95545&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ns=10240
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:12 GMT
content-type: application/json;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://babesinhairland.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

POST
H/1.1 200
OK prebid_display Show response
display.bfmio.com/ 138 B
567 B 123ms
122ms XHR
text/plain 52.72.175.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://display.bfmio.com/prebid_display

Requested by

Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.175.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

db6dc3bc02be74485def19aac48f64b6ee44661b70ff8e8d71a4167a55aab291

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding, User-Agent
Content-Type: text/plain;charset=iso-8859-1
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Expose-Headers: location
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 147

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
115 B 67ms
66ms XHR
text/plain 3.123.167.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.167.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://babesinhairland.com
date: Sun, 27 Jun 2021 16:15:12 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
115 B 84ms
83ms XHR
text/plain 3.123.167.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.167.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://babesinhairland.com
date: Sun, 27 Jun 2021 16:15:12 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 200 otFlat.json Show response
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/ 12 KB
3 KB 52ms
51ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/otFlat.json

Requested by

Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8388718f670ddb4c773f542fef40257fd020ae066966c2ca33b0814eab04a74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: IQRggZnL4QDFwfiXP8gbfQ==
content-length: 2822
cf-request-id: 0aefd9f8d300002be96a37f000000001
x-ms-lease-status: unlocked
last-modified: Fri, 05 Feb 2021 17:39:03 GMT
server: cloudflare
etag: 0x8D8C9FCEDFA3E76
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8e0b8996-c01e-0041-046f-6b8c32000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 665ff907bc8e2be9-FRA

GET
H2 200 otPcCenter.json Show response
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/v2/ 47 KB
11 KB 49ms
44ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/v2/otPcCenter.json

Requested by

Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c604b3a9a3f1464144a15ce0ae7853500a51074eafb1e6ab4221e29a9986813a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: 6SSYYj+cvj/lp8HQvP6bVA==
content-length: 11379
cf-request-id: 0aefd9f8da00002be91713f000000001
x-ms-lease-status: unlocked
last-modified: Fri, 05 Feb 2021 17:39:05 GMT
server: cloudflare
etag: 0x8D8C9FCEF4A85A1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 742946d7-801e-0050-746f-6b1686000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 665ff907ccb12be9-FRA

GET
H2 200 otCookieSettingsButton.json Show response
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/ 5 KB
2 KB 49ms
49ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/otCookieSettingsButton.json

Requested by

Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd44041e27f78770fced39f58e54ff661a452abda8f8541577caed06934f813d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: CaGQ5l/lz/RAB/LfzD6w5A==
content-length: 2178
cf-request-id: 0aefd9f8da00002be984ad3000000001
x-ms-lease-status: unlocked
last-modified: Fri, 05 Feb 2021 17:39:05 GMT
server: cloudflare
etag: 0x8D8C9FCEF05A5C6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 7c46b949-b01e-004b-1c6f-6b2885000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 665ff907ccb32be9-FRA

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 96 B
648 B 55ms
54ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2216473c95437a7615%22%3A%224038e93c4d4c13bc38d7%7C728x90%7Cgpid%3D%2F20842576%2FAUU01M%2FAUU01M-DDA.B%22%7D&ref=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&s=889b3a5d-5a1b-4d16-a65e-3c8562621f79&pv=9e380750-8186-4500-8e45-011918686a40&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

2b94bd7db3d6e8b7991347e7c86bf2bb6c09f0fc6acb38d6a27450e0bed2299f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:12 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: http://babesinhairland.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 121
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 142 B
1 KB 65ms
65ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d67b75fa452095cd2bd0af0648a033192c404aa318b0c22377ecb2f0782f18be

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:12 GMT
X-Proxy-Origin: 82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: a70d34c9-bd58-4c4b-a960-53024cb8a0be
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://babesinhairland.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 142
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 491 B
982 B 65ms
65ms XHR
application/json 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=7ce595b2&pi=2&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ns=10240
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 561e2b40a325b2f41cadcc46fa73314b536cbacf5e626134dd7b3c787247d3b3

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://babesinhairland.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

POST
H/1.1 200
OK prebid_display Show response
display.bfmio.com/ 138 B
567 B 125ms
124ms XHR
text/plain 52.72.175.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://display.bfmio.com/prebid_display

Requested by

Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.175.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

232b938c178e8f4d5848c2af4b06cce03e8f3a73988b07c323bfaa66dfbd8744

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding, User-Agent
Content-Type: text/plain;charset=iso-8859-1
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Expose-Headers: location
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 147

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
761 B 122ms
117ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 7d0a4d8961da84b2fedb041cdd3604453070081e9476d9d93664ecc1f27b9a1c

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Jun 2021 16:15:12 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
62 B 58ms
57ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://babesinhairland.com
date: Sun, 27 Jun 2021 16:15:11 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
478 B 249ms
248ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_728x90&cmd=bid&req=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&req(url)=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 54aa1201cd6dba8c88cb7ddf7d64db3e1f92a7014b7d3d9697a264dc8c3c2656

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Jun 2021 16:15:12 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
61 B 25ms
24ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Jun 2021 16:15:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: http://babesinhairland.com
access-control-allow-credentials: true
cf-ray: 665ff907fb104c9e-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 0aefd9f8f700004c9eae973000000001

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
226 B 59ms
57ms XHR
text/plain 52.17.188.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-df98e700-2954-4a18-a169-750c006510ee%22%2C%22callback_id%22%3A%221802309da3dd319f%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222568922370718770014%22%7D%5D&page_url=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&bust=1624810512619&pr=&scrd=1&dnt=false&description=Stop%20struggling%20with%20those%20curls.%20Find%20out%20how%20to%20care%20for%20your%20daughter%27s%20curly%20hair%20(or%20your%20curls)%20with%20tips%2C%20tricks%2C%20and%20advice%20from%20other%20curly%20girls!&title=How%20to%20Care%20for%20Your%20Daughter%27s%20Curly%20Hair%20-%20Tips%2C%20Tricks%20%26%20Advice&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.188.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-188-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://babesinhairland.com
pragma: no-cache
date: Sun, 27 Jun 2021 16:15:12 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 67 B
638 B 112ms
111ms XHR
application/json 18.211.29.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bFQb0ON20r6RjGaKlId8sQ
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.29.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / 33Across
Resource Hash: c56eb126bf9d0593a343577d1ad43c540682489de9c6f92398a9dec14de5a967

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://babesinhairland.com
access-control-allow-credentials: true

GET
H2 200 arj Show response
bloggernetwork-d.openx.net/w/1.0/ 173 B
355 B 54ms
53ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=30a62352-270a-41cb-bbdd-d8d797354231&nocache=1624810512621&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&aus=728x90&divids=mmt-df98e700-2954-4a18-a169-750c006510ee&aucs=&auid=539370378
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: c031263250d6665b2f7296052dad9c1f275f828aae55166d42a29e9c450c303b

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://babesinhairland.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid_display Show response
display.bfmio.com/ 138 B
567 B 140ms
139ms XHR
text/plain 52.72.175.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://display.bfmio.com/prebid_display

Requested by

Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.175.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

1ce633f8f5f2d79bdbffe23d710faeacf04ff4e705301d2f0b54eda82ff36977

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding, User-Agent
Content-Type: text/plain;charset=iso-8859-1
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Expose-Headers: location
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 147

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
115 B 286ms
231ms XHR
text/plain 3.123.167.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.167.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://babesinhairland.com
date: Sun, 27 Jun 2021 16:15:12 GMT
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 66ms
58ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a7ae56c41706391dee29d763058beff0746e76c75605dfbe86d4752d43dbae51

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:12 GMT
X-Proxy-Origin: 82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 8c92c38f-3e57-42ac-bbb5-aa346e488e6c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://babesinhairland.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
226 B 60ms
42ms XHR
text/plain 52.17.188.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-b6ca773d-eea7-4536-92fe-b03c0d8e826c%22%2C%22callback_id%22%3A%221938726a01df0913%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222568922370718770014%22%7D%5D&page_url=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&bust=1624810512648&pr=&scrd=1&dnt=false&description=Stop%20struggling%20with%20those%20curls.%20Find%20out%20how%20to%20care%20for%20your%20daughter%27s%20curly%20hair%20(or%20your%20curls)%20with%20tips%2C%20tricks%2C%20and%20advice%20from%20other%20curly%20girls!&title=How%20to%20Care%20for%20Your%20Daughter%27s%20Curly%20Hair%20-%20Tips%2C%20Tricks%20%26%20Advice&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.188.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-188-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://babesinhairland.com
pragma: no-cache
date: Sun, 27 Jun 2021 16:15:12 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
359 B 57ms
40ms XHR
application/json 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=95542&pi=3&bf=300x250%2C160x600&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ns=10240
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:12 GMT
content-type: application/json;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://babesinhairland.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
359 B 321ms
305ms XHR
application/json 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=95544&pi=3&bf=300x250%2C160x600&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ns=10240
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:12 GMT
content-type: application/json;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://babesinhairland.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 118 B
670 B 85ms
70ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22198e7292b7db02c5%22%3A%22177369c437c672237248%7C300x250%2C160x600%7Cgpid%3D%2F20842576%2FAUU01M%2FAUU01M-DDR.A%22%2C%22199371c1c44f3a08%22%3A%22dcc4cd9596e80d497120%7C300x250%2C160x600%7Cgpid%3D%2F20842576%2FAUU01M%2FAUU01M-DDR.A%22%7D&ref=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&s=2b0269f7-7b62-4c74-a03e-838249cd5f2d&pv=9e380750-8186-4500-8e45-011918686a40&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

1e6deff6571292275cec05a7ac91e6319d920bf2748cb43d609972972b065c9c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:12 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: http://babesinhairland.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 143
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 67 B
639 B 125ms
113ms XHR
application/json 18.211.29.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bFQb0ON20r6RjGaKlId8sQ
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.29.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / 33Across
Resource Hash: 149cdeb40c5b271cc07c7998d19c5e6782d3c22b5cdac59ef9351cd16f7998ec

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://babesinhairland.com
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
62 B 40ms
28ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://babesinhairland.com
date: Sun, 27 Jun 2021 16:15:10 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
bloggernetwork-d.openx.net/w/1.0/ 173 B
356 B 63ms
49ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=50211733-490e-42b8-ae2d-993ef3689e14&nocache=1624810512666&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&aus=300x250%2C160x600&divids=mmt-b6ca773d-eea7-4536-92fe-b03c0d8e826c&aucs=&auid=539370378
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 8477899c5bc12b892506084c53e431f8ee7f9cb8d00f547bc059592691a65330

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
server: OXGW/16.209.0
timing-allow-origin: *
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://babesinhairland.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
61 B 40ms
29ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Jun 2021 16:15:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: http://babesinhairland.com
access-control-allow-credentials: true
cf-ray: 665ff9087bf24c9e-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 0aefd9f94b00004c9e7fa15000000001

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
478 B 411ms
397ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_300x250&cmd=bid&req=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&req(url)=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: cf5d69e59912ef4e959947c0b499323219d6431820f479878b28e6dc3423df13

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Jun 2021 16:15:13 GMT
Server: ATS/7.1.2.128
Age: 1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
478 B 161ms
96ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_160x600&cmd=bid&req=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F&req(url)=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 24987fd71ec2937658136c43fd91d083e36c1896d5d2e72418ef303554ad649e

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Jun 2021 16:15:12 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
761 B 306ms
296ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 7a59572ff910006171a796b3e6f25ae1f052f4bd5d9f0fd635722c01649122e8

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Jun 2021 16:15:12 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: http://babesinhairland.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 cmp-features.js Show response
cmp-cdn.cookielaw.org/consent/cmp-features/ 8 KB
4 KB 44ms
44ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp-cdn.cookielaw.org/consent/cmp-features/cmp-features.js

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

358a6fb3a6bbdcfd11f73307f4b23453770b4e1a0d49205d240fe4ca4593733f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 9u6YIWGeNVQg6qhQV2zLqg==
age: 317
last-modified: Fri, 05 Feb 2021 17:34:27 GMT
vary: Accept-Encoding
cf-request-id: 0aefd9f9c500004a553ca05000000001
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: fa714143-801e-000d-2360-1f1c02000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 665ff9091fdc4a55-FRA
expires: Sun, 27 Jun 2021 20:15:12 GMT

GET
H2 200 container.html Show response
0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 482F 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/gpt/202106181457/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 27 Jun 2021 16:15:12 GMT
expires: Mon, 27 Jun 2022 16:15:12 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062404.js?31061706

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92857904df325afe1f29a64b2382eb7df89626a03d79bd16be4dac1296c3aef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624469958711216"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27719
x-xss-protection: 0
expires: Sun, 27 Jun 2021 16:15:12 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 37ms
18ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021062404&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062404.js?31061706

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d404588d4854e9e54155c95dadbea51a7536d04bfdc3f4d10d69250433c253e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Jun 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7894
x-xss-protection: 0

GET
H3-29 200 container.html Show response
0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9FDB 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/gpt/202106181457/wrap.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 27 Jun 2021 16:15:12 GMT
expires: Mon, 27 Jun 2022 16:15:12 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062404.js?31061706

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sun, 27 Jun 2021 16:15:13 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 451A 624 B
795 B 17ms
16ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COOA3AIQ5fvLmwIYqMKfrQEwAQ&v=APEucNWSCbd3FR9L7LKJYr7CPQCB1HZ_sKMx75gLdXyNbNWCqjyXVngz8WZilUysVy4eWdj3hkS2ziwdYKZ3TO1x4sPTochT_f5MxiAQoHyujJOzhW-JQUZuoU2wGhWEMzQcI_Zae2xc8OQn33RvlgdEaOq9zSdkciDKPdDAj-xksOZTN4a0Cjc

Requested by

Host: 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
URL: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COOA3AIQ5fvLmwIYqMKfrQEwAQ&v=APEucNWSCbd3FR9L7LKJYr7CPQCB1HZ_sKMx75gLdXyNbNWCqjyXVngz8WZilUysVy4eWdj3hkS2ziwdYKZ3TO1x4sPTochT_f5MxiAQoHyujJOzhW-JQUZuoU2wGhWEMzQcI_Zae2xc8OQn33RvlgdEaOq9zSdkciDKPdDAj-xksOZTN4a0Cjc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 27 Jun 2021 16:15:13 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUl5VvjGJiRO4fZ-2qWM3xqb-3ftSHur5x1IPdPcZx9wXwIvmWjLPVv-O1wg; expires=Fri, 22-Jul-2022 16:15:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 27 Jun 2021 16:15:13 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 482F 111 KB
39 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 26 Jun 2021 17:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Jun 2021 17:47:06 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210623/r20110914/elements/html/ Frame 482F 6 KB
3 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210623/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 7752240862628680351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Jul 2021 16:04:44 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210623/r20110914/ Frame 482F 17 KB
7 KB 19ms
7ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210623/r20110914/abg_lite_fy2019.js

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Jul 2021 16:05:23 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 482F 42 B
63 B 45ms
39ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BDZ2kbrxuhdEsz4fqXIgJSVd0FJoQOrL6iSz9MWJ8A-2XJzb0UrO7DHYDRCkZWi83h-JJfnVfwVprWjV2_19So7ZQut1d4BlrmUceu4r1qY2FdktQ

Requested by

Host: 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
URL: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/ Frame 482F 3 KB
1 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
URL: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Jul 2021 16:11:29 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 482F 125 KB
38 KB 30ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
URL: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:13 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624469964731542"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38558
x-xss-protection: 0
expires: Sun, 27 Jun 2021 16:15:13 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/ Frame 482F 13 KB
6 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
URL: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 5108850372203985220
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Jul 2021 16:11:42 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 482F 0
0 15ms
13ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSxbG-U-98Hk9YH3ETpzle83FAHH48yRkAeneuiBYHA_OiiErGrlvKFsf2fIzQGsVvkahTki0wxw03B383sw_UtQtbF8A
Requested by: Host: 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
URL: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame 482F 68 B
345 B 330ms
29ms Image
image/png 18.158.188.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31f9741omk&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0FVVTAxTS9BVVUwMU0tRERQLkEiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTliOTg0YzAzLWI3NDEtNDBiMy1iZGQ0LTM0MDBkZjVkMWYzMSJ9fQ%3D%3D&sb=undefined&cb=2537009&h=babesinhairland.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by: Host: 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
URL: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.188.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-188-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:13 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 919F 640 B
316 B 16ms
15ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COHFzgEQz92pAhj-g4mqATAB&v=APEucNW5E3J1TfubULHWyjX_rVmC9l4DsQInbwEj6ak124jaQUhzIVUGuTZlux7UwEfYJJIr3ZFKlkd-7j_wuL1HWpCDgfGGekq9uT-1fOzGL8fvVVFEGkrxcS-7C90PC1V945uZ_RBqSlWr2Y0kE-dhAaiP6JSyLk-joAhvce8ogvDqB5Xa1KY

Requested by

Host: 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
URL: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COHFzgEQz92pAhj-g4mqATAB&v=APEucNW5E3J1TfubULHWyjX_rVmC9l4DsQInbwEj6ak124jaQUhzIVUGuTZlux7UwEfYJJIr3ZFKlkd-7j_wuL1HWpCDgfGGekq9uT-1fOzGL8fvVVFEGkrxcS-7C90PC1V945uZ_RBqSlWr2Y0kE-dhAaiP6JSyLk-joAhvce8ogvDqB5Xa1KY
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl5VvjGJiRO4fZ-2qWM3xqb-3ftSHur5x1IPdPcZx9wXwIvmWjLPVv-O1wg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 27 Jun 2021 16:15:13 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9FDB 59 KB
24 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CmBX-rSRnYqlU99-0o2U0K7ZiRr6w7MdFsK5LP2qkLW0A7nBiwWj2D_3zLQnRYKZ46ARXmtUtXRkk2IgYtsyL91o0-dkmAA2RlCZo1ldvS5BdZuLN5eWfPvCqI5jBZB0VfKPaVIclDTAGMLrccbcSd9a_tLA&dbm_d=AKAmf-Agka8lL2KVVmDTY-kDDnRbATAhrmxlVU3PRJ2IA4TBa8020KJyWs_GpIppw9O0vL-wtCVIRfdA6UppL4Q70-jIwWrHddy9dKdn4um1I1qbSmJRCvqMWz5ffayG_fIDJqf7n-xWSKu4CoNpegmzWPoYxWgyZ852PBXQOfnT4Og5YduGF62Sd1MKCjSlZ9Yug-TWoP2vWcMVWiq235c50-UW5obF6T3FquoPAf_-iGiqbdrhAreSQ9v1EZkFJN3KgNWkeZrGH6AhhNrpEqr3Zzh_F40wmk3gdx4kf3Jqt3214islsB0VhreqdiwSIsgndhtnOq8mzyhKwE1v1eS4YVTQL2NYvE6Ky0wM3wkxYHdesHeOTHxTGrf_54zKQgAHryHBz8bEkT_9s2UNkl7qqF3WFakMnmgWhI7yQI2eCwfELJnpw1SxuLrlhelWV07GwYlpFwop3xmweRGaJoe3DjZHaHPa5GR8sJj9v6AmV74fugrmmxFGmMFwen9tJS3H5RqFaLasX-MViWP97hbJKp0Bfl_FeTJDglbFQdJoZTpcgKIYTOGblN1OAJh7ixmOIGM9clM037kSVuhO9GvoZzmxxi6nlvVPj06D41aALvWdiJNJVmdwujtQqXxXjSuMuTnryl9maQVQ-9CEX9NW_1nyq7JXXsgSwpmwfgMNMDPDxVYTS9jA2QD0Vhn9PHFoTUYVMJtdGR138Kz_9CHFCdPP1sJrgNJsJmf5Kqt-zDd9BUz1a4bOJnjIi5JCCgLig4fnb-0-swZ7R0guCptTBW_LcAqtnFg4VsYmJxOzysYpMi4Nka80SKA2IgZU1B8QJIYDHQid7IaXjfwbTsdY0H3GvqHBC9unVYQ_bjvKi0awNGVGwPOsnrxMz6kwMVsPG1RBVDRwwfQIV3a4JikZSKveTg2B_1Th1F6PFe_yBr2eiXHdB-Z-yHaYWY69iRUGUktJonjII3sNkkrv5tPVGtPworftcKOXsH-0NPzJjZnz564_tb0eAq0zf_QhztdLzxtykvHJbbjdk9p7CXRFqwI-0pmEGyuED8yTsqhBNIY9GJKngDpdBpyC9BqAtaNlOrqa25YfBM5u5VMLzqk6W7YFhg99FNl7s3sbcmwpofWnTN23y0uaGUYXzHplEV0pxRlKHOq_gnpym_3OB_bc6K9uXkNPpmhaQ5jJqnMHvVW7rXTiSIOzZRh81KiMdrvmcXIcLxcQ0pEbZdujifuAINCEp5GqU5YK36zTTQMrlM--CBRDGIW962IB3YZzqtFJiXlh4q_o73W-MNRb-3L5uCH0mZAA2bQotkCHHu9C3n6muN1ava49U3sTT10aU2JN9LHVGAeJuppIJhUyvAQuH4TnSDREpQtic8AOQc9IeWTWmpRKw4FvfnPgeNqnxaIb0TZmzf1JXgHhKIjLuw8_loK2ydu7Ibnac5i6NS_pqLDPYhudOeLqyrjjIUcBQUdElCwmWP-wzBav26ETKR89PF6yNEN1Q_j4jGsEs0olg-qh9W70EzLv657f9HqffKfUCiPotfvUWOHwlMcWnItGwxqFo3TxqBDYIZeTi0-wsjhSqiYOTWyOi7QbZNl2wx9bQ-z5o2_kc3o2Wxbh9rb-zapWVXcOw1bCq1PcvS4tY-VApM2kCEQalbGbrTw-VQ8NKb30HojPo-hIbxTTBOn290LAyP8K6K-3aFzVIGntdFT_cATDA_a_ZpIy4nbWaisYZnD7pem6oZ9BI-DLzYIxhWfszuQNKlQ_FGrA-AGRMFmdw6uFcSe7sRBZr5TZOTImdTRsan9fdqGzSKVbVY23clyjNAs1uqCm2DLO-ItiOFLXRE4nOeSusAJxEMzF4bFLjlctYNl3pVZZFPFhVC3EXcgHa_3o3fR0Jy3NdGfNtUdjnOyxm0-hoPyAp7jQqyrtoDj7iokc5HOlMjT-l5VJ2TQ8ouMZ8Orqw7O4PWjRhJa6u_5SIe2ymFkTfO5bLTH_iModm5ATxHTkbw3Snmpto4MG2QYuR4HkRlUoQvGq-ckkYzHaF60VtyqfIq5vQhymtQxhMIEBgXX48sjYH8bevyxiE5G6WANO7apchQbemSGj0RRkeWWuL7UT7aSZei1_bAq-LLWtSQlQROebswYzf7WXRCuBObSxoAxyIuHIoZiG9MyOxFwuOEJ40E7aBLdusijqgV1MgFZ5FWdjLHZUKOxJsux3WzbSgmPG26WH2OoNvDukUOzmnbpC22cza7cX56_absSefHK-CqSxBolSoWgnYXWKI4eLD28cCWyGqBjeJ_UZqsum3mw5EUWjwBwUCYW-K16KvrGk-qg2z8KOK7zjufDn6az8PI52vNnfcAev8HISwCOKKwajAMa3t4pWbUntZrvu2wNASOBvk3Gc_aTL4o07rVCaDaA_TfrhhlAIwe9wXtlW7RCC-54e38c3alNh-SyWT7nC0whnQ2yCKqJL_avHZq0BYHH9QHsKb0NG6nQdxqyHJGTDGWpv3iJmmN48MFJNLCom5G0Cy_sBvzb2yjNRhMAcx5-HxMQ6snmsoWLApK4q4Ji5_RGxCuf6LwYR3Hg0tGqIPJcZ9GG0tw3nYsz3ZMQV7ho8JNn2yV4OSmYi5NvXb5Ba_fKlwhVOSh4aFYA31h2Dlh_uU4dgDEESKQLg8U3beA5Q2BjWs8ipPIEwvpmn7Qzf9XYoaVk5EIclaHRI8pcUou3HZrPM4s34QgGdvrHVRtp_5Si-QifmQVQxCIaAt63i13JZFFu5UIf69H3VxFCxg02zR_IpTQJ48lADao-0Dm5L2GEH_n6VWtINAN7qkM0qV0QicnkQDnj09tYPd3s2d5fsi-xCPcIT9YetE-qnyeRxUjPhAPTwJnN98sWDITkpQG9wQr8B62cCoFN7GC2h0OriqAdT27VftK1W4Q7Carzdx-XjCU3AXozsDKd9aKCkIaVGzQEEnlp2l6onq5bfTpFt_MG4gs2l735EHBSRo00K2YxxVSLaEJmhqTvPKSqvsHS6FfnIS14qr129XuJ5qnQnILcwfVKWpdCb7HJaY6a9KzRRkhFys82LtxCzCBeQcJ_ZE51iW-6BfPuzOw1kcBVlON607-LiRpRXFMLwxY87L6VqHnjSIY6B7jXqeVNHiCYbqEJYUXxtLomqIAnvoa6SuAS2Dgm-oBjdfRQKccxu7Z7E0K4jf_mBnO3nNtEyShdu5kKLr0Vt5sCj0jElCcQ9HEQb14faGbE6QQPaF0mlOEYH6TPr0wAx1gOHLmlC8LP-TThvtiK-wtRp&cid=CAASFeRoHoEmw4NB9mlWKkice18Hst3n2g&rfl=1%2Chttp%253A%252F%252Fbabesinhairland.com%252F%240

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11e6d135d2832f483dafa7529525846faefb511d2dd73100e1ac3fd103db3f78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9FDB 42 B
63 B 39ms
38ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D0ZCVClgqT8Kbl6XYRO3CKo-voWqtyi9c3fz_BtG-33rE4faRvDTff6lefa7ReRESJosYCkBFxhszOA2Gs15LZCpmtGMs6s9hfeKMkrnvQp7geUZo

Requested by

Host: 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
URL: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/ Frame 9FDB 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
URL: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Jul 2021 16:11:29 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9FDB 125 KB
38 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
URL: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:13 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624469964731542"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38558
x-xss-protection: 0
expires: Sun, 27 Jun 2021 16:15:13 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/ Frame 9FDB 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
URL: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 5108850372203985220
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Jul 2021 16:11:42 GMT

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame 9FDB 68 B
345 B 257ms
30ms Image
image/png 18.158.188.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31f9741or2&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0FVVTAxTS9BVVUwMU0tRERQLkMiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LWY2Y2VlNGI2LTcyNWMtNDAzNC1iNmQzLWQ1YzEyYjg0NWVjNyJ9fQ%3D%3D&sb=undefined&cb=7067944&h=babesinhairland.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by: Host: 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
URL: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.188.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-188-139.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:13 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 6493 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sun, 27 Jun 2021 15:18:38 GMT
expires: Mon, 27 Jun 2022 15:18:38 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3395
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C7E0 783 B
532 B 32ms
29ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9e263a42e214e343e1e18f6b0ab2d0dc57cecab21e1d481a3b3345ca918f4f67

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Y1USRr2X6XiJh1aoKve+QA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

expires: Sun, 27 Jun 2021 16:15:13 GMT
date: Sun, 27 Jun 2021 16:15:13 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Y1USRr2X6XiJh1aoKve+QA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 482F 0
592 B 144ms
69ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv9ZhyE0ToQu8jGOByIjiFsTVb20Zsp5-CDyCSfau2AJGIW2rO0iEvQX4uwoSI-wKa4eJty7NsoJw2Jg2zLe5kPoEU46a-8n9xpqA-3D_d0lA1weHOdDyotNOlstVHyjKGFx-Q0pGS14oWJsgTJIhxy-wTH7ekGfJdkjO2OCR9xs9sEhUDEOIzr84th7x5k8TVrgs9nsiwdGPEckqobClGCZhXIharNye_G8E4HD1o2nw7Jr80-ircgm7wGH4KkOFKmfRJb-DOaYOlLYvGc6q5dHgDWNaHRJEpEn2MDLm7EhMKjBq810cvxfvoBxA21CyLTciKYELqxy31IzeU9jTN15tui_lzhqtO5HTcAyRfmh0S2X59cALxB-cW4bUBQCE7BHTDROfAs31P3PPy5LSPScL96a_fPcB_4L4JmVvPhR8rAVLun9fpT6fiGkOXaTPKXYxX_VmITZeTxURTcfheLUwCO75HHwBE91XqnwxUOJRgr45DftOUrIlW85qdsJztC-3nVYw_F3H-1t1Uw7alH5CtmILjVYO9Tsg6rBBJo0Ag_qfcInbz3nDN7RRhEBMi64RAmaUBwWnm7DA8ZoKFPpRkwtQDAXyz7rERIqnVmWphtR7vniHHf3eXdUuvkMQB-8j5FumJ5XMaORMH_sJUYq07c46lquplnemhRxCL1CI0rqdPl0pu9Wq6N5aC_bJ-in2m4zxFzzCrM9yyH8Z-9JVxqrontkhksTuNZwaZlehM8wRkb_ntuvwA1zSDr-yR8DrwYPgZxuB-ADv1gCbq7oRupKMmoXAoz8daTtreI2npsXyVVvisigKZaZSgHrtbbEnaA15izsbb-7oT_4hDYEgVCNBC1xV1jqF8hAZU8QeA1LJx7Num0GFoIU9DZ-c6X2f_7wy80cJU26PCPmBZbn7xcUYqGoCTKta2FNCoNCwyqjLau-9mTIuJ-4T6PbFVsnU4U1He66pj61jVt4eWXul8L9BVG0Jxc7uaz9O1flqdBrW4j8J2SwNalzguY2ghu3aMkVuUnIo2hjO677AfOk65q2QUYQr6t0sos0SYa1PZ7ebAGv0VOVlHJI1pc5c521c8Nx0s8DYoEHPjwU5mf4bdjWbRyg6jJqnCdBNpAbPCZSwsPQD4s9AnRT_botZih3kgx1r2mTiWxWQ&sai=AMfl-YRQfGarqhKm8qk-uzEZ6z60qc8ZWnugnsmtQ-Wry_R7oMXMjkb_QNagXnV7kSt9p7kMzucGHsXE6PpJxPs3Ct8H2SEZns7wfm2n98tR1k-5dRtvuG36Jkm8qvvvZHoW9y9vl0niZwjZEKbvOh80daXWIQFobFQ_D6IxAJQR-RMDpkl3q3uuGDP5vdTRgd_gioxQftnpd-bf77tEL58I6oKdmeHurtu2u_1emAIQVNp9NXy9hNzU245g7kx8QW3o20a0MyVvwBE1Q6b5XXGlzJJPrq1RB6qeJB2DTmscgkw4YH1T1D1WtWQ8XAJjAZBalamAMA13ZzA-3HQ_ejNotmXXCQrkR6c1JrnqCnj6it2inQ_4iMxXsHyJmFRhhEAUrMPneuRQ&sig=Cg0ArKJSzNfco5yNoN-LEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=154&cbvp=1&cisv=r20210623.05084&adurl=

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 27 Jun 2021 16:15:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 12234702606192415794
s0.2mdn.net/simgad/ Frame 482F 34 KB
34 KB 36ms
18ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12234702606192415794

Requested by

Host: 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
URL: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4035a1d0192c92fbc955e7a5d055531c7b95d45351554dcfd21fafc96dff0db3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 12:29:57 GMT
x-content-type-options: nosniff
age: 445516
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34789
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 14:35:53 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 12:29:57 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 451A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBudqgv7vLLlV4UYyHid4U&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBudqgv7vLLlV4UYyHid4U&google_cver=1&C=1

43 B
1014 B

41ms
41ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBudqgv7vLLlV4UYyHid4U&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COOA3AIQ5fvLmwIYqMKfrQEwAQ&v=APEucNWSCbd3FR9L7LKJYr7CPQCB1HZ_sKMx75gLdXyNbNWCqjyXVngz8WZilUysVy4eWdj3hkS2ziwdYKZ3TO1x4sPTochT_f5MxiAQoHyujJOzhW-JQUZuoU2wGhWEMzQcI_Zae2xc8OQn33RvlgdEaOq9zSdkciDKPdDAj-xksOZTN4a0Cjc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 27 Jun 2021 16:15:13 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:13 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBudqgv7vLLlV4UYyHid4U&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sun, 27 Jun 2021 16:15:13 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 451A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YNikEcJyk9hLCOh0LWheMQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBudqgv7vLLlV4UYyHid4U&google_cver=1

43 B
894 B

67ms
67ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBudqgv7vLLlV4UYyHid4U&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COOA3AIQ5fvLmwIYqMKfrQEwAQ&v=APEucNWSCbd3FR9L7LKJYr7CPQCB1HZ_sKMx75gLdXyNbNWCqjyXVngz8WZilUysVy4eWdj3hkS2ziwdYKZ3TO1x4sPTochT_f5MxiAQoHyujJOzhW-JQUZuoU2wGhWEMzQcI_Zae2xc8OQn33RvlgdEaOq9zSdkciDKPdDAj-xksOZTN4a0Cjc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 27 Jun 2021 16:15:13 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGBudqgv7vLLlV4UYyHid4U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 451A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEH4VGyEIMkB35O2DbYwmy8s&google_cver=1

43 B
1004 B

30ms
29ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEH4VGyEIMkB35O2DbYwmy8s&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COOA3AIQ5fvLmwIYqMKfrQEwAQ&v=APEucNWSCbd3FR9L7LKJYr7CPQCB1HZ_sKMx75gLdXyNbNWCqjyXVngz8WZilUysVy4eWdj3hkS2ziwdYKZ3TO1x4sPTochT_f5MxiAQoHyujJOzhW-JQUZuoU2wGhWEMzQcI_Zae2xc8OQn33RvlgdEaOq9zSdkciDKPdDAj-xksOZTN4a0Cjc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:13 GMT
X-Proxy-Origin: 82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f1a172c1-0d42-43b0-9ded-defd59a6b401
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEH4VGyEIMkB35O2DbYwmy8s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 451A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAzMDcxMjY0ODgzNjA2MzMwMw%3D%3D

170 B
188 B

68ms
36ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAzMDcxMjY0ODgzNjA2MzMwMw%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:13 GMT
X-Proxy-Origin: 82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 41ad4fe1-6a82-49f6-a3e1-a5f0161ca656
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAzMDcxMjY0ODgzNjA2MzMwMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 482F 41 KB
15 KB 19ms
16ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 15:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3485
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Jun 2022 15:17:08 GMT

GET
DATA 200
OK truncated
/ Frame 482F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1862f17a2d14dea1495a8ac565c81ac5968141f53de5927bc79b92741d05587

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 9FDB 111 KB
38 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 26 Jun 2021 17:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Jun 2021 17:47:06 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210623/r20110914/elements/html/ Frame 9FDB 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210623/r20110914/elements/html/omrhp.js

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Jul 2021 16:11:08 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210623/r20110914/ Frame 9FDB 22 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210623/r20110914/abg_lite.js

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8676
x-xss-protection: 0
server: cafe
etag: 11618055936852703379
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Jul 2021 16:13:17 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 919F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB85RxblA7qFk0T3nR2_zj4&google_cver=1

43 B
114 B

29ms
28ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB85RxblA7qFk0T3nR2_zj4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHFzgEQz92pAhj-g4mqATAB&v=APEucNW5E3J1TfubULHWyjX_rVmC9l4DsQInbwEj6ak124jaQUhzIVUGuTZlux7UwEfYJJIr3ZFKlkd-7j_wuL1HWpCDgfGGekq9uT-1fOzGL8fvVVFEGkrxcS-7C90PC1V945uZ_RBqSlWr2Y0kE-dhAaiP6JSyLk-joAhvce8ogvDqB5Xa1KY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:13 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB85RxblA7qFk0T3nR2_zj4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 919F
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWYxYmFkMjYtMmNlNC02MGI3LTU1NjctMzVjZDE0ZmYyYjc1

170 B
188 B

35ms
34ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWYxYmFkMjYtMmNlNC02MGI3LTU1NjctMzVjZDE0ZmYyYjc1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHFzgEQz92pAhj-g4mqATAB&v=APEucNW5E3J1TfubULHWyjX_rVmC9l4DsQInbwEj6ak124jaQUhzIVUGuTZlux7UwEfYJJIr3ZFKlkd-7j_wuL1HWpCDgfGGekq9uT-1fOzGL8fvVVFEGkrxcS-7C90PC1V945uZ_RBqSlWr2Y0kE-dhAaiP6JSyLk-joAhvce8ogvDqB5Xa1KY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 27 Jun 2021 16:15:13 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWYxYmFkMjYtMmNlNC02MGI3LTU1NjctMzVjZDE0ZmYyYjc1
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 919F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEOQvuqw4O_6sj2TFbsVwLrw&google_cver=1

23 B
172 B

73ms
54ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEOQvuqw4O_6sj2TFbsVwLrw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHFzgEQz92pAhj-g4mqATAB&v=APEucNW5E3J1TfubULHWyjX_rVmC9l4DsQInbwEj6ak124jaQUhzIVUGuTZlux7UwEfYJJIr3ZFKlkd-7j_wuL1HWpCDgfGGekq9uT-1fOzGL8fvVVFEGkrxcS-7C90PC1V945uZ_RBqSlWr2Y0kE-dhAaiP6JSyLk-joAhvce8ogvDqB5Xa1KY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:13 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 27 Jun 2021 16:15:13 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEOQvuqw4O_6sj2TFbsVwLrw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 919F
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZDA3NjdlZjQ4MmJkNjlkMWU5NDc2OGYxNTE5ZWMyN2UzMDNmM2Y4MA==

170 B
188 B

34ms
34ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZDA3NjdlZjQ4MmJkNjlkMWU5NDc2OGYxNTE5ZWMyN2UzMDNmM2Y4MA==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:13 GMT
server: akka-http/10.2.3
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZDA3NjdlZjQ4MmJkNjlkMWU5NDc2OGYxNTE5ZWMyN2UzMDNmM2Y4MA==
cache-control: max-age=0, no-cache, no-store
content-length: 197
expires: Sun, 27 Jun 2021 16:15:13 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EDC1 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 27 Jun 2021 15:17:08 GMT
expires: Mon, 27 Jun 2022 15:17:08 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK tag.php Show response
tags.researchnow.com/trackers/ Frame 9FDB 35 KB
36 KB 1013ms
694ms Script
text/javascript 34.246.229.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.researchnow.com/trackers/tag.php?t=js&pr=1432044599&f=728x90&si=6217969_303877940&pl=303877940&cr=151247521&dcr=1&did=&ord=3521613778&gdpr_consent=&gdpr=&us_privacy=${US_PRIVACY}&ccos=1,5,10,15&tcos=50,0,95&sc=1&dvis=1
Requested by: Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.229.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-229-148.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.46 () / PHP/7.2.34
Resource Hash: 2045a500bce2344d5fe28c20cf6ec7221f83cdc1c547c5c00a27e822cbe0564b

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:14 GMT
Server: Apache/2.4.46 ()
P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
X-Powered-By: PHP/7.2.34
Upgrade: h2,h2c
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
X-DMAVis: 1
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 36186
Expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/8947800/1621401132077/ Frame 7761 5 KB
2 KB 8ms
7ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8947800/1621401132077/index.html

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f00187b9639c398589c0bac3632be00aff6822bdfd90ef5a9cf655c4796ca4f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /8947800/1621401132077/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2110
date: Sun, 27 Jun 2021 13:36:14 GMT
expires: Mon, 28 Jun 2021 13:36:14 GMT
last-modified: Wed, 19 May 2021 05:12:12 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 9539
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9FDB 0
24 B 130ms
99ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss80DpC99JAouJ_qHahTckUbkzvOvU_VLtetKnp-G7Qx4-uCDNDAYKAvjw6KF7hsdL8YOC8kHRK6L2Y7LmIsTnDM6f6oMCw8Ib_zEQkBtpjdcFre7ttqmZb9lTVoyAf3iB4UqAsMnAVUmB92Xp60fdiSPxoYRIowsa0CZ2aaSHFfL3euNAEb0x6dlK_VZdIPrJcpIwMxkfIQOKWFKd8c5ytjDO5RHXjUK9qBYGowV3XUmIkDpwoF8MxB42HkoGhaXGaBAyI_ksqSjTC6BtE-aMMBAqM8wohVIDfu1xc3eEC0TiMfI_CJ9yMr1d3wAjkIyM4P8RfSF6hSJk93iE5LqUWTzdN39N3dTXZTNZVStkZ0sQN_52JAEiT5c78PpcrvoegmookyExV00pU49ewf9PvxiHWrCebt05Lfn2YBqFYX9QIg9C45gx9-SgonvlkZE1Lun-Lh4vGfesBX2C-aQpij8rfsNpLo51z_aJTcl8_d7BH3K--M6x5hXPkO-4u_AHz9E4vQ-M9yoQT5Q_eS7tC9vVWWNGh-uOTXZ27dHiAp93fRkx8yIvBoy7bEPGGIhdE-vgpgmlU1UqhuUgYo8dKxshR5JwRuVTomzZ9yb3YSKP69F_uSsmvp1YN_X4df_ovS2jvTbXjrQ7ZoMzhbm-pASaidUydhBJwbeZjXpv-Cykai6sUvntQJ19NmLQn3oxlz2l678EU7B5ki-1tHNhwmMiaUZCu99GyF0ODH5n3QDlPHReyIOvcukX3x9aa5F_aFP8zIc45PCKGZ5_oZxQR4Swyxm9UxhNKLywgRHmCvtTeeDA5BUSE38x7lL8aPQf8l9371WHgcxJjZT0u5RUbdyU6R6PTm5odo7mnsirxXb1jwH9wUsMev7mr6U4jsLHuZi7Zgg_hq4lVHfA7m-gT2mD4uPTJCr89DppXvkllQn_2eg1pCXRbhiGY38GNJS0IIQBHLIfqMuQjUcZmRykSFe8RYjrdKf61Qwp4EFJ61D9JrNHEJQuo0sab6qjIK6mUXycS1lQE_b07Wez15Ln3Rv5MqtCdWPh7AHtk_FdvcfBVWLg8wJvV9a-4RpWX8wysrxRQhv4FgPzKBoGrljbLoOnRyxSey4ox6xCgdrVFQc59R-8S9-4NQiNZL0qzhMEFrMGZ1xCZ2sknsAhT1pmEn084qIyhE8Aim2GSC_ETjbv6OBCMqV5Sf3v45QwNMcHkbvUJ2shjteyUVt_IJJHN6AwimEm3b7-K1l6yCKI8mX8&sai=AMfl-YRafPnrWdy2LtE5RyHn-n6u5LRxcMj8pPkc5Rm3wDt3QOI3AyHSiEVkqSCFL9HILVQnHA3NRadwjN_L-FannYflySRbfG1ruKUvUvXMNFnngMRRNKlCBR_nmvteECAvpY_267mSexrHZZoCTElHUaws4Bcwwtx0jn2viU4&sig=Cg0ArKJSzCFmWj6OSGFjEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=71&cbvp=1&cstd=68&cisv=r20210623.15272&adurl=

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 27 Jun 2021 16:15:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9FDB 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 15:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3485
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Jun 2022 15:17:08 GMT

GET
DATA 200
OK truncated
/ Frame 9FDB 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27596146639e0bf6bdeaaad22d97cf566b1d77a331ef862f6ded3e3ca27fd299

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js Show response
pagead2.googlesyndication.com/bg/ Frame 6493 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 09:15:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5767
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Jun 2022 09:15:01 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FF38 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 27 Jun 2021 15:17:08 GMT
expires: Mon, 27 Jun 2022 15:17:08 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7761 236 KB
63 KB 20ms
15ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8947800/1621401132077/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8947800/1621401132077/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Jun 2021 16:15:13 GMT

GET
H3-29 200 index.js Show response
s0.2mdn.net/8947800/1621401132077/ Frame 7761 50 KB
13 KB 16ms
12ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8947800/1621401132077/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8947800/1621401132077/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5aef26df73dd11e9d8503ca9343209f3299b0779edfc9f0aa062414ba567ff46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8947800/1621401132077/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 07:21:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31997
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13577
x-xss-protection: 0
last-modified: Wed, 19 May 2021 05:12:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 28 Jun 2021 07:21:56 GMT

GET
H3-29 200 DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js Show response
pagead2.googlesyndication.com/bg/ Frame EDC1 14 KB
6 KB 13ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 09:15:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5767
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Jun 2022 09:15:01 GMT

GET
H3-29 200 index_atlas_P_1.png
s0.2mdn.net/8947800/1621401132077/images/ Frame 7761 57 KB
57 KB 8ms
7ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8947800/1621401132077/images/index_atlas_P_1.png

Requested by

Host: 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
URL: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41da60c464524b8fc1e51031fbd4ab37a315d68da0bfc60e753eb12805d9e814

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8947800/1621401132077/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 05:25:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 05:12:12 GMT
server: sffe
age: 38988
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58180
x-xss-protection: 0
expires: Mon, 28 Jun 2021 05:25:25 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9FDB 0
23 B 59ms
59ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 27 Jun 2021 16:15:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 482F 0
23 B 60ms
60ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: babesinhairland.com
URL: http://babesinhairland.com/curls/how-to-care-for-your-daughters-curly-hair/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 27 Jun 2021 16:15:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 index.html Show response
s0.2mdn.net/sadbundle/1907043113059267957/ Frame 5CB7 16 KB
4 KB 8ms
6ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1907043113059267957/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cda16e6e287633ea9fd666d52eb64f2bdb59b692600652f3a36c5bde473c171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/1907043113059267957/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3816
date: Thu, 24 Jun 2021 05:48:19 GMT
expires: Fri, 24 Jun 2022 05:48:19 GMT
last-modified: Tue, 15 Jun 2021 14:35:51 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 296814
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 index_atlas_NP_1.jpg
s0.2mdn.net/8947800/1621401132077/images/ Frame 7761 7 KB
7 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8947800/1621401132077/images/index_atlas_NP_1.jpg

Requested by

Host: 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
URL: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e41d1eee8001790dfb75cabf50b494fb012a6e52718a75f3ce2eb9e9d728bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8947800/1621401132077/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 26 Jun 2021 17:44:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 05:12:12 GMT
server: sffe
age: 81053
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7432
x-xss-protection: 0
expires: Sun, 27 Jun 2021 17:44:20 GMT

GET
H3-29 200 DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js Show response
pagead2.googlesyndication.com/bg/ Frame FF38 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 09:15:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5767
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Jun 2022 09:15:01 GMT

GET
H3-29 200 tweenmax_1.18.5_23b0de6da0ee295131e32a500470610c_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 5CB7 108 KB
36 KB 22ms
17ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.5_23b0de6da0ee295131e32a500470610c_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1907043113059267957/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97982680a892d29f743ce32b99fb340cc4a186769e56380998145868781f4ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1907043113059267957/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36734
x-xss-protection: 0
last-modified: Fri, 03 Jun 2016 20:37:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Jun 2021 16:15:13 GMT

GET
H3-29 200 bn_1.0.0.min.js Show response
s0.2mdn.net/sadbundle/1907043113059267957/ Frame 5CB7 84 KB
24 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1907043113059267957/bn_1.0.0.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1907043113059267957/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c66afb28981d75b445d5d9d8341b9f6ece1c5bcf6efe7c7d72a74d8e3b9dc525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1907043113059267957/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 05:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296813
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24499
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 14:35:51 GMT
server: sffe
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jun 2022 05:48:20 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5CB7 224 B
337 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bebas+Neue:400&text=Profite%20nu%EF%BB%BF!

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1907043113059267957/bn_1.0.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b80e20c55ca6ced56a296c20d794c7bdd2baa6322102e970f20ad964f607a032

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 27 Jun 2021 14:48:42 GMT
server: ESF
date: Sun, 27 Jun 2021 16:15:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 27 Jun 2021 16:15:14 GMT

GET
H3-29 200 img-1.png
s0.2mdn.net/sadbundle/1907043113059267957/ Frame 5CB7 278 KB
278 KB 11ms
10ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1907043113059267957/img-1.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d536bd5100377a6ab0510059b4238da9bfae51bbb8a58c14bc34611bde3a47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1907043113059267957/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 01:29:45 GMT
x-content-type-options: nosniff
age: 312329
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 284679
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 14:35:51 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jun 2022 01:29:45 GMT

GET
H3-29 200 img-2.png
s0.2mdn.net/sadbundle/1907043113059267957/ Frame 5CB7 27 KB
27 KB 9ms
8ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1907043113059267957/img-2.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06ba6278283e162e46704f5af3a999e583b5d0c6d937a43b1d64f494ec35fd81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1907043113059267957/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 06:28:06 GMT
x-content-type-options: nosniff
age: 380828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27345
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 14:35:51 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 06:28:06 GMT

GET
H3-29 200 img-3.png
s0.2mdn.net/sadbundle/1907043113059267957/ Frame 5CB7 11 KB
11 KB 9ms
8ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1907043113059267957/img-3.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8b4d2c45268a19db7a754791b56dc60d49ae364f1ca58b0a5e172e961fd17d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1907043113059267957/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 06:28:06 GMT
x-content-type-options: nosniff
age: 380828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11629
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 14:35:51 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 06:28:06 GMT

GET
H3-29 200 img-4.png
s0.2mdn.net/sadbundle/1907043113059267957/ Frame 5CB7 8 KB
8 KB 10ms
9ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1907043113059267957/img-4.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182c7599a26dd45c351eace9c9eafba449e9e52ad7e6c5ee790d18453621c962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1907043113059267957/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 23:47:14 GMT
x-content-type-options: nosniff
age: 404880
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8317
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 14:35:51 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 23:47:14 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame 5CB7 3 KB
4 KB 11ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=JTUSjIg69CK48gW7PXooxWtzwC7Cq7MTzUXM2RhLpsTr&skey=6bd981f07b300212&v=v2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bebas+Neue:400&text=Profite%20nu%EF%BB%BF!

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fee3e6f2437e00d797b8118c7528aa0741ec6bb68ba2090c04182548d3b92aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 08:22:57 GMT
x-content-type-options: nosniff
age: 28337
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3536
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:39:27 GMT
server: ESF
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Sun, 27 Jun 2021 08:22:57 GMT

GET
H2 200 img-1.png
s0.2mdn.net/sadbundle/1907043113059267957/ Frame 5CB7 278 KB
278 KB 34ms
15ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1907043113059267957/img-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1907043113059267957/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d536bd5100377a6ab0510059b4238da9bfae51bbb8a58c14bc34611bde3a47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1907043113059267957/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 01:29:45 GMT
x-content-type-options: nosniff
age: 312329
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 284679
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 14:35:51 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jun 2022 01:29:45 GMT

GET
H2 200 img-2.png
s0.2mdn.net/sadbundle/1907043113059267957/ Frame 5CB7 27 KB
27 KB 26ms
11ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1907043113059267957/img-2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1907043113059267957/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06ba6278283e162e46704f5af3a999e583b5d0c6d937a43b1d64f494ec35fd81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1907043113059267957/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 06:28:06 GMT
x-content-type-options: nosniff
age: 380828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27345
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 14:35:51 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 06:28:06 GMT

GET
H2 200 img-3.png
s0.2mdn.net/sadbundle/1907043113059267957/ Frame 5CB7 11 KB
12 KB 19ms
6ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1907043113059267957/img-3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1907043113059267957/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8b4d2c45268a19db7a754791b56dc60d49ae364f1ca58b0a5e172e961fd17d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1907043113059267957/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 06:28:06 GMT
x-content-type-options: nosniff
age: 380828
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11629
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 14:35:51 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 06:28:06 GMT

GET
H2 200 img-4.png
s0.2mdn.net/sadbundle/1907043113059267957/ Frame 5CB7 8 KB
8 KB 12ms
7ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1907043113059267957/img-4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1907043113059267957/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182c7599a26dd45c351eace9c9eafba449e9e52ad7e6c5ee790d18453621c962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1907043113059267957/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 23:47:14 GMT
x-content-type-options: nosniff
age: 404880
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8317
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 14:35:51 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 23:47:14 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
210 B 42ms
41ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021062404&jk=3048066275316788&bg=!WFulWx_NAAYo4NJEKOA7ACkAdvg8WrgulnXIblEyNBUNtF7LkGJ8iR_IivZXUc-kzDhTLWMc6ge46QIAAAH5UgAAACBoAQcKAJFErmGPXbyEKYN4ojB7IkxYDnfo5GHvfdFHuqj6d0khh7HQ41Lnp6GcU3VGFhmpwPJGytvFuiNDPXcUQGimCbueoA_gF_tdY8bH6GrOOJPoodJqnH9tzaNJop1luceseCgTa5PWkNkSo-hJQUn-G1-qvA0lzO5fzQr60q0yiyri05bi_fMdx-szzqAW7QJMIBYCmQJnl-coXgSLWx9yfQe8kKIKS9kFQ1qGKtVctnaua39rb4vHtxHUj5259idWz6lq7hi864n4hZLOvIjzVGvWkVMEx_ya-YZhq5-Zw-kfh9ZpgRghwSrAMxKeaa5ZLx0wiQEULCBRfchQ3HlKnXGi0RET7K3jMmsPR8HNBKYf6YjspVN0wbQ6gKRPw1uvy5f0xzeSlCqEY4qtHARJxZxQD4N2jMhb9gBUJ0Y_73RTrVJ3F2BxzTODUlK4g4blz7CohmzhlGslb2zSzVe3E7EJKEqZWw_Qw4UTuY9rGyNOLgwMf3ZplT73u0-DGfqfINRzdUxdBU58rcbiC2XkqapfNfhszkrOsB286OlT5BUu7r2QcGnBt3JP3wQl2Z49zJ-sZZDVbaQum8fuQSedOmTRTla6zKSZBnaD0eygXYNik9LEUjsYnReb42dmJNlLC1wncWEXrVzVd5iGw_7uJnhQaVW-P8_FvylKHL-gcK_nsVuz1SaMaEqC_458AzB36Kwt9KFWq2sipbygaU5E9fBQtUEYjXzloX43QYHa6jo6OyewFThyFDhuo9MF3KXPfquImtW-H62UeEr55RibB3mhZAWxHLbX3ze6S6c475ImwmWN2G9RnGfUGcZU3yq1pK1KZbbTkJ1uVUZYdU98skXOSHwETbQYfwZSQgww0Z7HwiBNO8Q20o-WOh5R_MobmisGnmQbd6Qc0-mQiQ0GpvJjmTwaRLsOQk-T7jzDe3Jusjq9GOPicooqqBYS62C5P6RiKg_94FP3GS6wm90Nk7I2F4A6VkuXNn2kFLyd1I8pVj5p1BITmOvK3CUe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EDC1 0
56 B 42ms
41ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkW88EKTYYJCfFIOKjuwP3seZiAMAAAAAOAHgBAI&bg=!cXKlcjbNAAYo4NJEKOA7ACkAdvg8WjatgUZ3OX7o1F0yecTwHYrO3_Qz-6mtGr--LU_2da0BVWqPcQIAAAHgUgAAACdoAQeZAsB1F-xyjn7LxwhPne7JeyICN_-ALspCocltL2bj0RGV1N_tIJf4uUDPT8_wDQBbEzqAh2_ZGz9J4wAnSgx6SGgHsK9dFNEiTzZnnmX82nhN3Q80Py6CtT29Rm3Febd6JfKoyAZvvzHojX2rxn_KT8N3-4Rx2flAoPwZG9na43cCtQM8MSG1xOy_8mhPfhRRoHiEUkmntbnDcvC6z9GLjywmjDd2g5ZELyV207Vr_TOvHijZBJJih7OJjWIAHPj6W2-KkZqeJ_CGTtfvXj6HekuwN7DZ80rj_NXy-MlEtwFm-z5Dms0Dh9JyyTNhy8red0AsgC4CnIWSEdJjWcMcGDVroi6lupOOtGabBvUDv5YvMeMlcOZuJY2Jgb0uHfZAj6UsE0fl7nyDPsLuelkYLgvnNP4IVXqZ6OH914heQVv3ldYqigxLB8B0iOmGQo4bx8TYXecH-6s3lEYPdO-jdvcHM7M_1AzrOF5mkKWR-bYzpN4p2krvb97fFXUDNHCXPhfqQAGwtFRVL6FYRo5RA8Fu3xDt3G3DgolQBC-N62ZJRgj6HRdSRO577k9rajHaZZlyT9n1o71QrHWGCDVXBP220BeMJdMJ5667ymjeGZtKSjascnmgpqxbRJ_gKzRF0lX3yBnDCmETCXtZyeQoQm7d_vyvvU79gmmy1ra3Gn2qTrkCDBTdMM-TOr-AxAogQtVBbXqBiM_B0PORxSZE0m9QZVfj1HMgRgS_tUBla7mIZa_HnmmIZneMH4WrKRdEmfY1Z3naKuhpToUiBKiEBNYRNnx4r_ei-mCcjq9u-r_o6sWhJvKhK399iGw8NL8PvnlZLtuuN2qttD3luKD-HCH60VEdc5DYNk8PQjzhTsKJXcvC60eaw2me-dOSyVK2RvER2K0-91QaFLxctsOkCJNUtgmHTLElTJerXOnlR_ZGTw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FF38 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtyXyEaTYYI7lENPV3wOQyq6ABwAAAAA4AeAEAg&bg=!PzylPHjNAAYo4NJEKOA7ACkAdvg8WvniExU9gr_npXZ4cPt_PmySrKWODN2cydU-6eqPOM4dhy1YSwIAAAGwUgAAABVoAQcKAAKOA5kCu0xkUJ0eDZfnQYqKGSTOf5PgphxlSvOn8Z8etE638IoN9OQ4nIrw-I9li7FPv7sMm6LbVYOOKDecwkMubhcVxyh9rydRljceXdLOB9vRxaaR9g3vFAzMB-5NNhl67tZp2-Rbkzack8uz33D35lNxtCR3G-uMbKVoNj_j57KgstCepSDCMJqe8SIO5rRfPsjorA5YwZGNGn-dwTUlsMJxtkVdEbSU_YAbrjxKp9mNf34nx5FgNsC8fQxbuyLOrOp3-rN6M4szmoCqVEPUoNwOWfqZEcNw5opBpHHiujUaVnuaMf9y5TMuv566rbsol9NIZSV5Sxp_u5a4Ckxri-thp2Q6ZXuCq9wh3EXku6hsjXmL2mZIQG7Ew-PrkZDcMfP1SOrBJspynNAGGuIYEjdJLrsCzGe46K82RQP-PzfI7SLMjtJlAfDlsIqHHzQ7LyUG_wlDT-LZtUbQruN07_DLOGWi7il4at5sT5zZWaVg9yvSf7K0DKFQYYtanObm4xNW1wwcI0zgvCn4rfTF8UC_zD9DHlbOQPLXVNEoF2Lj0s1Pv6DC4YrEtWqGrTu9ccUovKCJQUFUus-aSr70tkpMgHqruJrL4BjbmPRbuqz35Oyk9z2kp3RKAok1ITSE5w4aAnyMCLpie-GRyJp5uBQNXUUp5JZRkhJRroy4vzmDAnMe3j2D7Enbx731o7GJ8ogy-LqSt7pXNUjvPAIz1j8dSeWye8pupXNvKlDiQ5Me-kX8izuPGbf1Ymgsyx0-osPDTjcjqCi3AXcAqEQTX9abEqzwgrs7bZw1F_gNR6o8L3nC-GXXRyruZqoX2HssANPRhNbNMhiE84t_9ggiXFEefnk2qjx_Fj1_KpwnIewIqyrwdjYZ_2tc5ksn9qw2snRppaZO51XI1f6F9TycXgKhd4MHY2_PcwUl1kFvYA

Requested by

Host: 0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
URL: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9FDB 42 B
64 B 59ms
43ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstK0svs-QgZos2JIbFys6x0diMPL3TnfpP-CEd-5vW64rEMbtpROCjh3s2b57sDB4MbioXX_koRPGuuJmGcI-ke1Z8TQkb-V9JknVQxP_5Fk1YZAmuCe5OUYDIN2A&sai=AMfl-YQybydtVBfVSyawAERK7pFOPbj5JaUFRmTzmywUAUJ4rYCu4EOxgWbfZxUrw25c2NW5rTS8J0HHsLpzpDBskcMJa3cP-9-AVpCYGPts5BlGZ5WEBG5EtvtL_R9GmTmQ&sig=Cg0ArKJSzIRaOpr3G1YSEAE&cid=CAASFeRoHoEmw4NB9mlWKkice18Hst3n2g&id=lidar2&mcvt=1002&p=60,436,150,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210623&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3778069295&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
546 B 123ms
40ms XHR
application/json 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=2jqw284&fmt=json
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 04489412102f8613202098138a69d121b9b829c6be252ff1fdf54f95abb5e541

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://babesinhairland.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Tue, 27 Jul 2021 16:15:15 GMT

GET
H2

200

pd Show response
eu-u.openx.net/w/1.0/ Frame B6B4
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1

1006 B
846 B

35ms
29ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: c78884ff0af71411e5255902b19d962505abe344daad6d523d6e3986d2ed2680

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=9fcd2ad0-9c5e-0ce1-3614-3e24ae3e744e|1624810515
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=9fcd2ad0-9c5e-0ce1-3614-3e24ae3e744e|1624810515; Version=1; Expires=Mon, 27-Jun-2022 16:15:15 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624810515|mOgeginskin0vNomiygu; Version=1; Expires=Mon, 12-Jul-2021 16:15:15 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.209.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: text/html
content-length: 541
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=f995383e-5e45-057b-11d7-d3a9ca12f334|1624810515; Version=1; Expires=Mon, 27-Jun-2022 16:15:15 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.209.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
date: Sun, 27 Jun 2021 16:15:15 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame AB9F 0
0 30ms
28ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 0aefda034900004c9eb3a1c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 665ff9187d574c9e-AMS

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C82E 14 KB
5 KB 108ms
41ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?kdntuid=1&p=156972
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=33662
expires: Mon, 28 Jun 2021 01:36:17 GMT
date: Sun, 27 Jun 2021 16:15:15 GMT
vary: Accept-Encoding

GET
H2

200

pd Show response
eu-u.openx.net/w/1.0/ Frame EA00
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1

1006 B
846 B

46ms
44ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: c78884ff0af71411e5255902b19d962505abe344daad6d523d6e3986d2ed2680

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=9fcd2ad0-9c5e-0ce1-3614-3e24ae3e744e|1624810515
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=9fcd2ad0-9c5e-0ce1-3614-3e24ae3e744e|1624810515; Version=1; Expires=Mon, 27-Jun-2022 16:15:15 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624810515|mOgeginskin0vNomiygu; Version=1; Expires=Mon, 12-Jul-2021 16:15:15 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.209.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: text/html
content-length: 541
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

timing-allow-origin: *
set-cookie: i=e280133a-186a-0eda-0951-c70901b86c98|1624810515; Version=1; Expires=Mon, 27-Jun-2022 16:15:15 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.209.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
date: Sun, 27 Jun 2021 16:15:15 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1

200
OK

Cookie set beacon Show response
ap.lijit.com/ Frame 13F6
Redirect Chain

https://ap.lijit.com/beacon?informer=13208641
https://ap.lijit.com/beacon?informer=13208641&dnr=1

6 KB
2 KB

267ms
241ms

Document
text/html

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: 0b849949974aefb43cc40ad89ed7b38de6b50a434a7864cdc812d8481addc4c3

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://babesinhairland.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljt_reader=595422e682081e8201db0d30
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

Server: nginx
Date: Sun, 27 Jun 2021 16:15:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJxdkDsSQkEIBO%2BysQHs8vVqlnfX9zShw56CmYHX0vXU2FYdrf5YETeHbNGL98QzMXWyi0BRAcMwf3lu6ufi7s458VVqKkVPdC60LAM7mDdzH42q0RB9dvx%2F6idvznnjQZ4hz%2BDvmPfij2fj9wcgvlpn;Path=/;Domain=.lijit.com;Expires=Mon, 27-Jun-2022 16:15:15 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=595422e682081e8201db0d30;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap1ams1

Redirect headers

Server: nginx
Date: Sun, 27 Jun 2021 16:15:15 GMT
Content-Length: 0
Set-Cookie: ljt_reader=595422e682081e8201db0d30;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ap.lijit.com/beacon?informer=13208641&dnr=1
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap1ams1

GET
H2

200

pd Show response
eu-u.openx.net/w/1.0/ Frame FD70
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1

1006 B
846 B

32ms
31ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: c78884ff0af71411e5255902b19d962505abe344daad6d523d6e3986d2ed2680

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=9fcd2ad0-9c5e-0ce1-3614-3e24ae3e744e|1624810515
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=9fcd2ad0-9c5e-0ce1-3614-3e24ae3e744e|1624810515; Version=1; Expires=Mon, 27-Jun-2022 16:15:15 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624810515|mOgeginskin0vNomiygu; Version=1; Expires=Mon, 12-Jul-2021 16:15:15 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.209.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: text/html
content-length: 541
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=431744b4-1a75-0f24-2149-bcc68910dd22|1624810515; Version=1; Expires=Mon, 27-Jun-2022 16:15:15 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.209.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
date: Sun, 27 Jun 2021 16:15:15 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200 Cookie set sync_iframe Show response
sync.bfmio.com/ Frame 4210 217 B
548 B 459ms
124ms Document
text/html 34.205.51.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1624810512330
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.51.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-51-230.compute-1.amazonaws.com
Software: /
Resource Hash: f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a

Request headers

Host: sync.bfmio.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://babesinhairland.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

Access-Control-Allow-Origin: *
Content-Type: text/html
Date: Sun, 27 Jun 2021 16:15:14 GMT
Set-Cookie: __io_cid=8ca1b153845528fc551fb70f8fb712bf3a9f8f8c; Domain=.bfmio.com; Max-Age=31536000; Expires=Mon, 27-Jun-2022 12:15:15 GMT-0400; Path=/; SameSite=None; Secure
Content-Length: 217
Connection: keep-alive

GET
H2

200

pd Show response
eu-u.openx.net/w/1.0/ Frame 525D
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1

1006 B
846 B

30ms
30ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: c78884ff0af71411e5255902b19d962505abe344daad6d523d6e3986d2ed2680

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=9fcd2ad0-9c5e-0ce1-3614-3e24ae3e744e|1624810515
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=9fcd2ad0-9c5e-0ce1-3614-3e24ae3e744e|1624810515; Version=1; Expires=Mon, 27-Jun-2022 16:15:15 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624810515|mOgeginskin0vNomiygu; Version=1; Expires=Mon, 12-Jul-2021 16:15:15 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.209.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: text/html
content-length: 541
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=9fcd2ad0-9c5e-0ce1-3614-3e24ae3e744e|1624810515; Version=1; Expires=Mon, 27-Jun-2022 16:15:15 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.209.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
date: Sun, 27 Jun 2021 16:15:15 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1

200
OK

Cookie set beacon Show response
ap.lijit.com/ Frame A132
Redirect Chain

https://ap.lijit.com/beacon?informer=13208641
https://ap.lijit.com/beacon?informer=13208641&dnr=1

6 KB
2 KB

30ms
27ms

Document
text/html

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: 4f35375a39cd1a8f30f206cdc92c5eee630af8cb234a5099ffe0f89deccd5bee

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://babesinhairland.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljt_reader=595422e682081e8201db0d30
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

Server: nginx
Date: Sun, 27 Jun 2021 16:15:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJxlkDEWAyEIBe9inQJQEHK1vNx9X8w2zJaD8hn4DB1vDVtZUeqvEXE4xER%2FbB1nx62dXQQVFXT8832pz%2FOOAVW1H5XslUSmwjlhmQvsYPbDwJhXMISPxX1Tn%2Fvw7jtPzFvIX8h3%2FPfkjbvh9wIijlpn;Path=/;Domain=.lijit.com;Expires=Mon, 27-Jun-2022 16:15:15 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=595422e682081e8201db0d30;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap1ams1

Redirect headers

Server: nginx
Date: Sun, 27 Jun 2021 16:15:15 GMT
Content-Length: 0
Set-Cookie: ljt_reader=527846cb254e1e6c7f12142b;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ap.lijit.com/beacon?informer=13208641&dnr=1
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap1ams1

GET
H/1.1

200
OK

Cookie set beacon Show response
ap.lijit.com/ Frame 9F5B
Redirect Chain

https://ap.lijit.com/beacon?informer=13208641
https://ap.lijit.com/beacon?informer=13208641&dnr=1

6 KB
2 KB

47ms
32ms

Document
text/html

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: 08b7f96c8bbdcd6facbb690508b32a36c7bf710f291156db210063b0de2181a7

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://babesinhairland.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljt_reader=595422e682081e8201db0d30
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

Server: nginx
Date: Sun, 27 Jun 2021 16:15:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJxdkEsSAjEIBe%2BStQsg4efVLO%2BuM7qhl02o9zq8lq6nhp3qaPXHirg5xEQvtol7YupkF8FEBYzA%2FPX5Ud8Xd3fOje%2BkkAHHQkfBsg7YwcyDgTGv8R7%2FG%2FrO2xg%2BlvOPG30H%2BQf5jn3nPWQavj8iXlpn;Path=/;Domain=.lijit.com;Expires=Mon, 27-Jun-2022 16:15:15 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=595422e682081e8201db0d30;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap1ams1

Redirect headers

Server: nginx
Date: Sun, 27 Jun 2021 16:15:15 GMT
Content-Length: 0
Set-Cookie: ljt_reader=f73322e226fec3339194a7f5;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ap.lijit.com/beacon?informer=13208641&dnr=1
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap1ams1

GET
H/1.1 200 Cookie set sync_iframe Show response
sync.bfmio.com/ Frame BF3D 217 B
548 B 452ms
124ms Document
text/html 34.205.51.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1624810512189
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.51.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-51-230.compute-1.amazonaws.com
Software: /
Resource Hash: f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a

Request headers

Host: sync.bfmio.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://babesinhairland.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

Access-Control-Allow-Origin: *
Content-Type: text/html
Date: Sun, 27 Jun 2021 16:15:14 GMT
Set-Cookie: __io_cid=61097bc8be6343d476e613cb3e5151d4f7670eb4; Domain=.bfmio.com; Max-Age=31536000; Expires=Mon, 27-Jun-2022 12:15:15 GMT-0400; Path=/; SameSite=None; Secure
Content-Length: 217
Connection: keep-alive

GET
H/1.1 200 Cookie set sync_iframe Show response
sync.bfmio.com/ Frame 6399 217 B
548 B 488ms
109ms Document
text/html 34.205.51.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1624810512342
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.51.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-51-230.compute-1.amazonaws.com
Software: /
Resource Hash: f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a

Request headers

Host: sync.bfmio.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://babesinhairland.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

Access-Control-Allow-Origin: *
Content-Type: text/html
Date: Sun, 27 Jun 2021 16:15:15 GMT
Set-Cookie: __io_cid=fc112072e307857ebdefcf86b97f095e1490cb43; Domain=.bfmio.com; Max-Age=31536000; Expires=Mon, 27-Jun-2022 12:15:15 GMT-0400; Path=/; SameSite=None; Secure
Content-Length: 217
Connection: keep-alive

GET
H2 504 / Show response
ssc-cms.33across.com/ps/ Frame F194 92 B
149 B 726ms
494ms Document
text/html 67.202.110.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bFQb0ON20r6RjGaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.22 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-110.static.steadfastdns.net
Software: /
Resource Hash: bef140a1a96994029153dca8c00b1750b9a5a764fb9db2dc68d7bb40e8a29e8a

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=bFQb0ON20r6RjGaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

content-length: 92
cache-control: no-cache
content-type: text/html

GET
H/1.1

200
OK

Cookie set beacon Show response
ap.lijit.com/ Frame 2474
Redirect Chain

https://ap.lijit.com/beacon?informer=13208641
https://ap.lijit.com/beacon?informer=13208641&dnr=1

6 KB
2 KB

28ms
21ms

Document
text/html

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: a97d143f7e487a0fdf7a5231fb400eb21608b63ff1d5e2fe934caa94a60ccf85

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://babesinhairland.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljt_reader=97237eb20655b0045777729f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

Server: nginx
Date: Sun, 27 Jun 2021 16:15:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJxlkDkSAzEIBP%2Bi2AEggcBfc%2FnvW5Y3oTdsjpmBz9Dx1rCVFaX%2BGnYwxER%2FGNF5dtza2UVQUcHGX9CX%2Bjx9GFbVflQSmgiV8EikzAV2MPSM%2B0iUhfm4f%2Bhzn8TIY7vfPOG34Leg75h3%2FkN64u8FIlxaZw%3D%3D;Path=/;Domain=.lijit.com;Expires=Mon, 27-Jun-2022 16:15:15 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=97237eb20655b0045777729f;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap1ams1

Redirect headers

Server: nginx
Date: Sun, 27 Jun 2021 16:15:15 GMT
Content-Length: 0
Set-Cookie: ljt_reader=97237eb20655b0045777729f;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ap.lijit.com/beacon?informer=13208641&dnr=1
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap1ams1

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 6475 0
0 26ms
26ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 0aefda035c00004c9e981df000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 665ff9189d744c9e-AMS

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame E41D 14 KB
5 KB 86ms
42ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?kdntuid=1&p=156972
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=33662
expires: Mon, 28 Jun 2021 01:36:17 GMT
date: Sun, 27 Jun 2021 16:15:15 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK Cookie set beacon Show response
ap.lijit.com/ Frame BA9F 6 KB
2 KB 41ms
27ms Document
text/html 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13208641
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: daabe23174766d7adb0571cda0d9cc01d5ed490a1cc2872f72f0e9fabe89499a

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://babesinhairland.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljt_reader=f73322e226fec3339194a7f5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

Server: nginx
Date: Sun, 27 Jun 2021 16:15:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJxdkDkWAkEIBe%2FSsQF0s3o1n3fXGU2osHjwF15L11NjW3W0%2BmNF3ByyRS%2FeE8%2FE1MkugokKGIL583NTPxd3d86N76SggYwFj0LKMrCD2Zn3SFSNhPDf8f%2Bpn7w5Z8cDP4OfQd%2Bx7%2FyHzMTvDyCuWmc%3D;Path=/;Domain=.lijit.com;Expires=Mon, 27-Jun-2022 16:15:15 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=f73322e226fec3339194a7f5;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap1ams1

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1504 14 KB
5 KB 89ms
56ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?kdntuid=1&p=156972
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=33662
expires: Mon, 28 Jun 2021 01:36:17 GMT
date: Sun, 27 Jun 2021 16:15:15 GMT
vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame C669 0
0 350ms
137ms Document
text/plain 67.202.110.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bFQb0ON20r6RjGaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.22 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-110.static.steadfastdns.net
Software: 33XP001 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=bFQb0ON20r6RjGaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

x-33x-status: 2000208
server: 33XP001
date: Sun, 27 Jun 2021 16:15:15 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4DEE 14 KB
5 KB 74ms
42ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?kdntuid=1&p=156972
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=33662
expires: Mon, 28 Jun 2021 01:36:17 GMT
date: Sun, 27 Jun 2021 16:15:15 GMT
vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 4348 1006 B
858 B 30ms
29ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: c78884ff0af71411e5255902b19d962505abe344daad6d523d6e3986d2ed2680

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=9fcd2ad0-9c5e-0ce1-3614-3e24ae3e744e|1624810515
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=9fcd2ad0-9c5e-0ce1-3614-3e24ae3e744e|1624810515; Version=1; Expires=Mon, 27-Jun-2022 16:15:15 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624810515|mOgeginskin0vNomiygu; Version=1; Expires=Mon, 12-Jul-2021 16:15:15 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.209.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: text/html
content-length: 541
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 703E 0
0 27ms
26ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 0aefda037900004c9e981e0000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 665ff918cda34c9e-AMS

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 7C4D 0
0 310ms
112ms Document
text/plain 67.202.110.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bFQb0ON20r6RjGaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.22 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-110.static.steadfastdns.net
Software: 33XP005 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=bFQb0ON20r6RjGaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

x-33x-status: 2000208
server: 33XP005
date: Sun, 27 Jun 2021 16:15:15 GMT

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame FDAD 0
0 27ms
26ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 0aefda037e00004c9e840bb000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 665ff918cdab4c9e-AMS

GET
H/1.1 200 Cookie set sync_iframe Show response
sync.bfmio.com/ Frame 37DC 217 B
548 B 444ms
110ms Document
text/html 34.205.51.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1624810512214
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.51.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-51-230.compute-1.amazonaws.com
Software: /
Resource Hash: f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a

Request headers

Host: sync.bfmio.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://babesinhairland.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

Access-Control-Allow-Origin: *
Content-Type: text/html
Date: Sun, 27 Jun 2021 16:15:15 GMT
Set-Cookie: __io_cid=b3fe9006735345063e186a846cf8800a15324b70; Domain=.bfmio.com; Max-Age=31536000; Expires=Mon, 27-Jun-2022 12:15:15 GMT-0400; Path=/; SameSite=None; Secure
Content-Length: 217
Connection: keep-alive

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 4474 0
0 32ms
31ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 0aefda038700004c9e529fe000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 665ff918ddc64c9e-AMS

GET
H/1.1 200 Cookie set sync_iframe Show response
sync.bfmio.com/ Frame 3C29 217 B
548 B 517ms
110ms Document
text/html 34.205.51.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1624810512531
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.51.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-51-230.compute-1.amazonaws.com
Software: /
Resource Hash: f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a

Request headers

Host: sync.bfmio.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://babesinhairland.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

Access-Control-Allow-Origin: *
Content-Type: text/html
Date: Sun, 27 Jun 2021 16:15:14 GMT
Set-Cookie: __io_cid=6c7fd603339de520b42e2ad4b43b8abcb07bb884; Domain=.bfmio.com; Max-Age=31536000; Expires=Mon, 27-Jun-2022 12:15:15 GMT-0400; Path=/; SameSite=None; Secure
Content-Length: 217
Connection: keep-alive

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 62F9 14 KB
5 KB 62ms
57ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?kdntuid=1&p=156972
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=33662
expires: Mon, 28 Jun 2021 01:36:17 GMT
date: Sun, 27 Jun 2021 16:15:15 GMT
vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 00F8 0
0 322ms
138ms Document
text/plain 67.202.110.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bFQb0ON20r6RjGaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: monu.delivery
URL: http://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.22 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-110.static.steadfastdns.net
Software: 33XP002 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=bFQb0ON20r6RjGaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://babesinhairland.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://babesinhairland.com/

Response headers

x-33x-status: 2000208
server: 33XP002
date: Sun, 27 Jun 2021 16:15:15 GMT

GET
H/1.1

200

18.gif
id5-sync.com/qp/
Redirect Chain

https://id5-sync.com/s/441/9.gif?puid=e_e75e0462-28dd-402e-ad52-51eb30c928db&gdpr=1&gdpr_consent=
https://id5-sync.com/c/441/441/9/1.gif?puid=e_e75e0462-28dd-402e-ad52-51eb30c928db&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOE-aNF-HhhO1cZxR_ljZ8LROTtE8eMOjW-CLanQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOE-aNF-HhhO1cZxR_ljZ8LROTtE8eMOjW-CLanQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fp...
https://id5-sync.com/cq/441/124/8/2.gif?puid=40b3141a-2e0c-4166-b5a8-15f957ea8ea7&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&dom...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEL5BqELupMWkrbJbQRgtKxU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0Rv...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEL5BqELupMWkrbJbQRgtK...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=21822931341783706&opid=apx&ops=&utidl=tech:goo:CAESEL5BqELupMWkrbJbQRgtKxU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF...
https://id5-sync.com/qp/18.gif?puid=vec%3A18289642914&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY

43 B
1 KB

34ms
33ms

Image
image/gif

51.89.21.10
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/qp/18.gif?puid=vec%3A18289642914&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.10 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://babesinhairland.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 16:15:19 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/qp/18.gif?puid=vec%3A18289642914&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
date: Sun, 27 Jun 2021 16:15:20 GMT
content-length: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 4348
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qiRtCTJu1LXxrd5

43 B
106 B

30ms
30ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qiRtCTJu1LXxrd5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:16 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:15 GMT
Server: PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-005da0421d9a8a886@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qiRtCTJu1LXxrd5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

sync
prod.perf-serving.com/ Frame 4348
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx

0
0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 4348
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1179862143521709837

43 B
106 B

64ms
54ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1179862143521709837
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:15 GMT
X-Proxy-Origin: 82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 4f68bad7-83b8-43fb-9c3e-a366f8c4b0d0
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1179862143521709837
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

adx
match.prod.bidr.io/cookie-sync/ Frame 4348
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBX0FVN0JzVWdBQURkeVp4NjhoQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBX0FVN0JzVWdBQURkeVp4NjhoQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

43 B
430 B

36ms
35ms

Image
image/gif

34.246.39.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.39.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:22 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 4348
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=849160d8-a412-4b00-8819-83c2bca93e3d

43 B
106 B

26ms
25ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=849160d8-a412-4b00-8819-83c2bca93e3d
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:07 GMT
Server: MT3 3799 851f7e8 master zrh-pixel-x12
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=849160d8-a412-4b00-8819-83c2bca93e3d
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 27 Jun 2021 16:15:06 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 4348
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=9MLkmKPGsZPvx-HD-sqtwvTBs5Xvl7LF8ZMNAF-b

43 B
106 B

27ms
27ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=9MLkmKPGsZPvx-HD-sqtwvTBs5Xvl7LF8ZMNAF-b
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=9MLkmKPGsZPvx-HD-sqtwvTBs5Xvl7LF8ZMNAF-b
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 4348
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=163499063222359301

43 B
106 B

1090ms
30ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=163499063222359301
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:17 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:16 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=163499063222359301
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 4348 70 B
264 B 44ms
41ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=4c611589-35d9-3316-6cc2-f6ccca1947b3&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4348
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjAwZWM2NDMtZmNhZS02ZGIyLTc5MjItYWM3NTAwZmI4OWQz
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjAwZWM2NDMtZmNhZS02ZGIyLTc5MjItYWM3NTAwZmI4OWQz&google_tc=

170 B
188 B

39ms
39ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjAwZWM2NDMtZmNhZS02ZGIyLTc5MjItYWM3NTAwZmI4OWQz&google_tc=

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjAwZWM2NDMtZmNhZS02ZGIyLTc5MjItYWM3NTAwZmI4OWQz&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 4348
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMzvAp29udujgHpF3Pr92_U&google_cver=1

43 B
106 B

37ms
32ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMzvAp29udujgHpF3Pr92_U&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMzvAp29udujgHpF3Pr92_U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame BA9F
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=185&cm=f73322e226fec3339194a7f5&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=84&3pid=c:28753d24e082ffceb614ddb265acfb14

43 B
956 B

1937ms
20ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=84&3pid=c:28753d24e082ffceb614ddb265acfb14
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 27 Jun 2021 16:15:15 GMT
server: Aorta/2.4.14-20210304.4cf0ca0
access-control-allow-origin
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
Location: https://ce.lijit.com/merge?pid=84&3pid=c:28753d24e082ffceb614ddb265acfb14
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
X-Aorta-Region: us-east-1
Connection: keep-alive
X-Aorta-Host: ip-10-42-22-47.ec2.internal
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length: 0

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame BA9F
Redirect Chain

https://px.owneriq.net/eucm/p/sv?gdpr=1&gdpr_consent=
https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6780969162044315887&ref=%2Feucm%2Fp%2Fsv
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

1145ms
243ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 16:15:19 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Sun, 27 Jun 2021 16:15:18 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame BA9F 0
239 B 3747ms
28ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame BA9F
Redirect Chain

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=QtJFZRXWEG5Z10A5FtYMbxbURWtZ2xI-R4QIdOa6

43 B
980 B

1804ms
24ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=QtJFZRXWEG5Z10A5FtYMbxbURWtZ2xI-R4QIdOa6
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=QtJFZRXWEG5Z10A5FtYMbxbURWtZ2xI-R4QIdOa6
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

reporting
ap.lijit.com/dsp/google/ Frame BA9F
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1
https://ap.lijit.com/dsp/google/reporting?gdpr=1

43 B
567 B

26ms
23ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/dsp/google/reporting?gdpr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:15 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ap.lijit.com/dsp/google/reporting?gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame BA9F
Redirect Chain

https://ums.acuityplatform.com/tum?umid=27&uid=f73322e226fec3339194a7f5&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=66&3pid=588459528942

43 B
2 KB

1525ms
245ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=66&3pid=588459528942
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:21 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin: *
Content-Length: 0
Location: https://ce.lijit.com/merge?pid=66&3pid=588459528942

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame BA9F 0
0 7246ms
44ms Image
text/html 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame BA9F
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=f73322e226fec3339194a7f5/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent=
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=f73322e226fec3339194a7f5/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=5001&3pid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1&gdpr_consent=

43 B
956 B

1925ms
20ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1&gdpr_consent=
cache-control: no-cache
x-server: 10.45.21.189
content-length: 0
expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame BA9F
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1

170 B
188 B

49ms
46ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:15 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame BA9F
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=

43 B
2 KB

1506ms
25ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:18 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 generic
data.adsrvr.org/track/cmf/ Frame BA9F 70 B
264 B 69ms
54ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame BA9F 0
239 B 1970ms
108ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
Content-Type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame BA9F
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=49&3pid=9jf4kSeyk5Mz&ev=1&pid=558511&gdpr_consent=&gdpr=1

43 B
1 KB

2150ms
21ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=49&3pid=9jf4kSeyk5Mz&ev=1&pid=558511&gdpr_consent=&gdpr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:19 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://ce.lijit.com/merge?pid=49&3pid=9jf4kSeyk5Mz&ev=1&pid=558511&gdpr_consent=&gdpr=1
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-stage-0
expires: -1

GET
H/1.1 200
OK svr
match.prod.bidr.io/cookie-sync/ Frame BA9F 43 B
430 B 5547ms
37ms Image
image/gif 34.246.39.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.39.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:22 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame BA9F
Redirect Chain

https://um.simpli.fi/lj_match?r=1624810515323&gdpr=1&gdpr_consent=
https://um.simpli.fi/no_match_opted_out

0
272 B

208ms
208ms

Image
text/plain

159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 27 Jun 2021 16:15:17 GMT
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Sun, 27 Jun 2021 16:15:17 GMT
x-content-type-options: nosniff
server: nginx
location: /no_match_opted_out
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sat, 26 Jun 2021 16:15:17 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame BA9F
Redirect Chain

https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=

43 B
2 KB

1687ms
23ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:18 GMT
server: nginx/1.12.1
location: https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame BA9F 43 B
145 B 3138ms
38ms Image
image/gif 35.158.9.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=fmx&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.9.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame BA9F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=f73322e226fec3339194a7f5&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=3&3pid=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=

43 B
2 KB

2231ms
23ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=3&3pid=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:19 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:09 GMT
Server: MT3 3799 851f7e8 master zrh-pixel-x27
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ce.lijit.com/merge?pid=3&3pid=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 27 Jun 2021 16:15:08 GMT

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/ Frame BA9F
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

0
0

73ms
36ms

Image
text/html

52.95.124.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:17 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame BA9F
Redirect Chain

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=86&3pid=4uDYLn6kWCXxxm7v2zxe&pi=sovrn&gdpr_consent=&gdpr=1

43 B
1 KB

1952ms
20ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=86&3pid=4uDYLn6kWCXxxm7v2zxe&pi=sovrn&gdpr_consent=&gdpr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:19 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=86&3pid=4uDYLn6kWCXxxm7v2zxe&pi=sovrn&gdpr_consent=&gdpr=1
pragma: no-cache
date: Sun, 27 Jun 2021 16:15:17 GMT, Sun, 27 Jun 2021 16:15:17 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame BA9F
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=87&3pid=ab8811c2-1404-42b1-8d9d-acc3b1bc00c7

43 B
2 KB

2194ms
24ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=87&3pid=ab8811c2-1404-42b1-8d9d-acc3b1bc00c7
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: //ce.lijit.com/merge?pid=87&3pid=ab8811c2-1404-42b1-8d9d-acc3b1bc00c7
Date: Sun, 27 Jun 2021 16:15:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame BA9F
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=10&3pid=1871597496198972778

43 B
2 KB

2167ms
25ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=10&3pid=1871597496198972778
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: https://ce.lijit.com/merge?pid=10&3pid=1871597496198972778
Date: Sun, 27 Jun 2021 16:15:17 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame BA9F
Redirect Chain

https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

43 B
2 KB

1529ms
251ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H2 200 cksync.php
contextual.media.net/ Frame BA9F 45 B
371 B 169ms
115ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=sov&ovsid=f73322e226fec3339194a7f5&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1023%263pid%3D%24%7BUSER%7D&gdpr=1&gdpr_consent=

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Sun, 27 Jun 2021 16:15:19 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Sun, 27 Jun 2021 16:15:19 GMT

GET
H/1.1

200
OK

Cookie set merge Show response
ce.lijit.com/ Frame 3FE2
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=

43 B
958 B

1655ms
254ms

Document
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host: ce.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ap.lijit.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtbexp=eJxlkDkSAzEIBP%2Bi2AEggcBfc%2FnvW5Y3oTdsjpmBz9Dx1rCVFaX%2BGnYwxER%2FGNF5dtza2UVQUcHGX9CX%2Bjx9GFbVflQSmgiV8EikzAV2MPSM%2B0iUhfm4f%2Bhzn8TIY7vfPOG34Leg75h3%2FkN64u8FIlxaZw%3D%3D; ljt_reader=595422e682081e8201db0d30
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

Server: nginx
Date: Sun, 27 Jun 2021 16:15:17 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: _ljtrtb_1=7797158699854139906;Path=/;Domain=.lijit.com;Expires=Mon, 27-Jun-2022 16:15:17 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=595422e682081e8201db0d30;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxlkDkSAzEIBP%2Bi2AEggcBfc%2FnvW5Y3oTdsjpmBz9Dx1rCVFaX%2BGnYwxER%2FGNF5dtza2UVQUcHGX9CX%2Bjx9GFbVflQSmgiV8EikzAV2MPSM%2B0iUhfm4f%2Bhzn8TIY7vfPOG34Leg75h3%2FkN64u8FIlxaZw%3D%3D;Path=/;Domain=.lijit.com;Expires=Mon, 27-Jun-2022 16:15:17 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap1ams1

Redirect headers

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=7797158699854139906; Domain=.turn.com; Expires=Fri, 24-Dec-2021 16:15:15 GMT; Path=/; Secure; SameSite=None
location: https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=
content-length: 0
date: Sun, 27 Jun 2021 16:15:14 GMT

GET
H2 200 cm Show response
us-u.openx.net/w/1.0/ Frame 10C6 652 B
730 B 42ms
28ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 179fb97be36d3a54cd593ef0aa3743b653c12a71bd881d6e0a245c9d6fe507b6

Request headers

:method: GET
:authority: us-u.openx.net
:scheme: https
:path: /w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=9fcd2ad0-9c5e-0ce1-3614-3e24ae3e744e|1624810515; pd=v2|1624810515|mOgeginskin0vNomiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=9fcd2ad0-9c5e-0ce1-3614-3e24ae3e744e|1624810515; Version=1; Expires=Mon, 27-Jun-2022 16:15:15 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624810515|mWkisHqGgqiysLiSmOgevNomgunsn0gi; Version=1; Expires=Mon, 12-Jul-2021 16:15:15 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.209.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: text/html
content-length: 412
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame ACAC 14 KB
5 KB 38ms
26ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=33662
expires: Mon, 28 Jun 2021 01:36:17 GMT
date: Sun, 27 Jun 2021 16:15:15 GMT
vary: Accept-Encoding

GET
H2 200 0608867b Show response
rtb.gumgum.com/usync/ Frame 96E0 4 KB
2 KB 49ms
38ms Document
text/html 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 95bc243a72e77a71d1fbde4e223184c8475155fa0eb3d672239910cd9b8e5277

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_ca48e0ca-6e88-496c-8041-1fbbecfcdc43; Domain=.gumgum.com; Expires=Mon, 27-Jun-2022 16:15:15 GMT; Path=/; Secure; SameSite=None
etag: W/"06bbc0c649dbf341b5bef5c768e1925b2"
timing-allow-origin: *
content-encoding: gzip

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 32E7 14 KB
5 KB 30ms
28ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=33662
expires: Mon, 28 Jun 2021 01:36:17 GMT
date: Sun, 27 Jun 2021 16:15:15 GMT
vary: Accept-Encoding

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame FD70
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qiRtCTJu1LXxrd5

43 B
106 B

30ms
27ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qiRtCTJu1LXxrd5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:16 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:15 GMT
Server: PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-066a1c0b271e68364@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qiRtCTJu1LXxrd5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

bidswitch
event.clientgear.com/cookie/ Frame FD70
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=03e18118-4ea6-45cf-9e46-3bde6c43c14d

0
0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame FD70
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1179862143521709837

43 B
106 B

43ms
42ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1179862143521709837
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:15 GMT
X-Proxy-Origin: 82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d0b3a674-87f0-44b1-9694-14dd39503b2c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1179862143521709837
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

adx
match.prod.bidr.io/cookie-sync/ Frame FD70
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBXzFrN0JzVWdBQURXa2NvX3RqUQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBXzFrN0JzVWdBQURXa2NvX3RqUQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

43 B
430 B

36ms
35ms

Image
image/gif

34.246.39.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.39.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:22 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame FD70
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=849160d8-a412-4b00-8819-83c2bca93e3d

43 B
106 B

27ms
27ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=849160d8-a412-4b00-8819-83c2bca93e3d
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:07 GMT
Server: MT3 3799 851f7e8 master zrh-pixel-x27
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=849160d8-a412-4b00-8819-83c2bca93e3d
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 27 Jun 2021 16:15:06 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame FD70
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=9MLkmKPGsZPvx-HD-sqtwvTBs5Xvl7LF8ZMNAF-b

43 B
106 B

64ms
53ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=9MLkmKPGsZPvx-HD-sqtwvTBs5Xvl7LF8ZMNAF-b
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=9MLkmKPGsZPvx-HD-sqtwvTBs5Xvl7LF8ZMNAF-b
pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame FD70
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3728927827574371485

43 B
106 B

1086ms
25ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3728927827574371485
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:17 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:16 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3728927827574371485
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame FD70 70 B
264 B 41ms
38ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=4c611589-35d9-3316-6cc2-f6ccca1947b3&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame FD70 170 B
188 B 45ms
43ms Image
image/png 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjAwZWM2NDMtZmNhZS02ZGIyLTc5MjItYWM3NTAwZmI4OWQz

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame FD70
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECRo-4R4FyauiTQ78iw6xyA&google_cver=1

43 B
106 B

26ms
26ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECRo-4R4FyauiTQ78iw6xyA&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECRo-4R4FyauiTQ78iw6xyA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame A132
Redirect Chain

https://ums.acuityplatform.com/tum?umid=27&uid=595422e682081e8201db0d30&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=66&3pid=588459528988

43 B
2 KB

1307ms
28ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=66&3pid=588459528988
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:21 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin: *
Content-Length: 0
Location: https://ce.lijit.com/merge?pid=66&3pid=588459528988

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame A132
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=595422e682081e8201db0d30&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=3&3pid=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=

43 B
957 B

1934ms
32ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=3&3pid=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:07 GMT
Server: MT3 3799 851f7e8 master zrh-pixel-x1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ce.lijit.com/merge?pid=3&3pid=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 27 Jun 2021 16:15:06 GMT

GET
H/1.1

200
OK

reporting
ap.lijit.com/dsp/google/ Frame A132
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1
https://ap.lijit.com/dsp/google/reporting?gdpr=1

43 B
567 B

26ms
26ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/dsp/google/reporting?gdpr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:15 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ap.lijit.com/dsp/google/reporting?gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame A132 0
239 B 3720ms
26ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame A132
Redirect Chain

https://um.simpli.fi/lj_match?r=1624810515327&gdpr=1&gdpr_consent=
https://um.simpli.fi/no_match_opted_out

0
272 B

27ms
24ms

Image
text/plain

159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 27 Jun 2021 16:15:15 GMT
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Sun, 27 Jun 2021 16:15:15 GMT
x-content-type-options: nosniff
server: nginx
location: /no_match_opted_out
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sat, 26 Jun 2021 16:15:15 GMT

GET
H/1.1 200
OK svr
match.prod.bidr.io/cookie-sync/ Frame A132 43 B
430 B 7255ms
36ms Image
image/gif 34.246.39.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.39.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:22 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame A132
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=49&3pid=FQTU3JRPJuGG&ev=1&pid=558511&gdpr_consent=&gdpr=1

43 B
1 KB

2128ms
253ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=49&3pid=FQTU3JRPJuGG&ev=1&pid=558511&gdpr_consent=&gdpr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:19 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://ce.lijit.com/merge?pid=49&3pid=FQTU3JRPJuGG&ev=1&pid=558511&gdpr_consent=&gdpr=1
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-8474b759f8-78x9q
expires: -1

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame A132 0
239 B 1984ms
108ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
Content-Type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame A132
Redirect Chain

https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=

43 B
933 B

2145ms
22ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:18 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:16 GMT
server: nginx/1.12.1
location: https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/ Frame A132
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

0
0

375ms
271ms

Image
text/html

52.95.124.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:17 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 generic
data.adsrvr.org/track/cmf/ Frame A132 70 B
264 B 39ms
39ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame A132 0
0 7029ms
25ms Image
text/html 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame A132
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=

43 B
2 KB

1480ms
29ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:18 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame A132
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=87&3pid=2773dc18-2dc2-452a-9264-d0f09ed8759e

43 B
1 KB

2314ms
22ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=87&3pid=2773dc18-2dc2-452a-9264-d0f09ed8759e
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:19 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: //ce.lijit.com/merge?pid=87&3pid=2773dc18-2dc2-452a-9264-d0f09ed8759e
Date: Sun, 27 Jun 2021 16:15:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame A132
Redirect Chain

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=86&3pid=4uDYLn6kWCXxxm7v2zxe&pi=sovrn&gdpr_consent=&gdpr=1

43 B
1 KB

2203ms
251ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=86&3pid=4uDYLn6kWCXxxm7v2zxe&pi=sovrn&gdpr_consent=&gdpr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=86&3pid=4uDYLn6kWCXxxm7v2zxe&pi=sovrn&gdpr_consent=&gdpr=1
pragma: no-cache
date: Sun, 27 Jun 2021 16:15:17 GMT, Sun, 27 Jun 2021 16:15:17 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame A132
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=10&3pid=1871597496198972778

43 B
2 KB

2194ms
20ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=10&3pid=1871597496198972778
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: https://ce.lijit.com/merge?pid=10&3pid=1871597496198972778
Date: Sun, 27 Jun 2021 16:15:17 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame A132
Redirect Chain

https://px.owneriq.net/eucm/p/sv?gdpr=1&gdpr_consent=
https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6780969182112137680&ref=%2Feucm%2Fp%2Fsv
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

555ms
281ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 16:15:19 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Sun, 27 Jun 2021 16:15:19 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 cksync.php
contextual.media.net/ Frame A132 45 B
371 B 957ms
64ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=sov&ovsid=595422e682081e8201db0d30&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1023%263pid%3D%24%7BUSER%7D&gdpr=1&gdpr_consent=

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Sun, 27 Jun 2021 16:15:19 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Sun, 27 Jun 2021 16:15:19 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame A132
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=185&cm=595422e682081e8201db0d30&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=84&3pid=c:28753d24e082ffceb614ddb265acfb14

43 B
2 KB

1434ms
25ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=84&3pid=c:28753d24e082ffceb614ddb265acfb14
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 27 Jun 2021 16:15:19 GMT
server: Aorta/2.4.14-20210304.4cf0ca0
access-control-allow-origin
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
Location: https://ce.lijit.com/merge?pid=84&3pid=c:28753d24e082ffceb614ddb265acfb14
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
X-Aorta-Region: us-east-1
Connection: keep-alive
X-Aorta-Host: ip-10-42-19-136.ec2.internal
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame A132
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=595422e682081e8201db0d30/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent=
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=595422e682081e8201db0d30/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=5001&3pid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1&gdpr_consent=

43 B
2 KB

1379ms
27ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1&gdpr_consent=
cache-control: no-cache
x-server: 10.45.18.251
content-length: 0
expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame A132
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1

170 B
188 B

33ms
33ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame A132
Redirect Chain

https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

43 B
2 KB

1402ms
26ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H2 200 sync
x.bidswitch.net/ Frame A132 43 B
146 B 585ms
38ms Image
image/gif 35.158.9.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=fmx&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.9.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame A132
Redirect Chain

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=GbUFHk6xUBUCsABFF71MRBm2UhMC4FNDHOR_JHHQ

43 B
980 B

1697ms
23ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=GbUFHk6xUBUCsABFF71MRBm2UhMC4FNDHOR_JHHQ
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=GbUFHk6xUBUCsABFF71MRBm2UhMC4FNDHOR_JHHQ
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 cm Show response
us-u.openx.net/w/1.0/ Frame B194 734 B
798 B 56ms
39ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: bd3c0250cd975b10b17e636313de0c8abbf26bcca3cd51f4b9ba5289aea8ec7e

Request headers

:method: GET
:authority: us-u.openx.net
:scheme: https
:path: /w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=9fcd2ad0-9c5e-0ce1-3614-3e24ae3e744e|1624810515; pd=v2|1624810515|mWkisHqGgqiysLiSmOgevNomgunsn0gi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=9fcd2ad0-9c5e-0ce1-3614-3e24ae3e744e|1624810515; Version=1; Expires=Mon, 27-Jun-2022 16:15:15 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624810515|j8gmmWkitujofcsHqGgqmuiysLiSmOgevNomgunsn0gi; Version=1; Expires=Mon, 12-Jul-2021 16:15:15 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.209.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: text/html
content-length: 469
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2834 14 KB
5 KB 58ms
22ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=33662
expires: Mon, 28 Jun 2021 01:36:17 GMT
date: Sun, 27 Jun 2021 16:15:15 GMT
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6B17 14 KB
5 KB 58ms
23ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=33662
expires: Mon, 28 Jun 2021 01:36:17 GMT
date: Sun, 27 Jun 2021 16:15:15 GMT
vary: Accept-Encoding

GET
H2 200 0608867b Show response
rtb.gumgum.com/usync/ Frame 13F2 4 KB
2 KB 52ms
35ms Document
text/html 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4dd48901c5ac994d3a55585090d55ac27a2d63278e6512e422d0dd4097d04afd

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_6822a837-36e8-465d-8c57-efd22c30f6c5; Domain=.gumgum.com; Expires=Mon, 27-Jun-2022 16:15:15 GMT; Path=/; Secure; SameSite=None
etag: W/"018bf4976584c154c9170647a6c8d4e2a"
timing-allow-origin: *
content-encoding: gzip

GET
H/1.1

200
OK

Cookie set merge Show response
ce.lijit.com/ Frame 56EC
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=

43 B
958 B

1622ms
24ms

Document
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host: ce.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ap.lijit.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtbexp=eJxlkDkSAzEIBP%2Bi2AEggcBfc%2FnvW5Y3oTdsjpmBz9Dx1rCVFaX%2BGnYwxER%2FGNF5dtza2UVQUcHGX9CX%2Bjx9GFbVflQSmgiV8EikzAV2MPSM%2B0iUhfm4f%2Bhzn8TIY7vfPOG34Leg75h3%2FkN64u8FIlxaZw%3D%3D; ljt_reader=595422e682081e8201db0d30
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

Server: nginx
Date: Sun, 27 Jun 2021 16:15:17 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: _ljtrtb_1=7797158699854139906;Path=/;Domain=.lijit.com;Expires=Mon, 27-Jun-2022 16:15:17 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxlkDkSAzEIBP%2Bi2AEggcBfc%2FnvW5Y3oTdsjpmBz9Dx1rCVFaX%2BGnYwxER%2FGNF5dtza2UVQUcHGX9CX%2Bjx9GFbVflQSmgiV8EikzAV2MPSM%2B0iUhfm4f%2Bhzn8TIY7vfPOG34Leg75h3%2FkN64u8FIlxaZw%3D%3D;Path=/;Domain=.lijit.com;Expires=Mon, 27-Jun-2022 16:15:17 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=595422e682081e8201db0d30;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap1ams1

Redirect headers

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=7797158699854139906; Domain=.turn.com; Expires=Fri, 24-Dec-2021 16:15:15 GMT; Path=/; Secure; SameSite=None
location: https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=
content-length: 0
date: Sun, 27 Jun 2021 16:15:14 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame B6B4
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qiRtCTJu1LXxrd5

43 B
106 B

29ms
29ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qiRtCTJu1LXxrd5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:16 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:15 GMT
Server: PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-005da0421d9a8a886@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qiRtCTJu1LXxrd5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B6B4
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=03e18118-4ea6-45cf-9e46-3bde6c43c14d
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=03e18118-4ea6-45cf-9e46-3bde6c43c14d
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=2773dc18-2dc2-452a-9264-d0f09ed8759e&ssp=openx
https://us-u.openx.net/w/1.0/sd?id=537072968&val=03e18118-4ea6-45cf-9e46-3bde6c43c14d

43 B
106 B

27ms
26ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=03e18118-4ea6-45cf-9e46-3bde6c43c14d
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:20 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=03e18118-4ea6-45cf-9e46-3bde6c43c14d
date: Sun, 27 Jun 2021 16:15:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame B6B4
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1179862143521709837

43 B
106 B

27ms
25ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1179862143521709837
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:15 GMT
X-Proxy-Origin: 82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: dee3971d-7062-4391-a9bc-746d094d8dc8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1179862143521709837
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

adx
match.prod.bidr.io/cookie-sync/ Frame B6B4
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBN0ZFN0JzVWdBQURrRWNvX3RqUQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

43 B
430 B

64ms
36ms

Image
image/gif

34.246.39.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.39.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:22 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame B6B4
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=849160d8-a412-4b00-8819-83c2bca93e3d

43 B
106 B

27ms
26ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=849160d8-a412-4b00-8819-83c2bca93e3d
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:16 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:08 GMT
Server: MT3 3799 851f7e8 master zrh-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=849160d8-a412-4b00-8819-83c2bca93e3d
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 27 Jun 2021 16:15:07 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B6B4
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=9MLkmKPGsZPvx-HD-sqtwvTBs5Xvl7LF8ZMNAF-b

43 B
106 B

38ms
38ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=9MLkmKPGsZPvx-HD-sqtwvTBs5Xvl7LF8ZMNAF-b
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=9MLkmKPGsZPvx-HD-sqtwvTBs5Xvl7LF8ZMNAF-b
pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame B6B4
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=233662229606982071

43 B
106 B

1087ms
27ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=233662229606982071
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:17 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:16 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=233662229606982071
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame B6B4 70 B
264 B 97ms
68ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=4c611589-35d9-3316-6cc2-f6ccca1947b3&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame B6B4 170 B
188 B 47ms
37ms Image
image/png 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjAwZWM2NDMtZmNhZS02ZGIyLTc5MjItYWM3NTAwZmI4OWQz

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B6B4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEO8wPtHP5WL-O8fXLnYrCM&google_cver=1

43 B
106 B

39ms
39ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEO8wPtHP5WL-O8fXLnYrCM&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEO8wPtHP5WL-O8fXLnYrCM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 525D
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qiRtCTJu1LXxrd5

43 B
106 B

1265ms
39ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qiRtCTJu1LXxrd5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:17 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:16 GMT
Server: PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-005da0421d9a8a886@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qiRtCTJu1LXxrd5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

bidswitch
event.clientgear.com/cookie/ Frame 525D
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=03e18118-4ea6-45cf-9e46-3bde6c43c14d

0
0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 525D
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1179862143521709837

43 B
106 B

30ms
29ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1179862143521709837
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:15 GMT
X-Proxy-Origin: 82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 80efc95f-23d4-4dca-b19a-bf02dc536752
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1179862143521709837
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

adx
match.prod.bidr.io/cookie-sync/ Frame 525D
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCTTlFN0JzVWdBQURmbmp4bEE3QQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

43 B
430 B

35ms
35ms

Image
image/gif

34.246.39.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.39.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:22 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 525D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=849160d8-a412-4b00-8819-83c2bca93e3d

43 B
243 B

1462ms
25ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=849160d8-a412-4b00-8819-83c2bca93e3d
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:17 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:08 GMT
Server: MT3 3799 851f7e8 master zrh-pixel-x3
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=849160d8-a412-4b00-8819-83c2bca93e3d
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 27 Jun 2021 16:15:07 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 525D
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=9MLkmKPGsZPvx-HD-sqtwvTBs5Xvl7LF8ZMNAF-b

43 B
106 B

39ms
38ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=9MLkmKPGsZPvx-HD-sqtwvTBs5Xvl7LF8ZMNAF-b
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=9MLkmKPGsZPvx-HD-sqtwvTBs5Xvl7LF8ZMNAF-b
pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 525D
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5118844631533354530

43 B
106 B

1086ms
25ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5118844631533354530
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:17 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:16 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5118844631533354530
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 525D 70 B
264 B 95ms
68ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=4c611589-35d9-3316-6cc2-f6ccca1947b3&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame 525D 170 B
188 B 53ms
35ms Image
image/png 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjAwZWM2NDMtZmNhZS02ZGIyLTc5MjItYWM3NTAwZmI4OWQz

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 525D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO81z9u995fYCObboErDJP8&google_cver=1

43 B
106 B

33ms
32ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO81z9u995fYCObboErDJP8&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO81z9u995fYCObboErDJP8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame EA00
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qiRtCTJu1LXxrd5

43 B
106 B

1232ms
30ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qiRtCTJu1LXxrd5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:17 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:16 GMT
Server: PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-09aa64c92a07a6de3@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qiRtCTJu1LXxrd5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

sync
cm.smadex.com/ Frame EA00
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=openx&bds_param=03e18118-4ea6-45cf-9e46-3bde6c43c14d

0
0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame EA00
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1179862143521709837

43 B
106 B

26ms
25ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1179862143521709837
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:15 GMT
X-Proxy-Origin: 82.102.19.124; 82.102.19.124; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: fc80cb8e-9077-49ad-ac4e-d9fb21664bf6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1179862143521709837
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

adx
match.prod.bidr.io/cookie-sync/ Frame EA00
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBV3AwN0JzVWdBQURmSTZjZk9zZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

43 B
430 B

35ms
35ms

Image
image/gif

34.246.39.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.39.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:22 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame EA00
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=849160d8-a412-4b00-8819-83c2bca93e3d

43 B
106 B

1432ms
25ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=849160d8-a412-4b00-8819-83c2bca93e3d
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:17 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:08 GMT
Server: MT3 3799 851f7e8 master zrh-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=849160d8-a412-4b00-8819-83c2bca93e3d
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 27 Jun 2021 16:15:07 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame EA00
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=9MLkmKPGsZPvx-HD-sqtwvTBs5Xvl7LF8ZMNAF-b

43 B
106 B

28ms
28ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=9MLkmKPGsZPvx-HD-sqtwvTBs5Xvl7LF8ZMNAF-b
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=9MLkmKPGsZPvx-HD-sqtwvTBs5Xvl7LF8ZMNAF-b
pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame EA00
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3729744099337650414

43 B
106 B

1086ms
26ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3729744099337650414
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:17 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:16 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3729744099337650414
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame EA00 70 B
264 B 84ms
51ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=4c611589-35d9-3316-6cc2-f6ccca1947b3&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame EA00 170 B
188 B 58ms
35ms Image
image/png 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjAwZWM2NDMtZmNhZS02ZGIyLTc5MjItYWM3NTAwZmI4OWQz

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame EA00
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMzvAp29udujgHpF3Pr92_U&google_cver=1

43 B
106 B

26ms
25ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMzvAp29udujgHpF3Pr92_U&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMzvAp29udujgHpF3Pr92_U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 9F5B
Redirect Chain

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=
https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1
https://ce.lijit.com/merge?pid=86&3pid=4uDYLn6kWCXxxm7v2zxe&pi=sovrn&gdpr_consent=&gdpr=1&tc=1

43 B
942 B

1850ms
24ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=86&3pid=4uDYLn6kWCXxxm7v2zxe&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=86&3pid=4uDYLn6kWCXxxm7v2zxe&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
pragma: no-cache
date: Sun, 27 Jun 2021 16:15:16 GMT, Sun, 27 Jun 2021 16:15:16 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 9F5B
Redirect Chain

https://ums.acuityplatform.com/tum?umid=27&uid=595422e682081e8201db0d30&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=66&3pid=588459528988

43 B
2 KB

751ms
24ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=66&3pid=588459528988
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:21 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin: *
Content-Length: 0
Location: https://ce.lijit.com/merge?pid=66&3pid=588459528988

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 9F5B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=595422e682081e8201db0d30&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=3&3pid=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=

43 B
957 B

2373ms
25ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=3&3pid=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:18 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:08 GMT
Server: MT3 3799 851f7e8 master zrh-pixel-x13
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ce.lijit.com/merge?pid=3&3pid=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 27 Jun 2021 16:15:07 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 9F5B
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=87&3pid=5d65403f-44b7-4c99-8f36-93f391eb8228

43 B
958 B

2224ms
247ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=87&3pid=5d65403f-44b7-4c99-8f36-93f391eb8228
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:18 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: //ce.lijit.com/merge?pid=87&3pid=5d65403f-44b7-4c99-8f36-93f391eb8228
Date: Sun, 27 Jun 2021 16:15:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 9F5B
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=10&3pid=1875819620917243625

43 B
1 KB

1894ms
25ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=10&3pid=1875819620917243625
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:19 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: https://ce.lijit.com/merge?pid=10&3pid=1875819620917243625
Date: Sun, 27 Jun 2021 16:15:17 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame 9F5B
Redirect Chain

https://um.simpli.fi/lj_match?r=1624810515319&gdpr=1&gdpr_consent=
https://um.simpli.fi/no_match_opted_out

0
272 B

28ms
25ms

Image
text/plain

159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 27 Jun 2021 16:15:15 GMT
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Sun, 27 Jun 2021 16:15:15 GMT
x-content-type-options: nosniff
server: nginx
location: /no_match_opted_out
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sat, 26 Jun 2021 16:15:15 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 9F5B 43 B
145 B 80ms
36ms Image
image/gif 35.158.9.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=fmx&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.9.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 9F5B
Redirect Chain

https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=

43 B
933 B

2121ms
23ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:18 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:16 GMT
server: nginx/1.12.1
location: https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 9F5B
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=

43 B
2 KB

1429ms
20ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:18 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9F5B
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1

170 B
188 B

32ms
32ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:15 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 9F5B 0
239 B 3631ms
28ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 9F5B
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=49&3pid=i7YOdonsOjld&ev=1&pid=558511&gdpr_consent=&gdpr=1

43 B
1 KB

2399ms
249ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=49&3pid=i7YOdonsOjld&ev=1&pid=558511&gdpr_consent=&gdpr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:19 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://ce.lijit.com/merge?pid=49&3pid=i7YOdonsOjld&ev=1&pid=558511&gdpr_consent=&gdpr=1
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-8474b759f8-rs26g
expires: -1

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 9F5B
Redirect Chain

https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

43 B
2 KB

1444ms
20ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:18 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 9F5B 0
239 B 108ms
107ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
Content-Type: image/gif

GET
H2 200 generic
data.adsrvr.org/track/cmf/ Frame 9F5B 70 B
264 B 39ms
38ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/ Frame 9F5B
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

0
0

37ms
37ms

Image
text/html

52.95.124.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:18 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET getuid
secure.adnxs.com/ Frame 9F5B 0
0

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 9F5B
Redirect Chain

https://px.owneriq.net/eucm/p/sv?gdpr=1&gdpr_consent=
https://px.owneriq.net/fr/epx.gif
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

325ms
44ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Sun, 27 Jun 2021 16:15:19 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 9F5B
Redirect Chain

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=GbUFHk6xUBUCsABFF71MRBm2UhMC4FNDHOR_JHHQ

43 B
980 B

1674ms
23ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=GbUFHk6xUBUCsABFF71MRBm2UhMC4FNDHOR_JHHQ
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=GbUFHk6xUBUCsABFF71MRBm2UhMC4FNDHOR_JHHQ
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK svr
match.prod.bidr.io/cookie-sync/ Frame 9F5B 43 B
430 B 4134ms
38ms Image
image/gif 34.246.39.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.39.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:22 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 9F5B
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=595422e682081e8201db0d30/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent=
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=595422e682081e8201db0d30/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=5001&3pid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1&gdpr_consent=

43 B
2 KB

1393ms
24ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1&gdpr_consent=
cache-control: no-cache
x-server: 10.45.23.141
content-length: 0
expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 9F5B
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=185&cm=595422e682081e8201db0d30&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=84&3pid=c:28753d24e082ffceb614ddb265acfb14

43 B
2 KB

1362ms
23ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=84&3pid=c:28753d24e082ffceb614ddb265acfb14
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 27 Jun 2021 16:15:19 GMT
server: Aorta/2.4.14-20210304.4cf0ca0
access-control-allow-origin
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
Location: https://ce.lijit.com/merge?pid=84&3pid=c:28753d24e082ffceb614ddb265acfb14
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
X-Aorta-Region: us-east-1
Connection: keep-alive
X-Aorta-Host: ip-10-42-16-114.ec2.internal
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length: 0

GET
H/1.1

200
OK

reporting
ap.lijit.com/dsp/google/ Frame 9F5B
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1
https://ap.lijit.com/dsp/google/reporting?gdpr=1

43 B
567 B

39ms
21ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/dsp/google/reporting?gdpr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ap.lijit.com/dsp/google/reporting?gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 9F5B 45 B
371 B 317ms
317ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=sov&ovsid=595422e682081e8201db0d30&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1023%263pid%3D%24%7BUSER%7D&gdpr=1&gdpr_consent=

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Sun, 27 Jun 2021 16:15:19 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Sun, 27 Jun 2021 16:15:19 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C20B 14 KB
5 KB 61ms
39ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=33662
expires: Mon, 28 Jun 2021 01:36:17 GMT
date: Sun, 27 Jun 2021 16:15:15 GMT
vary: Accept-Encoding

GET
H/1.1

200
OK

Cookie set merge Show response
ce.lijit.com/ Frame 5EF8
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=

43 B
958 B

1591ms
21ms

Document
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host: ce.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ap.lijit.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtbexp=eJxlkDkSAzEIBP%2Bi2AEggcBfc%2FnvW5Y3oTdsjpmBz9Dx1rCVFaX%2BGnYwxER%2FGNF5dtza2UVQUcHGX9CX%2Bjx9GFbVflQSmgiV8EikzAV2MPSM%2B0iUhfm4f%2Bhzn8TIY7vfPOG34Leg75h3%2FkN64u8FIlxaZw%3D%3D; ljt_reader=595422e682081e8201db0d30
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

Server: nginx
Date: Sun, 27 Jun 2021 16:15:17 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: _ljtrtb_1=7797158699854139906;Path=/;Domain=.lijit.com;Expires=Mon, 27-Jun-2022 16:15:17 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=595422e682081e8201db0d30;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxlkDkSAzEIBP%2Bi2AEggcBfc%2FnvW5Y3oTdsjpmBz9Dx1rCVFaX%2BGnYwxER%2FGNF5dtza2UVQUcHGX9CX%2Bjx9GFbVflQSmgiV8EikzAV2MPSM%2B0iUhfm4f%2Bhzn8TIY7vfPOG34Leg75h3%2FkN64u8FIlxaZw%3D%3D;Path=/;Domain=.lijit.com;Expires=Mon, 27-Jun-2022 16:15:17 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap1ams1

Redirect headers

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=7797158699854139906; Domain=.turn.com; Expires=Fri, 24-Dec-2021 16:15:15 GMT; Path=/; Secure; SameSite=None
location: https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=
content-length: 0
date: Sun, 27 Jun 2021 16:15:14 GMT

GET
H2 200 0608867b Show response
rtb.gumgum.com/usync/ Frame A39C 4 KB
1 KB 59ms
40ms Document
text/html 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 95bc243a72e77a71d1fbde4e223184c8475155fa0eb3d672239910cd9b8e5277

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_ca48e0ca-6e88-496c-8041-1fbbecfcdc43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
etag: W/"06bbc0c649dbf341b5bef5c768e1925b2"
timing-allow-origin: *
content-encoding: gzip

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9106 14 KB
5 KB 59ms
40ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=33662
expires: Mon, 28 Jun 2021 01:36:17 GMT
date: Sun, 27 Jun 2021 16:15:15 GMT
vary: Accept-Encoding

GET
H2 200 cm Show response
us-u.openx.net/w/1.0/ Frame 014C 734 B
794 B 44ms
25ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: bd3c0250cd975b10b17e636313de0c8abbf26bcca3cd51f4b9ba5289aea8ec7e

Request headers

:method: GET
:authority: us-u.openx.net
:scheme: https
:path: /w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=9fcd2ad0-9c5e-0ce1-3614-3e24ae3e744e|1624810515; pd=v2|1624810515|mWkisHqGgqiysLiSmOgevNomgunsn0gi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=9fcd2ad0-9c5e-0ce1-3614-3e24ae3e744e|1624810515; Version=1; Expires=Mon, 27-Jun-2022 16:15:15 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624810515|j8gmmWkitujofcsHqGgqmuiysLiSmOgevNomgunsn0gi; Version=1; Expires=Mon, 12-Jul-2021 16:15:15 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.209.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: text/html
content-length: 469
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame 2474
Redirect Chain

https://um.simpli.fi/lj_match?r=1624810515354&gdpr=1&gdpr_consent=
https://um.simpli.fi/no_match_opted_out

0
272 B

28ms
25ms

Image
text/plain

159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 27 Jun 2021 16:15:15 GMT
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Sun, 27 Jun 2021 16:15:15 GMT
x-content-type-options: nosniff
server: nginx
location: /no_match_opted_out
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sat, 26 Jun 2021 16:15:15 GMT

GET
H/1.1 200
OK svr
match.prod.bidr.io/cookie-sync/ Frame 2474 43 B
430 B 7280ms
37ms Image
image/gif 34.246.39.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.39.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:22 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 2474 43 B
145 B 62ms
35ms Image
image/gif 35.158.9.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=fmx&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.9.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 2474
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=49&3pid=QMTQTpYMfgIJ&ev=1&pid=558511&gdpr_consent=&gdpr=1

43 B
1 KB

2422ms
23ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=49&3pid=QMTQTpYMfgIJ&ev=1&pid=558511&gdpr_consent=&gdpr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:19 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://ce.lijit.com/merge?pid=49&3pid=QMTQTpYMfgIJ&ev=1&pid=558511&gdpr_consent=&gdpr=1
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-8474b759f8-tdq42
expires: -1

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 2474
Redirect Chain

https://px.owneriq.net/eucm/p/sv?gdpr=1&gdpr_consent=
https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6780969181870854525&ref=%2Feucm%2Fp%2Fsv
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

1131ms
25ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 16:15:19 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Sun, 27 Jun 2021 16:15:18 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2474
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1

170 B
188 B

33ms
33ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:15 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 2474
Redirect Chain

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=GbUFHk6xUBUCsABFF71MRBm2UhMC4FNDHOR_JHHQ

43 B
980 B

1926ms
243ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=GbUFHk6xUBUCsABFF71MRBm2UhMC4FNDHOR_JHHQ
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=GbUFHk6xUBUCsABFF71MRBm2UhMC4FNDHOR_JHHQ
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 2474
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=185&cm=97237eb20655b0045777729f&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=84&3pid=c:28753d24e082ffceb614ddb265acfb14

43 B
956 B

2390ms
244ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=84&3pid=c:28753d24e082ffceb614ddb265acfb14
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:18 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 27 Jun 2021 16:15:16 GMT
server: Aorta/2.4.14-20210304.4cf0ca0
access-control-allow-origin
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
Location: https://ce.lijit.com/merge?pid=84&3pid=c:28753d24e082ffceb614ddb265acfb14
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
X-Aorta-Region: us-east-1
Connection: keep-alive
X-Aorta-Host: ip-10-42-21-221.ec2.internal
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length: 0

GET
H/1.1

200
OK

reporting
ap.lijit.com/dsp/google/ Frame 2474
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1
https://ap.lijit.com/dsp/google/reporting?gdpr=1

43 B
567 B

246ms
244ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/dsp/google/reporting?gdpr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:15 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ap.lijit.com/dsp/google/reporting?gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 2474 45 B
371 B 3790ms
94ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=sov&ovsid=97237eb20655b0045777729f&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1023%263pid%3D%24%7BUSER%7D&gdpr=1&gdpr_consent=

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Sun, 27 Jun 2021 16:15:19 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Sun, 27 Jun 2021 16:15:19 GMT

GET tum
ums.acuityplatform.com/ Frame 2474 0
0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 2474
Redirect Chain

https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=

43 B
933 B

2097ms
248ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:18 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:16 GMT
server: nginx/1.12.1
location: https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 2474
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=

43 B
2 KB

1530ms
24ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:18 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 2474
Redirect Chain

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=
https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1
https://ce.lijit.com/merge?pid=86&3pid=4uDYLn6kWCXxxm7v2zxe&pi=sovrn&gdpr_consent=&gdpr=1&tc=1

43 B
942 B

1804ms
24ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=86&3pid=4uDYLn6kWCXxxm7v2zxe&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=86&3pid=4uDYLn6kWCXxxm7v2zxe&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
pragma: no-cache
date: Sun, 27 Jun 2021 16:15:16 GMT, Sun, 27 Jun 2021 16:15:16 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 2474
Redirect Chain

https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

43 B
2 KB

1432ms
22ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:18 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 2474
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=10&3pid=1871597496198972778

43 B
2 KB

2171ms
22ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=10&3pid=1871597496198972778
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: https://ce.lijit.com/merge?pid=10&3pid=1871597496198972778
Date: Sun, 27 Jun 2021 16:15:17 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 2474
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=97237eb20655b0045777729f&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=3&3pid=48be60d8-a415-4200-a17b-8efb71569afd&gdpr=1&gdpr_consent=

43 B
2 KB

1936ms
23ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=3&3pid=48be60d8-a415-4200-a17b-8efb71569afd&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:10 GMT
Server: MT3 3799 851f7e8 master zrh-pixel-x14
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ce.lijit.com/merge?pid=3&3pid=48be60d8-a415-4200-a17b-8efb71569afd&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 27 Jun 2021 16:15:09 GMT

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/ Frame 2474
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

0
0

35ms
35ms

Image
text/html

52.95.124.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:18 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET getuid
secure.adnxs.com/ Frame 2474 0
0

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 2474 0
239 B 26ms
25ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 2474 0
239 B 101ms
101ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
Content-Type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 2474
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=97237eb20655b0045777729f/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent=
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=97237eb20655b0045777729f/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=5001&3pid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1&gdpr_consent=

43 B
2 KB

1384ms
20ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1&gdpr_consent=
cache-control: no-cache
x-server: 10.45.5.5
content-length: 0
expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 2474
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=87&3pid=ab8811c2-1404-42b1-8d9d-acc3b1bc00c7

43 B
2 KB

1419ms
25ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=87&3pid=ab8811c2-1404-42b1-8d9d-acc3b1bc00c7
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: //ce.lijit.com/merge?pid=87&3pid=ab8811c2-1404-42b1-8d9d-acc3b1bc00c7
Date: Sun, 27 Jun 2021 16:15:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 generic
data.adsrvr.org/track/cmf/ Frame 2474 70 B
264 B 39ms
38ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 cm Show response
us-u.openx.net/w/1.0/ Frame FE1D 734 B
794 B 38ms
26ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: bd3c0250cd975b10b17e636313de0c8abbf26bcca3cd51f4b9ba5289aea8ec7e

Request headers

:method: GET
:authority: us-u.openx.net
:scheme: https
:path: /w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=9fcd2ad0-9c5e-0ce1-3614-3e24ae3e744e|1624810515; pd=v2|1624810515|mWkisHqGgqiysLiSmOgevNomgunsn0gi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=9fcd2ad0-9c5e-0ce1-3614-3e24ae3e744e|1624810515; Version=1; Expires=Mon, 27-Jun-2022 16:15:15 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624810515|j8gmmWkitujofcsHqGgqmuiysLiSmOgevNomgunsn0gi; Version=1; Expires=Mon, 12-Jul-2021 16:15:15 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.209.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: text/html
content-length: 469
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7047 14 KB
5 KB 52ms
41ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=33662
expires: Mon, 28 Jun 2021 01:36:17 GMT
date: Sun, 27 Jun 2021 16:15:15 GMT
vary: Accept-Encoding

GET
H2 200 0608867b Show response
rtb.gumgum.com/usync/ Frame D6FE 4 KB
1 KB 49ms
39ms Document
text/html 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 95bc243a72e77a71d1fbde4e223184c8475155fa0eb3d672239910cd9b8e5277

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_ca48e0ca-6e88-496c-8041-1fbbecfcdc43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
etag: W/"06bbc0c649dbf341b5bef5c768e1925b2"
timing-allow-origin: *
content-encoding: gzip

GET
H/1.1

200
OK

Cookie set merge Show response
ce.lijit.com/ Frame D833
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=

43 B
958 B

1615ms
24ms

Document
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host: ce.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ap.lijit.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtbexp=eJxlkDkSAzEIBP%2Bi2AEggcBfc%2FnvW5Y3oTdsjpmBz9Dx1rCVFaX%2BGnYwxER%2FGNF5dtza2UVQUcHGX9CX%2Bjx9GFbVflQSmgiV8EikzAV2MPSM%2B0iUhfm4f%2Bhzn8TIY7vfPOG34Leg75h3%2FkN64u8FIlxaZw%3D%3D; ljt_reader=595422e682081e8201db0d30
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

Server: nginx
Date: Sun, 27 Jun 2021 16:15:17 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: _ljtrtb_1=7797158699854139906;Path=/;Domain=.lijit.com;Expires=Mon, 27-Jun-2022 16:15:17 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxlkDkSAzEIBP%2Bi2AEggcBfc%2FnvW5Y3oTdsjpmBz9Dx1rCVFaX%2BGnYwxER%2FGNF5dtza2UVQUcHGX9CX%2Bjx9GFbVflQSmgiV8EikzAV2MPSM%2B0iUhfm4f%2Bhzn8TIY7vfPOG34Leg75h3%2FkN64u8FIlxaZw%3D%3D;Path=/;Domain=.lijit.com;Expires=Mon, 27-Jun-2022 16:15:17 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=595422e682081e8201db0d30;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap1ams1

Redirect headers

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=7797158699854139906; Domain=.turn.com; Expires=Fri, 24-Dec-2021 16:15:15 GMT; Path=/; Secure; SameSite=None
location: https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=
content-length: 0
date: Sun, 27 Jun 2021 16:15:14 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 31E8 14 KB
5 KB 54ms
44ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=33662
expires: Mon, 28 Jun 2021 01:36:17 GMT
date: Sun, 27 Jun 2021 16:15:15 GMT
vary: Accept-Encoding

GET PugMaster
image6.pubmatic.com/AdServer/ Frame C82E 0
0

GET
H/1.1 200
OK pulse.php
tags.researchnow.com/trackers/ Frame 9FDB 42 B
325 B 1196ms
1196ms Image
image/gif 34.246.229.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.researchnow.com/trackers/pulse.php?bses_0=162481051352328554&pr_0=1432044599&top_0=1028&torc0_0=1028&torc2_0=1028&nm_0=0&af_0=1&pc_0=1&bindex=0&tm=7&tv=6_2_0&ref=http%3A%2F%2Fbabesinhairland.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.229.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-229-148.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.46 () / PHP/7.2.34
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 16:15:16 GMT
Server: Apache/2.4.46 ()
P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
X-Powered-By: PHP/7.2.34
Upgrade: h2,h2c
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame 10C6 43 B
958 B 1916ms
28ms Image
image/gif 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=76&3pid=208fcb49-df6d-091b-2b7e-406ab2a878e1&gdpr=1&gdpr_consent=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET ox
match.justpremium.com/match/ Frame 10C6 0
0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 10C6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YNikEwACJFe9DAAC
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YNikEwACJFe9DAAC&_test=YNikEwACJFe9DAAC

43 B
106 B

33ms
31ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YNikEwACJFe9DAAC&_test=YNikEwACJFe9DAAC
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:16 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1624810516.954675,VS0,VE0
x-served-by: cache-fra19151-FRA
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YNikEwACJFe9DAAC&_test=YNikEwACJFe9DAAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET cm
green.erne.co/openx/ Frame 10C6 0
0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 10C6
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7797158699854139906&gdpr=1&gdpr_consent=&us_privacy=

43 B
106 B

25ms
25ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=7797158699854139906&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=7797158699854139906&gdpr=1&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

dds
rtb.openx.net/sync/ Frame 10C6
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=kzeftZxfijiKtrp7GQB9CQ==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
145 B

25ms
25ms

Image
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:17 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: clear
content-length: 43
x-request-id: 14uvsnpteaa8s5csg86fo5bcorgadmv2

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d8a673cd-a575-a15f-5d15-e039354e8afa
pr-bh.ybp.yahoo.com/sync/openx/ Frame 10C6 43 B
564 B 137ms
32ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/d8a673cd-a575-a15f-5d15-e039354e8afa?gdpr=1

Requested by

Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 96E0
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=1179862143521709837

35 B
237 B

40ms
40ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=1179862143521709837
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:22 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:22 GMT
X-Proxy-Origin: 82.102.19.124; 82.102.19.124; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8a57b51c-9e4a-4ce9-84fd-6cf3ac751046
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=1179862143521709837
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 96E0 43 B
145 B 28ms
28ms Image
image/gif 35.158.9.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_ca48e0ca-6e88-496c-8041-1fbbecfcdc43&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.9.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET

syncUser
sync.outbrain.com/ Frame 96E0
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28xWCEBWiw2aezlWVeMQJro_wPnMjuUukqrT98vIdnTlNu501_CueF6PWjELnKmjxy%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_6822a837-36e8-465d-8c57-efd22c30f6c5&obuid=ENC(xWCEBWiw2aezlWVeMQJro_wPnMjuUukqrT98vIdnTlNu501_CueF6PWjELnKmjxy)

0
0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 96E0
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=bb5cb1f9-1dcc-0b40-0bb9-e621024946f5

35 B
237 B

42ms
42ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=bb5cb1f9-1dcc-0b40-0bb9-e621024946f5
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Sun, 27 Jun 2021 16:15:15 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=bb5cb1f9-1dcc-0b40-0bb9-e621024946f5
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1 200
OK sync
sync.srv.stackadapt.com/ Frame 96E0 43 B
168 B 452ms
109ms Image
image/gif 3.228.133.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.133.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 16:15:16 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame 96E0
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-FAmOhAtE2pf5RJfJzuSj1_HrVeR9ZHIDT.uv~A

35 B
237 B

41ms
41ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-FAmOhAtE2pf5RJfJzuSj1_HrVeR9ZHIDT.uv~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Sun, 27 Jun 2021 16:15:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-FAmOhAtE2pf5RJfJzuSj1_HrVeR9ZHIDT.uv~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame 96E0 0
0

GET services
sync.technoratimedia.com/ Frame 96E0 0
0

GET 142
match.deepintent.com/usersync/ Frame 96E0 0
0

GET /
b1sync.zemanta.com/usersync/gumgum/ Frame 96E0 0
0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 96E0
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=f502a74b-80ed-470a-b97e-75d9008256c2

35 B
237 B

171ms
53ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=f502a74b-80ed-470a-b97e-75d9008256c2
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=f502a74b-80ed-470a-b97e-75d9008256c2
date: Sun, 27 Jun 2021 16:15:19 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

usersync
rtb.gumgum.com/ Frame 96E0
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6291105096
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6291105096
https://sync.1rx.io/usersync/tradedesk/7e797ce8-a37f-4616-825a-e52146533677
https://sync.targeting.unrulymedia.com/csync/RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003
https://rtb.gumgum.com/usersync?b=rhy&i=RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003

35 B
237 B

447ms
53ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=rhy&i=RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003
date: Sun, 27 Jun 2021 16:15:19 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX825b04cc9c0f4253a1118a5268b6bb68003
content-type: text/html

GET
H2

200

usersync
rtb.gumgum.com/ Frame 96E0
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=ZI7lL5I0p9lK&ev=1&pid=558355

35 B
237 B

2313ms
91ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=ZI7lL5I0p9lK&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=ZI7lL5I0p9lK&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-8474b759f8-vcttd
expires: -1

GET
H2

200

usersync
rtb.gumgum.com/ Frame 96E0
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15
https://rtb.gumgum.com/usersync?b=sad&i=6201520359979757402&gdpr=1&gdpr_consent=

35 B
237 B

3421ms
91ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sad&i=6201520359979757402&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=sad&i=6201520359979757402&gdpr=1&gdpr_consent=
date: Sun, 27 Jun 2021 16:15:15 GMT
content-length: 0

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame 96E0 43 B
2 KB 1595ms
23ms Image
image/gif 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=36&3pid=e_ca48e0ca-6e88-496c-8041-1fbbecfcdc43
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:21 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 2776
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=

35 B
237 B

44ms
43ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_6822a837-36e8-465d-8c57-efd22c30f6c5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Sun, 27 Jun 2021 16:15:07 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3799 851f7e8 master zrh-pixel-x2
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://rtb.gumgum.com/usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
Expires: Sun, 27 Jun 2021 16:15:06 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 2B1B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YNikEwAB9olpMgBg
https://rtb.gumgum.com/usersync?b=atm&i=YNikEwAB9olpMgBg&gdpr=1&gdpr_consent=&_test=YNikEwAB9olpMgBg

35 B
237 B

41ms
40ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YNikEwAB9olpMgBg&gdpr=1&gdpr_consent=&_test=YNikEwAB9olpMgBg
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=atm&i=YNikEwAB9olpMgBg&gdpr=1&gdpr_consent=&_test=YNikEwAB9olpMgBg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_6822a837-36e8-465d-8c57-efd22c30f6c5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YNikEwAB9olpMgBg&gdpr=1&gdpr_consent=&_test=YNikEwAB9olpMgBg
accept-ranges: bytes
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 varnish
x-served-by: cache-fra19151-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1624810516.907294,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H3-29 200 pixel Show response
cm.g.doubleclick.net/ Frame 2ADB 170 B
188 B 39ms
34ms Document
image/png 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jYTQ4ZTBjYS02ZTg4LTQ5NmMtODA0MS0xZmJiZWNmY2RjNDM=&gdpr=1&gdpr_consent=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV9jYTQ4ZTBjYS02ZTg4LTQ5NmMtODA0MS0xZmJiZWNmY2RjNDM=&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnBCRSjnTIlK2YO95qU-Jquv0lY5amGsWr97LkNcZ5vvOXhLvi_AJtuNAQRSlU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: image/png
date: Sun, 27 Jun 2021 16:15:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9802 14 KB
5 KB 34ms
27ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=33662
expires: Mon, 28 Jun 2021 01:36:17 GMT
date: Sun, 27 Jun 2021 16:15:15 GMT
vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 8730 0
0 112ms
106ms Document
text/plain 67.202.110.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.22 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-110.static.steadfastdns.net
Software: 33XP005 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

x-33x-status: 2000208
server: 33XP005
date: Sun, 27 Jun 2021 16:15:15 GMT

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 60F9 70 B
264 B 69ms
65ms Document
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=401e94ba-67bb-4dbf-ba51-150789679d4d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame 63FE 0
0 1828ms
42ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: text/html
date: Sun, 27 Jun 2021 16:15:16 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 8380
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YNikF8Co5soAAKkMCykAAAAA

35 B
237 B

109ms
49ms

Document
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YNikF8Co5soAAKkMCykAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YNikF8Co5soAAKkMCykAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Sun, 27 Jun 2021 16:15:19 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YNikF8Co5soAAKkMCykAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 2
X-SO-HostName: m-ad254.dc4p.scaleout.jp
X-SO-LB-Hostname: a-tgng40006.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":62,"gdpr":true,"ipv4":"0.0.0.0","key":"YNikF8Co5soAAKkMCykAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad254"}
X-SO-Key: YNikF8Co5soAAKkMCykAAAAA
X-SO-IP: 82.102.19.124
X-SO-Cluster-ID: 62
X-SO-Upstream-ID: m-ad254

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 8392
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=1871878971171637113

35 B
237 B

2680ms
88ms

Document
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=1871878971171637113
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=1871878971171637113
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_6822a837-36e8-465d-8c57-efd22c30f6c5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Sun, 27 Jun 2021 16:15:16 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAFslxmtoZmRiYWhgamhmaWQIAL2VAkwQAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 22 Jul 2022 16:15:16 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwByILS3NDQ3NDM2MgZSzEZ6ibVB7oUhbvbxxU4mMpxWtoZmRiYWhgamhmaWQIAP-K-ZQ0AAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 22 Jul 2022 16:15:16 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwByILS3NDQ3NDM2MgZSzEZ6ibVB7oUhbvbxxU4mMJAKF9y9klAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=1871878971171637113
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame CE5C
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1

35 B
237 B

41ms
41ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_6822a837-36e8-465d-8c57-efd22c30f6c5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:16 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Sun, 27 Jun 2021 16:15:16 GMT Sun, 27 Jun 2021 16:15:16 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame B194 43 B
958 B 1893ms
21ms Image
image/gif 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=76&3pid=208fcb49-df6d-091b-2b7e-406ab2a878e1&gdpr=1&gdpr_consent=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame B194 0
0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame B194
Redirect Chain

https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1
https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1&prevuid=03030001_60d8a41ad0881&knw=0
https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030001_60d8a41ad0881
https://eu-u.openx.net/w/1.0/sd?cc=1&id=540394477&val=03030001_60d8a41ad0881

43 B
106 B

43ms
43ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=540394477&val=03030001_60d8a41ad0881
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:23 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=540394477&val=03030001_60d8a41ad0881
date: Sun, 27 Jun 2021 16:15:22 GMT
via: 1.1 google
server: OXGW/16.209.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B194
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=0458AB34211A46359E369788D37615FC

43 B
106 B

29ms
26ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=0458AB34211A46359E369788D37615FC
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sun, 27 Jun 2021 16:15:15 GMT
x-content-type-options: nosniff
server: nginx
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=0458AB34211A46359E369788D37615FC
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sat, 26 Jun 2021 16:15:15 GMT

GET
H/1.1 504
GATEWAY_TIMEOUT c.html
j.mrpdata.net/ Frame B194 0
75 B 2244ms
24ms Image
text/plain 3.124.126.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j.mrpdata.net/c.html?ex=OpenX
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.126.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0

GET
H2 204 current
openx2-match.dotomi.com/match/bounce/ Frame B194 0
104 B 109ms
36ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B194
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072977&val=no-consent&gdpr=1&gdpr_consent=

43 B
106 B

30ms
30ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:18 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072977&val=no-consent&gdpr=1&gdpr_consent=
date: Sun, 27 Jun 2021 16:15:18 GMT
via: 1.1 google
server: OXGW/16.209.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

usersync
rtb.gumgum.com/ Frame 13F2
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=1179862143521709837

35 B
237 B

36ms
36ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=1179862143521709837
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:22 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:22 GMT
X-Proxy-Origin: 82.102.19.124; 82.102.19.124; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2f0a1a70-359c-4b8e-a4fc-6e60338c217e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=1179862143521709837
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 13F2 43 B
145 B 54ms
42ms Image
image/gif 35.158.9.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_6822a837-36e8-465d-8c57-efd22c30f6c5&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.9.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET

syncUser
sync.outbrain.com/ Frame 13F2
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28H3YyJvXq8OYoD83UBlx2roWAbb_9aD_xD4Lx-S2RfvwfkxB2D8iIhPFxoLKpS00X%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_6822a837-36e8-465d-8c57-efd22c30f6c5&obuid=ENC(H3YyJvXq8OYoD83UBlx2roWAbb_9aD_xD4Lx-S2RfvwfkxB2D8iIhPFxoLKpS00X)

0
0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 13F2
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=bb5cb1f9-1dcc-0b40-0bb9-e621024946f5

35 B
237 B

48ms
43ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=bb5cb1f9-1dcc-0b40-0bb9-e621024946f5
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Sun, 27 Jun 2021 16:15:15 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=bb5cb1f9-1dcc-0b40-0bb9-e621024946f5
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1 200
OK sync
sync.srv.stackadapt.com/ Frame 13F2 43 B
168 B 526ms
110ms Image
image/gif 3.228.133.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.133.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 16:15:16 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame 13F2
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-bODU6.pE2pdSy69geTR7J36IY_Jzz.XWZTcc~A

35 B
237 B

42ms
41ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-bODU6.pE2pdSy69geTR7J36IY_Jzz.XWZTcc~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Sun, 27 Jun 2021 16:15:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-bODU6.pE2pdSy69geTR7J36IY_Jzz.XWZTcc~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame 13F2 0
0

GET services
sync.technoratimedia.com/ Frame 13F2 0
0

GET 142
match.deepintent.com/usersync/ Frame 13F2 0
0

GET /
b1sync.zemanta.com/usersync/gumgum/ Frame 13F2 0
0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 13F2
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=f502a74b-80ed-470a-b97e-75d9008256c2

35 B
237 B

172ms
53ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=f502a74b-80ed-470a-b97e-75d9008256c2
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=f502a74b-80ed-470a-b97e-75d9008256c2
date: Sun, 27 Jun 2021 16:15:19 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

usersync
rtb.gumgum.com/ Frame 13F2
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8916768008
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8916768008
https://sync.1rx.io/usersync/tradedesk/7e797ce8-a37f-4616-825a-e52146533677
https://sync.targeting.unrulymedia.com/csync/RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003
https://rtb.gumgum.com/usersync?b=rhy&i=RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003

35 B
237 B

447ms
52ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=rhy&i=RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003
date: Sun, 27 Jun 2021 16:15:19 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX825b04cc9c0f4253a1118a5268b6bb68003
content-type: text/html

GET
H2

200

usersync
rtb.gumgum.com/ Frame 13F2
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=Rpreblq0HGqQ&ev=1&pid=558355

35 B
237 B

2310ms
89ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=Rpreblq0HGqQ&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=Rpreblq0HGqQ&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-8474b759f8-htknh
expires: -1

GET
H2

200

usersync
rtb.gumgum.com/ Frame 13F2
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15
https://rtb.gumgum.com/usersync?b=sad&i=6201520359979757402&gdpr=1&gdpr_consent=

35 B
237 B

3210ms
89ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sad&i=6201520359979757402&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=sad&i=6201520359979757402&gdpr=1&gdpr_consent=
date: Sun, 27 Jun 2021 16:15:15 GMT
content-length: 0

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame 13F2 43 B
2 KB 1647ms
25ms Image
image/gif 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=36&3pid=e_6822a837-36e8-465d-8c57-efd22c30f6c5
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:21 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 93F1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=

35 B
237 B

45ms
43ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_6822a837-36e8-465d-8c57-efd22c30f6c5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Sun, 27 Jun 2021 16:15:07 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3799 851f7e8 master zrh-pixel-x9
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://rtb.gumgum.com/usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
Expires: Sun, 27 Jun 2021 16:15:06 GMT

GET
H2

200

URnmbSKM Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame FBE8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YNikEwACJIa_1wAC

85 B
160 B

35ms
27ms

Document
image/png

151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YNikEwACJIa_1wAC
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

:method: GET
:authority: sync-tm.everesttech.net
:scheme: https
:path: /ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YNikEwACJIa_1wAC
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: everest_g_v2=g_surferid~YNikEwAB9olpMgBg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: image/png
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 varnish
age: 483
x-served-by: cache-fra19151-FRA
x-cache: HIT
x-cache-hits: 1093
x-timer: S1624810516.907316,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 85

Redirect headers

p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
set-cookie: everest_g_v2=g_surferid~YNikEwACJIa_1wAC; Path=/; Domain=.everesttech.net; Expires=Mon, 27-Jun-2022 16:15:15 GMT; Max-Age=31536000;SameSite=None;Secure
location: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YNikEwACJIa_1wAC
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 varnish
x-served-by: cache-fra19151-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1624810516.772650,VS0,VE92
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H3-29 200 pixel Show response
cm.g.doubleclick.net/ Frame 87F7 170 B
188 B 52ms
46ms Document
image/png 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82ODIyYTgzNy0zNmU4LTQ2NWQtOGM1Ny1lZmQyMmMzMGY2YzU=&gdpr=1&gdpr_consent=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV82ODIyYTgzNy0zNmU4LTQ2NWQtOGM1Ny1lZmQyMmMzMGY2YzU=&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnBCRSjnTIlK2YO95qU-Jquv0lY5amGsWr97LkNcZ5vvOXhLvi_AJtuNAQRSlU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: image/png
date: Sun, 27 Jun 2021 16:15:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B52C 14 KB
5 KB 48ms
43ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=33662
expires: Mon, 28 Jun 2021 01:36:17 GMT
date: Sun, 27 Jun 2021 16:15:15 GMT
vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame D311 0
0 109ms
106ms Document
text/plain 67.202.110.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.22 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-110.static.steadfastdns.net
Software: 33XP001 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

x-33x-status: 2000208
server: 33XP001
date: Sun, 27 Jun 2021 16:15:15 GMT

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 08E9 70 B
264 B 43ms
41ms Document
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=401e94ba-67bb-4dbf-ba51-150789679d4d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame 7C7A 0
0 1802ms
43ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: text/html
date: Sun, 27 Jun 2021 16:15:16 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 6B7A
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YNikF8Co5soAAKkMC2MAAAAA

35 B
237 B

37ms
37ms

Document
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YNikF8Co5soAAKkMC2MAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YNikF8Co5soAAKkMC2MAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Sun, 27 Jun 2021 16:15:19 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YNikF8Co5soAAKkMC2MAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 2
X-SO-HostName: m-ad75.dc4p.scaleout.jp
X-SO-LB-Hostname: a-tgng40006.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":28,"gdpr":true,"ipv4":"0.0.0.0","key":"YNikF8Co5soAAKkMC2MAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad75"}
X-SO-Key: YNikF8Co5soAAKkMC2MAAAAA
X-SO-IP: 82.102.19.124
X-SO-Cluster-ID: 28
X-SO-Upstream-ID: m-ad75

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame E563
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=1871316021157751687

35 B
237 B

2659ms
89ms

Document
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=1871316021157751687
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=1871316021157751687
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_6822a837-36e8-465d-8c57-efd22c30f6c5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Sun, 27 Jun 2021 16:15:16 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAFslxmtoZmRiYWhgamhmaWIMABdTVvQQAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 22 Jul 2022 16:15:16 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwNzQ2NDMwMjQ0NTc3NTSzMBfiM9T1MShNDfMwj0pJ8w-T4jU0MzKxMDQAylqaGAMAwvYweTQAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 22 Jul 2022 16:15:16 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzQ2NDMwMjQ0NTc3NTSzMBfiM9T1MShNDfMwj0pJ8w8DAEBa11ElAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=1871316021157751687
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 4F30
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1

35 B
237 B

41ms
40ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_6822a837-36e8-465d-8c57-efd22c30f6c5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:16 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Sun, 27 Jun 2021 16:15:16 GMT Sun, 27 Jun 2021 16:15:16 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame 014C 43 B
958 B 1829ms
25ms Image
image/gif 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=76&3pid=208fcb49-df6d-091b-2b7e-406ab2a878e1&gdpr=1&gdpr_consent=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame 014C 0
0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 014C
Redirect Chain

https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1
https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1&prevuid=03030002_60d8a41ad79b5&knw=0
https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030002_60d8a41ad79b5
https://eu-u.openx.net/w/1.0/sd?cc=1&id=540394477&val=03030002_60d8a41ad79b5

43 B
106 B

40ms
40ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=540394477&val=03030002_60d8a41ad79b5
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:23 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=540394477&val=03030002_60d8a41ad79b5
date: Sun, 27 Jun 2021 16:15:22 GMT
via: 1.1 google
server: OXGW/16.209.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 014C
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=79302ECBCB99410ABCA6A4DBE3F65F74

43 B
106 B

47ms
45ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=79302ECBCB99410ABCA6A4DBE3F65F74
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sun, 27 Jun 2021 16:15:15 GMT
x-content-type-options: nosniff
server: nginx
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=79302ECBCB99410ABCA6A4DBE3F65F74
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sat, 26 Jun 2021 16:15:15 GMT

GET
H/1.1 504
GATEWAY_TIMEOUT c.html
j.mrpdata.net/ Frame 014C 0
75 B 2179ms
24ms Image
text/plain 3.124.126.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j.mrpdata.net/c.html?ex=OpenX
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.126.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0

GET
H2 204 current
openx2-match.dotomi.com/match/bounce/ Frame 014C 0
103 B 33ms
22ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 014C
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072977&val=no-consent&gdpr=1&gdpr_consent=

43 B
106 B

25ms
25ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:18 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072977&val=no-consent&gdpr=1&gdpr_consent=
date: Sun, 27 Jun 2021 16:15:18 GMT
via: 1.1 google
server: OXGW/16.209.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame FE1D 43 B
958 B 2078ms
250ms Image
image/gif 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=76&3pid=208fcb49-df6d-091b-2b7e-406ab2a878e1&gdpr=1&gdpr_consent=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame FE1D 0
0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame FE1D
Redirect Chain

https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1
https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1&prevuid=03030003_60d8a41adfb1f&knw=0
https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030003_60d8a41adfb1f

43 B
106 B

39ms
39ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030003_60d8a41adfb1f
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:23 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sun, 27 Jun 2021 16:15:22 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://eu-u.openx.net/w/1.0/sd?id=540394477&val=03030003_60d8a41adfb1f
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame FE1D
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=146DB681919846B2BD056E4297FCC766

43 B
106 B

29ms
26ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=146DB681919846B2BD056E4297FCC766
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sun, 27 Jun 2021 16:15:15 GMT
x-content-type-options: nosniff
server: nginx
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=146DB681919846B2BD056E4297FCC766
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sat, 26 Jun 2021 16:15:15 GMT

GET
H/1.1 504
GATEWAY_TIMEOUT c.html
j.mrpdata.net/ Frame FE1D 0
75 B 2195ms
24ms Image
text/plain 3.124.126.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j.mrpdata.net/c.html?ex=OpenX
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.126.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0

GET
H2 204 current
openx2-match.dotomi.com/match/bounce/ Frame FE1D 0
103 B 25ms
21ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame FE1D
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072977&val=no-consent&gdpr=1&gdpr_consent=

43 B
106 B

27ms
26ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:18 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072977&val=no-consent&gdpr=1&gdpr_consent=
date: Sun, 27 Jun 2021 16:15:18 GMT
via: 1.1 google
server: OXGW/16.209.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

usersync
rtb.gumgum.com/ Frame D6FE
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=1179862143521709837

35 B
237 B

37ms
37ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=1179862143521709837
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:22 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:22 GMT
X-Proxy-Origin: 82.102.19.124; 82.102.19.124; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 667fd950-c6f9-4ce4-8a12-34d4861c4dfd
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=1179862143521709837
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame D6FE 43 B
145 B 25ms
25ms Image
image/gif 35.158.9.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_ca48e0ca-6e88-496c-8041-1fbbecfcdc43&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.9.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame D6FE
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28YARKYxV827ygRX0zbv1L3Tk0DnrT_H1d1kUfTYMn2BmwkmN0GxpKP-sIpY3NhJn9%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...

35 B
237 B

37ms
36ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=obn&i=ENC%28YARKYxV827ygRX0zbv1L3Tk0DnrT_H1d1kUfTYMn2BmwkmN0GxpKP-sIpY3NhJn9%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28YARKYxV827ygRX0zbv1L3Tk0DnrT_H1d1kUfTYMn2BmwkmN0GxpKP-sIpY3NhJn9%29
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:21 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=obn&i=ENC%28YARKYxV827ygRX0zbv1L3Tk0DnrT_H1d1kUfTYMn2BmwkmN0GxpKP-sIpY3NhJn9%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28YARKYxV827ygRX0zbv1L3Tk0DnrT_H1d1kUfTYMn2BmwkmN0GxpKP-sIpY3NhJn9%29
Date: Sun, 27 Jun 2021 16:15:20 GMT
Connection: close
X-TraceId: f2aa6c609d5d5928987b31a3d34c64c9
Content-Length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame D6FE
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=bb5cb1f9-1dcc-0b40-0bb9-e621024946f5

35 B
237 B

45ms
41ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=bb5cb1f9-1dcc-0b40-0bb9-e621024946f5
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Sun, 27 Jun 2021 16:15:15 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=bb5cb1f9-1dcc-0b40-0bb9-e621024946f5
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1 200
OK sync
sync.srv.stackadapt.com/ Frame D6FE 43 B
168 B 537ms
109ms Image
image/gif 3.228.133.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.133.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 16:15:16 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame D6FE
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-nMzzlcRE2pesMyTJLWdenjhLHkqQDG_jLxt0~A

35 B
237 B

55ms
42ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-nMzzlcRE2pesMyTJLWdenjhLHkqQDG_jLxt0~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Sun, 27 Jun 2021 16:15:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-nMzzlcRE2pesMyTJLWdenjhLHkqQDG_jLxt0~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame D6FE 0
0

GET services
sync.technoratimedia.com/ Frame D6FE 0
0

GET 142
match.deepintent.com/usersync/ Frame D6FE 0
0

GET /
b1sync.zemanta.com/usersync/gumgum/ Frame D6FE 0
0

GET
H2

200

usersync
rtb.gumgum.com/ Frame D6FE
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=f502a74b-80ed-470a-b97e-75d9008256c2

35 B
237 B

170ms
51ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=f502a74b-80ed-470a-b97e-75d9008256c2
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=f502a74b-80ed-470a-b97e-75d9008256c2
date: Sun, 27 Jun 2021 16:15:19 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

usersync
rtb.gumgum.com/ Frame D6FE
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=810729213
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=810729213
https://sync.1rx.io/usersync/tradedesk/7e797ce8-a37f-4616-825a-e52146533677
https://sync.targeting.unrulymedia.com/csync/RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003
https://rtb.gumgum.com/usersync?b=rhy&i=RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003

35 B
237 B

445ms
50ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=rhy&i=RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003
date: Sun, 27 Jun 2021 16:15:19 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX825b04cc9c0f4253a1118a5268b6bb68003
content-type: text/html

GET
H2

200

usersync
rtb.gumgum.com/ Frame D6FE
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=fhCGtBbUE4gF&ev=1&pid=558355

35 B
237 B

2311ms
90ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=fhCGtBbUE4gF&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=fhCGtBbUE4gF&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-8474b759f8-bvk2l
expires: -1

GET
H2

200

usersync
rtb.gumgum.com/ Frame D6FE
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15
https://rtb.gumgum.com/usersync?b=sad&i=6201520359979757402&gdpr=1&gdpr_consent=

35 B
237 B

3185ms
90ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sad&i=6201520359979757402&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=sad&i=6201520359979757402&gdpr=1&gdpr_consent=
date: Sun, 27 Jun 2021 16:15:15 GMT
content-length: 0

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame D6FE 43 B
2 KB 1548ms
23ms Image
image/gif 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=36&3pid=e_ca48e0ca-6e88-496c-8041-1fbbecfcdc43
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:21 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame CBE0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=

35 B
237 B

52ms
42ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_6822a837-36e8-465d-8c57-efd22c30f6c5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Sun, 27 Jun 2021 16:15:07 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3799 851f7e8 master zrh-pixel-x25
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://rtb.gumgum.com/usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
Expires: Sun, 27 Jun 2021 16:15:06 GMT

GET
H2 200 URnmbSKM Show response
sync-tm.everesttech.net/upi/pid/ Frame F83C 85 B
368 B 118ms
115ms Document
image/png 151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

:method: GET
:authority: sync-tm.everesttech.net
:scheme: https
:path: /upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: everest_g_v2=g_surferid~YNikEwACJFe9DAAC
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: image/png
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
set-cookie: everest_g_v2=g_surferid~YNikEwACJFe9DAAC;Max-Age=31536000;Domain=everesttech.net;Path=/;SameSite=None;Secure
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 varnish
x-served-by: cache-fra19151-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1624810516.827807,VS0,VE89
cache-control: no-cache
pragma: no-cache
content-length: 85

GET
H3-29 200 pixel Show response
cm.g.doubleclick.net/ Frame 8133 170 B
188 B 69ms
66ms Document
image/png 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jYTQ4ZTBjYS02ZTg4LTQ5NmMtODA0MS0xZmJiZWNmY2RjNDM=&gdpr=1&gdpr_consent=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV9jYTQ4ZTBjYS02ZTg4LTQ5NmMtODA0MS0xZmJiZWNmY2RjNDM=&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnBCRSjnTIlK2YO95qU-Jquv0lY5amGsWr97LkNcZ5vvOXhLvi_AJtuNAQRSlU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: image/png
date: Sun, 27 Jun 2021 16:15:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C626 14 KB
5 KB 27ms
26ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=33662
expires: Mon, 28 Jun 2021 01:36:17 GMT
date: Sun, 27 Jun 2021 16:15:15 GMT
vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 8EDE 0
0 205ms
201ms Document
text/plain 67.202.110.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.22 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-110.static.steadfastdns.net
Software: 33XP003 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

x-33x-status: 2000208
server: 33XP003
date: Sun, 27 Jun 2021 16:15:15 GMT

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 4144 70 B
264 B 43ms
42ms Document
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=401e94ba-67bb-4dbf-ba51-150789679d4d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame D75E 0
0 1675ms
44ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: text/html
date: Sun, 27 Jun 2021 16:15:16 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame AD10
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YNikF8Co5soAAKkMC5gAAAAA

35 B
237 B

37ms
36ms

Document
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YNikF8Co5soAAKkMC5gAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YNikF8Co5soAAKkMC5gAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Sun, 27 Jun 2021 16:15:19 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YNikF8Co5soAAKkMC5gAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 2
X-SO-HostName: a-ad40143.dc2p.scaleout.jp
X-SO-LB-Hostname: a-tgng40006.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":53,"gdpr":true,"ipv4":"0.0.0.0","key":"YNikF8Co5soAAKkMC5gAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40143"}
X-SO-Key: YNikF8Co5soAAKkMC5gAAAAA
X-SO-IP: 82.102.19.124
X-SO-Cluster-ID: 53
X-SO-Upstream-ID: a-ad40143

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame D42B
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=1875819620917243488

35 B
237 B

2637ms
88ms

Document
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=1875819620917243488
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=1875819620917243488
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_6822a837-36e8-465d-8c57-efd22c30f6c5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Sun, 27 Jun 2021 16:15:16 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAFslxmtoZmRiYWhgamhmaWYCADakBFgQAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 22 Jul 2022 16:15:16 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwN7UwtDQzMrA0NDcyMTaxsBDiM9QNDi1wzSkyMfP1qMyV4jU0MzKxMDQwNTSzNDMBAO-i2xY0AAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 22 Jul 2022 16:15:16 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwN7UwtDQzMrA0NDcyMTaxsBDiM9QNDi1wzSkyMfP1qMwFAB3Olj0lAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=1875819620917243488
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame A9B7
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1

35 B
237 B

42ms
41ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_6822a837-36e8-465d-8c57-efd22c30f6c5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:16 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Sun, 27 Jun 2021 16:15:16 GMT Sun, 27 Jun 2021 16:15:16 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame A39C
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=1179862143521709837

35 B
237 B

39ms
38ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=1179862143521709837
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:22 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:22 GMT
X-Proxy-Origin: 82.102.19.124; 82.102.19.124; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 431122aa-7038-4a3f-9209-f7d48cfdcd8c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=1179862143521709837
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame A39C 43 B
145 B 35ms
26ms Image
image/gif 35.158.9.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_ca48e0ca-6e88-496c-8041-1fbbecfcdc43&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.9.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame A39C
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28slHW2hiDdBdhFOz7-RIFIrRhNIOyRbtKtx2fWJnMAGEMuPqqIkLH5o6khbM_4j--%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...

35 B
237 B

104ms
104ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=obn&i=ENC%28slHW2hiDdBdhFOz7-RIFIrRhNIOyRbtKtx2fWJnMAGEMuPqqIkLH5o6khbM_4j--%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28slHW2hiDdBdhFOz7-RIFIrRhNIOyRbtKtx2fWJnMAGEMuPqqIkLH5o6khbM_4j--%29
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:21 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=obn&i=ENC%28slHW2hiDdBdhFOz7-RIFIrRhNIOyRbtKtx2fWJnMAGEMuPqqIkLH5o6khbM_4j--%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28slHW2hiDdBdhFOz7-RIFIrRhNIOyRbtKtx2fWJnMAGEMuPqqIkLH5o6khbM_4j--%29
Date: Sun, 27 Jun 2021 16:15:21 GMT
Connection: close
X-TraceId: b65efdeccd78701f92fe4b8f70331e6f
Content-Length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame A39C
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=bb5cb1f9-1dcc-0b40-0bb9-e621024946f5

35 B
237 B

44ms
42ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=bb5cb1f9-1dcc-0b40-0bb9-e621024946f5
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Sun, 27 Jun 2021 16:15:15 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=bb5cb1f9-1dcc-0b40-0bb9-e621024946f5
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1 200
OK sync
sync.srv.stackadapt.com/ Frame A39C 43 B
168 B 627ms
109ms Image
image/gif 3.228.133.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.133.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 16:15:16 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame A39C
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-nMzzlcRE2pesMyTJLWdenjhLHkqQDG_jLxt0~A

35 B
237 B

44ms
41ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-nMzzlcRE2pesMyTJLWdenjhLHkqQDG_jLxt0~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Sun, 27 Jun 2021 16:15:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-nMzzlcRE2pesMyTJLWdenjhLHkqQDG_jLxt0~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame A39C 0
0

GET services
sync.technoratimedia.com/ Frame A39C 0
0

GET 142
match.deepintent.com/usersync/ Frame A39C 0
0

GET /
b1sync.zemanta.com/usersync/gumgum/ Frame A39C 0
0

GET
H2

200

usersync
rtb.gumgum.com/ Frame A39C
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=f502a74b-80ed-470a-b97e-75d9008256c2

35 B
237 B

164ms
54ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=f502a74b-80ed-470a-b97e-75d9008256c2
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=f502a74b-80ed-470a-b97e-75d9008256c2
date: Sun, 27 Jun 2021 16:15:19 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

usersync
rtb.gumgum.com/ Frame A39C
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4424149116
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4424149116
https://sync.1rx.io/usersync/tradedesk/7e797ce8-a37f-4616-825a-e52146533677
https://sync.targeting.unrulymedia.com/csync/RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003
https://rtb.gumgum.com/usersync?b=rhy&i=RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003

35 B
237 B

446ms
51ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=rhy&i=RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003
date: Sun, 27 Jun 2021 16:15:19 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX825b04cc9c0f4253a1118a5268b6bb68003
content-type: text/html

GET
H2

200

usersync
rtb.gumgum.com/ Frame A39C
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=AqLbzUPvQBRz&ev=1&pid=558355

35 B
237 B

2311ms
90ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=AqLbzUPvQBRz&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=AqLbzUPvQBRz&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-8474b759f8-tfvt2
expires: -1

GET
H2

200

usersync
rtb.gumgum.com/ Frame A39C
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15
https://rtb.gumgum.com/usersync?b=sad&i=6201520359979757402&gdpr=1&gdpr_consent=

35 B
237 B

3159ms
92ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sad&i=6201520359979757402&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=sad&i=6201520359979757402&gdpr=1&gdpr_consent=
date: Sun, 27 Jun 2021 16:15:16 GMT
content-length: 0

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame A39C 43 B
2 KB 1572ms
26ms Image
image/gif 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=36&3pid=e_ca48e0ca-6e88-496c-8041-1fbbecfcdc43
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:21 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 90CA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=

35 B
237 B

43ms
42ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_6822a837-36e8-465d-8c57-efd22c30f6c5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:16 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Sun, 27 Jun 2021 16:15:07 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3799 851f7e8 master zrh-pixel-x15
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://rtb.gumgum.com/usersync?b=mmh&i=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
Expires: Sun, 27 Jun 2021 16:15:06 GMT

GET
H2 200 URnmbSKM Show response
sync-tm.everesttech.net/upi/pid/ Frame 0830 85 B
145 B 172ms
172ms Document
image/png 151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

:method: GET
:authority: sync-tm.everesttech.net
:scheme: https
:path: /upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: everest_g_v2=g_surferid~YNikEwACJFe9DAAC
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: image/png
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
set-cookie: everest_g_v2=g_surferid~YNikEwACJFe9DAAC;Max-Age=31536000;Domain=everesttech.net;Path=/;SameSite=None;Secure
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Sun, 27 Jun 2021 16:15:15 GMT
via: 1.1 varnish
x-served-by: cache-fra19151-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1624810516.907336,VS0,VE92
cache-control: no-cache
pragma: no-cache
content-length: 85

GET
H3-29 200 pixel Show response
cm.g.doubleclick.net/ Frame AAC7 170 B
188 B 40ms
39ms Document
image/png 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jYTQ4ZTBjYS02ZTg4LTQ5NmMtODA0MS0xZmJiZWNmY2RjNDM=&gdpr=1&gdpr_consent=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV9jYTQ4ZTBjYS02ZTg4LTQ5NmMtODA0MS0xZmJiZWNmY2RjNDM=&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnBCRSjnTIlK2YO95qU-Jquv0lY5amGsWr97LkNcZ5vvOXhLvi_AJtuNAQRSlU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: image/png
date: Sun, 27 Jun 2021 16:15:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9758 14 KB
5 KB 28ms
27ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=33662
expires: Mon, 28 Jun 2021 01:36:17 GMT
date: Sun, 27 Jun 2021 16:15:15 GMT
vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame BB2E 0
0 173ms
170ms Document
text/plain 67.202.110.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.22 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-110.static.steadfastdns.net
Software: 33XP004 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

x-33x-status: 2000208
server: 33XP004
date: Sun, 27 Jun 2021 16:15:15 GMT

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame AB16 70 B
264 B 40ms
39ms Document
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=401e94ba-67bb-4dbf-ba51-150789679d4d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame 9CF9 0
0 1646ms
44ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: text/html
date: Sun, 27 Jun 2021 16:15:16 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 36F6
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YNikGMCo5soAAKkMC9wAAAAA

35 B
237 B

37ms
36ms

Document
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YNikGMCo5soAAKkMC9wAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YNikGMCo5soAAKkMC9wAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:20 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Sun, 27 Jun 2021 16:15:20 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YNikGMCo5soAAKkMC9wAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 2
X-SO-HostName: a-ad40332.dc2p.scaleout.jp
X-SO-LB-Hostname: a-tgng40006.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":16,"gdpr":true,"ipv4":"0.0.0.0","key":"YNikGMCo5soAAKkMC9wAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40332"}
X-SO-Key: YNikGMCo5soAAKkMC9wAAAAA
X-SO-IP: 82.102.19.124
X-SO-Cluster-ID: 16
X-SO-Upstream-ID: a-ad40332

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame E866
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=1871316021157751788

35 B
237 B

2360ms
54ms

Document
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=1871316021157751788
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=1871316021157751788
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_6822a837-36e8-465d-8c57-efd22c30f6c5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Sun, 27 Jun 2021 16:15:17 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAFslxmtoZmRiYWhgamhuZGAOAI7aviMQAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 22 Jul 2022 16:15:17 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwNzQ2NDMwMjQ0NTc3NTS3sBDiM9SNiPTyy9P1cHVzTQuU4jU0MzKxMDQAyhoZmAMAeAOZzDQAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 22 Jul 2022 16:15:17 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzQ2NDMwMjQ0NTc3NTS3sBDiM9SNiPTyy9P1cHVzTQsEALFTHIAlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=1871316021157751788
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 07A2
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1

35 B
237 B

40ms
40ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_6822a837-36e8-465d-8c57-efd22c30f6c5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:16 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Sun, 27 Jun 2021 16:15:16 GMT Sun, 27 Jun 2021 16:15:16 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 13F6 0
239 B 1644ms
103ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
Content-Type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 13F6
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=

43 B
2 KB

1450ms
21ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:18 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 13F6 0
0 6845ms
21ms Image
text/html 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 13F6
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=185&cm=595422e682081e8201db0d30&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=84&3pid=c:28753d24e082ffceb614ddb265acfb14

43 B
956 B

2613ms
246ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=84&3pid=c:28753d24e082ffceb614ddb265acfb14
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:18 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 27 Jun 2021 16:15:16 GMT
server: Aorta/2.4.14-20210304.4cf0ca0
access-control-allow-origin
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
Location: https://ce.lijit.com/merge?pid=84&3pid=c:28753d24e082ffceb614ddb265acfb14
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
X-Aorta-Region: us-east-1
Connection: keep-alive
X-Aorta-Host: ip-10-42-21-221.ec2.internal
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 13F6
Redirect Chain

https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=

43 B
933 B

2401ms
23ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:18 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:16 GMT
server: nginx/1.12.1
location: https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET tum
ums.acuityplatform.com/ Frame 13F6 0
0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 13F6
Redirect Chain

https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

43 B
2 KB

1465ms
21ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:18 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 13F6
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=49&3pid=qtjlo6BnWLpq&ev=1&pid=558511&gdpr_consent=&gdpr=1

43 B
1 KB

1876ms
20ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=49&3pid=qtjlo6BnWLpq&ev=1&pid=558511&gdpr_consent=&gdpr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:19 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://ce.lijit.com/merge?pid=49&3pid=qtjlo6BnWLpq&ev=1&pid=558511&gdpr_consent=&gdpr=1
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-8474b759f8-hd52b
expires: -1

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 13F6
Redirect Chain

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=
https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1
https://ce.lijit.com/merge?pid=86&3pid=4uDYLn6kWCXxxm7v2zxe&pi=sovrn&gdpr_consent=&gdpr=1&tc=1

43 B
942 B

1826ms
22ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=86&3pid=4uDYLn6kWCXxxm7v2zxe&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=86&3pid=4uDYLn6kWCXxxm7v2zxe&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
pragma: no-cache
date: Sun, 27 Jun 2021 16:15:16 GMT, Sun, 27 Jun 2021 16:15:16 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 13F6
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=595422e682081e8201db0d30&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=3&3pid=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=

43 B
957 B

2615ms
23ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=3&3pid=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:18 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:08 GMT
Server: MT3 3799 851f7e8 master zrh-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ce.lijit.com/merge?pid=3&3pid=849160d8-a412-4b00-8819-83c2bca93e3d&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 27 Jun 2021 16:15:07 GMT

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame 13F6
Redirect Chain

https://um.simpli.fi/lj_match?r=1624810515568&gdpr=1&gdpr_consent=
https://um.simpli.fi/no_match_opted_out

0
272 B

24ms
23ms

Image
text/plain

159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 27 Jun 2021 16:15:16 GMT
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Sun, 27 Jun 2021 16:15:15 GMT
x-content-type-options: nosniff
server: nginx
location: /no_match_opted_out
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sat, 26 Jun 2021 16:15:15 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 13F6 0
239 B 3216ms
26ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

GET
H2 200 cksync.php
contextual.media.net/ Frame 13F6 45 B
371 B 3316ms
128ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=sov&ovsid=595422e682081e8201db0d30&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1023%263pid%3D%24%7BUSER%7D&gdpr=1&gdpr_consent=

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Sun, 27 Jun 2021 16:15:19 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Sun, 27 Jun 2021 16:15:19 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 13F6
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=10&3pid=1871597496198972778
https://ce.lijit.com/merge?pid=10&3pid=1871597496198972778&dnr=1

0
2 KB

1451ms
24ms

Image
text/plain

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=10&3pid=1871597496198972778&dnr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:21 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:19 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=10&3pid=1871597496198972778&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 13F6
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1

170 B
188 B

33ms
32ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 27 Jun 2021 16:15:19 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 p-CXt61zNBpKUt1.gif
pixel.quantserve.com/pixel/ Frame 13F6 35 B
210 B 14ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent=

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:15 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/ Frame 13F6
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

0
0

37ms
36ms

Image
text/html

52.95.124.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:18 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK svr
match.prod.bidr.io/cookie-sync/ Frame 13F6 43 B
430 B 3826ms
39ms Image
image/gif 34.246.39.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.39.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:22 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 13F6
Redirect Chain

https://px.owneriq.net/eucm/p/sv?gdpr=1&gdpr_consent=
https://px.owneriq.net/fr/epx.gif
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

251ms
250ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 13F6
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=595422e682081e8201db0d30/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent=
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=595422e682081e8201db0d30/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=5001&3pid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1&gdpr_consent=

43 B
2 KB

1360ms
21ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=e3e558fef8f80c45d31051cb2e61b102&gdpr=1&gdpr_consent=
cache-control: no-cache
x-server: 10.45.25.242
content-length: 0
expires: 0

GET
H/1.1

200
OK

reporting
ap.lijit.com/dsp/google/ Frame 13F6
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=NTk1NDIyZTY4MjA4MWU4MjAxZGIwZDMw&gdpr=1
https://ap.lijit.com/dsp/google/reporting?gdpr=1

43 B
567 B

32ms
20ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/dsp/google/reporting?gdpr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:20 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ap.lijit.com/dsp/google/reporting?gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
data.adsrvr.org/track/cmf/ Frame 13F6 70 B
264 B 38ms
37ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
x.bidswitch.net/ Frame 13F6 43 B
145 B 32ms
27ms Image
image/gif 35.158.9.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=fmx&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.9.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 13F6
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=87&3pid=ab8811c2-1404-42b1-8d9d-acc3b1bc00c7

43 B
2 KB

1283ms
22ms

Image
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=87&3pid=ab8811c2-1404-42b1-8d9d-acc3b1bc00c7
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:21 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: //ce.lijit.com/merge?pid=87&3pid=ab8811c2-1404-42b1-8d9d-acc3b1bc00c7
Date: Sun, 27 Jun 2021 16:15:20 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 cm Show response
us-u.openx.net/w/1.0/ Frame B833 820 B
794 B 31ms
28ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.209.0 /
Resource Hash: 7c550d9f72981285b0e952f600632a0a7e84652f59a2fe5c3ceaf436ed1948c5

Request headers

:method: GET
:authority: us-u.openx.net
:scheme: https
:path: /w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=9fcd2ad0-9c5e-0ce1-3614-3e24ae3e744e|1624810515; pd=v2|1624810515|j8gmmWkitujofcsHqGgqmuiysLiSmOgevNomgunsn0gi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=9fcd2ad0-9c5e-0ce1-3614-3e24ae3e744e|1624810515; Version=1; Expires=Mon, 27-Jun-2022 16:15:15 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624810515|fogSj8gmmWkitujofcsHqGgqvtmuiyvQsLiSmOgevNomgusfnsn0rFgi; Version=1; Expires=Mon, 12-Jul-2021 16:15:15 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.209.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 27 Jun 2021 16:15:15 GMT
content-type: text/html
content-length: 456
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 399D 14 KB
5 KB 30ms
28ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=33662
expires: Mon, 28 Jun 2021 01:36:17 GMT
date: Sun, 27 Jun 2021 16:15:15 GMT
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6EC2 14 KB
5 KB 54ms
54ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=33662
expires: Mon, 28 Jun 2021 01:36:17 GMT
date: Sun, 27 Jun 2021 16:15:15 GMT
vary: Accept-Encoding

GET
H2 200 0608867b Show response
rtb.gumgum.com/usync/ Frame 74FB 3 KB
1 KB 56ms
42ms Document
text/html 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 513342e963bb0813a28f9c6adeda4745f4fba680bc8947b60fa4ee52e15c4833

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_6822a837-36e8-465d-8c57-efd22c30f6c5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

date: Sun, 27 Jun 2021 16:15:16 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
etag: W/"06ab706bf4be03339faefbc9351708b75"
timing-allow-origin: *
content-encoding: gzip

GET
H/1.1

200
OK

Cookie set merge Show response
ce.lijit.com/ Frame 9CA2
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=

43 B
940 B

1153ms
20ms

Document
image/gif

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host: ce.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ap.lijit.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljt_reader=595422e682081e8201db0d30; ljtrtbexp=eJxdkDsSQkEIBO%2BysQHs8vVqlnfX9zShw56CmYHX0vXU2FYdrf5YETeHbNGL98QzMXWyi0BRAcMwf3lu6ufi7s458VVqKkVPdC60LAM7mDdzH42q0RB9dvx%2F6idvznnjQZ4hz%2BDvmPfij2fj9wcgvlpn
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

Server: nginx
Date: Sun, 27 Jun 2021 16:15:17 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: _ljtrtb_1=7797158699854139906;Path=/;Domain=.lijit.com;Expires=Mon, 27-Jun-2022 16:15:17 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxdkDsSQkEIBO%2BysQHs8vVqlnfX9zShw56CmYHX0vXU2FYdrf5YETeHbNGL98QzMXWyi0BRAcMwf3lu6ufi7s458VVqKkVPdC60LAM7mDdzH42q0RB9dvx%2F6idvznnjQZ4hz%2BDvmPfij2fj9wcgvlpn;Path=/;Domain=.lijit.com;Expires=Mon, 27-Jun-2022 16:15:17 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=595422e682081e8201db0d30;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap1ams1

Redirect headers

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=7797158699854139906; Domain=.turn.com; Expires=Fri, 24-Dec-2021 16:15:16 GMT; Path=/; Secure; SameSite=None
location: https://ce.lijit.com/merge?pid=1&3pid=7797158699854139906&gdpr=1&gdpr_consent=
content-length: 0
date: Sun, 27 Jun 2021 16:15:15 GMT

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 4210
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
https://sync.bfmio.com/sync?pid=106&uid=401e94ba-67bb-4dbf-ba51-150789679d4d

0
589 B

111ms
110ms

Image
text/plain

34.205.51.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=106&uid=401e94ba-67bb-4dbf-ba51-150789679d4d
Requested by: Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1624810512330
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.51.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-51-230.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sync.bfmio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 27 Jun 2021 16:15:16 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:16 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.bfmio.com/sync?pid=106&uid=401e94ba-67bb-4dbf-ba51-150789679d4d
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 183

GET
H/1.1

204

sync
sync.bfmio.com/ Frame BF3D
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
https://sync.bfmio.com/sync?pid=106&uid=401e94ba-67bb-4dbf-ba51-150789679d4d

0
589 B

111ms
109ms

Image
text/plain

34.205.51.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=106&uid=401e94ba-67bb-4dbf-ba51-150789679d4d
Requested by: Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1624810512189
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.51.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-51-230.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sync.bfmio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 27 Jun 2021 16:15:15 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:16 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.bfmio.com/sync?pid=106&uid=401e94ba-67bb-4dbf-ba51-150789679d4d
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 183

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 6399
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
https://sync.bfmio.com/sync?pid=106&uid=401e94ba-67bb-4dbf-ba51-150789679d4d

0
589 B

220ms
108ms

Image
text/plain

34.205.51.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=106&uid=401e94ba-67bb-4dbf-ba51-150789679d4d
Requested by: Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1624810512342
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.51.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-51-230.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sync.bfmio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 27 Jun 2021 16:15:15 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:16 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.bfmio.com/sync?pid=106&uid=401e94ba-67bb-4dbf-ba51-150789679d4d
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 183

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 37DC
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
https://sync.bfmio.com/sync?pid=106&uid=401e94ba-67bb-4dbf-ba51-150789679d4d

0
589 B

222ms
110ms

Image
text/plain

34.205.51.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=106&uid=401e94ba-67bb-4dbf-ba51-150789679d4d
Requested by: Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1624810512214
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.51.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-51-230.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sync.bfmio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 27 Jun 2021 16:15:15 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:16 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.bfmio.com/sync?pid=106&uid=401e94ba-67bb-4dbf-ba51-150789679d4d
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 183

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 3C29
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
https://sync.bfmio.com/sync?pid=106&uid=401e94ba-67bb-4dbf-ba51-150789679d4d

0
421 B

193ms
107ms

Image
text/plain

34.205.51.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=106&uid=401e94ba-67bb-4dbf-ba51-150789679d4d
Requested by: Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1624810512531
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.51.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-51-230.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sync.bfmio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 27 Jun 2021 16:15:15 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:16 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.bfmio.com/sync?pid=106&uid=401e94ba-67bb-4dbf-ba51-150789679d4d
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 183

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame B833 43 B
958 B 2404ms
22ms Image
image/gif 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=76&3pid=208fcb49-df6d-091b-2b7e-406ab2a878e1&gdpr=1&gdpr_consent=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:18 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET

m
ad.yieldlab.net/ Frame B833
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id=
https://ad.yieldlab.net/m?dt_id=2448064&ext_id=869ee2c3-6544-0a13-1c55-d7ca35774687

0
0

GET sync
pixel.advertising.com/ups/55981/ Frame B833 0
0

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame B833 43 B
958 B 2426ms
22ms Image
image/gif 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=76&3pid=208fcb49-df6d-091b-2b7e-406ab2a878e1
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:18 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame B833
Redirect Chain

https://eu-u.openx.net/w/1.0/cm?id=05b4ec5e-f604-4a08-bcaf-b4806bac0361&r=https://sync.teads.tv/um?eid=64&uid=
https://sync.teads.tv/um?eid=64&uid=f91b4fb4-d354-084c-1db0-c9b0c35c8785

23 B
172 B

1120ms
54ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=64&uid=f91b4fb4-d354-084c-1db0-c9b0c35c8785
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:17 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 27 Jun 2021 16:15:17 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

date: Sun, 27 Jun 2021 16:15:16 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://sync.teads.tv/um?eid=64&uid=f91b4fb4-d354-084c-1db0-c9b0c35c8785
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2 204 openx
tr.blismedia.com/v1/api/sync/ Frame B833 0
135 B 1321ms
43ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/openx
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:17 GMT
via: 1.1 google
alt-svc: clear

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame B833
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=14b769f4-2973-88ec-accc-745ba22a8c53
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=14b769f4-2973-88ec-accc-745ba22a8c53&dcc=t

43 B
433 B

284ms
36ms

Image
image/gif

52.95.124.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=14b769f4-2973-88ec-accc-745ba22a8c53&dcc=t
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:17 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:17 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=14b769f4-2973-88ec-accc-745ba22a8c53&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET getuid
secure.adnxs.com/ Frame 74FB 0
0

GET
H2 200 sync
x.bidswitch.net/ Frame 74FB 43 B
145 B 4139ms
38ms Image
image/gif 35.158.9.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_6822a837-36e8-465d-8c57-efd22c30f6c5&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.9.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 16:15:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET redirectObuid
sync.outbrain.com/ Frame 74FB 0
0

GET
H/1.1 200
OK sync
sync.srv.stackadapt.com/ Frame 74FB 43 B
168 B 346ms
108ms Image
image/gif 3.228.133.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.133.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 16:15:16 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame 74FB 0
0

GET services
sync.technoratimedia.com/ Frame 74FB 0
0

GET 142
match.deepintent.com/usersync/ Frame 74FB 0
0

GET /
b1sync.zemanta.com/usersync/gumgum/ Frame 74FB 0
0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 74FB
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=f502a74b-80ed-470a-b97e-75d9008256c2

35 B
237 B

171ms
52ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=f502a74b-80ed-470a-b97e-75d9008256c2
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=f502a74b-80ed-470a-b97e-75d9008256c2
date: Sun, 27 Jun 2021 16:15:19 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

usersync
rtb.gumgum.com/ Frame 74FB
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4516161979
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4516161979
https://sync.1rx.io/usersync/tradedesk/151fa5dd-6740-4acd-938a-1d3baf788e8c
https://sync.targeting.unrulymedia.com/csync/RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003
https://rtb.gumgum.com/usersync?b=rhy&i=RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003

35 B
237 B

448ms
53ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=rhy&i=RX-825b04cc-9c0f-4253-a111-8a5268b6bb68-003
date: Sun, 27 Jun 2021 16:15:19 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX825b04cc9c0f4253a1118a5268b6bb68003
content-type: text/html

GET
H2

200

usersync
rtb.gumgum.com/ Frame 74FB
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=H4fsR0PnWvmU&ev=1&pid=558355

35 B
237 B

2313ms
91ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=H4fsR0PnWvmU&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=H4fsR0PnWvmU&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-8474b759f8-n2wtq
expires: -1

GET
H2

200

usersync
rtb.gumgum.com/ Frame 74FB
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15
https://rtb.gumgum.com/usersync?b=sad&i=6201520359979757402&gdpr=1&gdpr_consent=

35 B
237 B

3046ms
92ms

Image
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sad&i=6201520359979757402&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=sad&i=6201520359979757402&gdpr=1&gdpr_consent=
date: Sun, 27 Jun 2021 16:15:15 GMT
content-length: 0

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame 74FB 43 B
2 KB 1621ms
24ms Image
image/gif 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=36&3pid=e_6822a837-36e8-465d-8c57-efd22c30f6c5
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Jun 2021 16:15:21 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H3-29 200 pixel Show response
cm.g.doubleclick.net/ Frame 075D 170 B
188 B 42ms
32ms Document
image/png 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82ODIyYTgzNy0zNmU4LTQ2NWQtOGM1Ny1lZmQyMmMzMGY2YzU=&gdpr=1&gdpr_consent=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV82ODIyYTgzNy0zNmU4LTQ2NWQtOGM1Ny1lZmQyMmMzMGY2YzU=&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnBCRSjnTIlK2YO95qU-Jquv0lY5amGsWr97LkNcZ5vvOXhLvi_AJtuNAQRSlU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: image/png
date: Sun, 27 Jun 2021 16:15:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 61C0 0
0

GET /
ssc-cms.33across.com/ps/ Frame 948C 0
0

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 1A39 70 B
264 B 57ms
54ms Document
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=401e94ba-67bb-4dbf-ba51-150789679d4d; TDCPM=CAEYASABKAIyCwjwn5uzr-TcORAFOAFaB3J3dXE5bnlgAg..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:16 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame E194 0
0 1269ms
43ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: text/html
date: Sun, 27 Jun 2021 16:15:16 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame DBB3
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YNikGMCo5soAAKkMDCoAAAAA

35 B
237 B

36ms
36ms

Document
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YNikGMCo5soAAKkMDCoAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YNikGMCo5soAAKkMDCoAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:20 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Sun, 27 Jun 2021 16:15:20 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YNikGMCo5soAAKkMDCoAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 2
X-SO-HostName: m-ad178.dc4p.scaleout.jp
X-SO-LB-Hostname: a-tgng40006.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":18,"gdpr":true,"ipv4":"0.0.0.0","key":"YNikGMCo5soAAKkMDCoAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad178"}
X-SO-Key: YNikGMCo5soAAKkMDCoAAAAA
X-SO-IP: 82.102.19.124
X-SO-Cluster-ID: 18
X-SO-Upstream-ID: m-ad178

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 6312
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=1871597496198972629

35 B
237 B

2374ms
88ms

Document
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=1871597496198972629
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=1871597496198972629
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_6822a837-36e8-465d-8c57-efd22c30f6c5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Sun, 27 Jun 2021 16:15:17 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAFslxmtoZmRiYWhgamhuZGQBAJ2lN4EQAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 22 Jul 2022 16:15:17 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwNzS1NDexNDO0tLA0NzIzshTiM9QNjPfINUgz8csuq_SX4jU0MzKxMDQwNTQ3MrIAAK0pd6s0AAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 22 Jul 2022 16:15:17 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzS1NDexNDO0tLA0NzIzshTiM9QNjPfINUgz8csuq_QHACHoD9klAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=1871597496198972629
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 1475
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum

35 B
238 B

1704ms
48ms

Document
image/gif

52.50.187.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sun, 27 Jun 2021 16:15:19 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Sun, 27 Jun 2021 16:15:17 GMT Sun, 27 Jun 2021 16:15:17 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=4uDYLn6kWCXxxm7v2zxe&pi=gumgum
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H/1.1 200
OK pulse.php
tags.researchnow.com/trackers/ Frame 9FDB 42 B
325 B 63ms
62ms Image
image/gif 34.246.229.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.researchnow.com/trackers/pulse.php?bses_0=162481051352328554&pr_0=1432044599&top_0=5000&torc0_0=5000&torc2_0=5000&nm_0=0&af_0=1&pc_0=2&bindex=0&tm=7&tv=6_2_0&ref=http%3A%2F%2Fbabesinhairland.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.229.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-229-148.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.46 () / PHP/7.2.34
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 16:15:19 GMT
Server: Apache/2.4.46 ()
P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
X-Powered-By: PHP/7.2.34
Upgrade: h2,h2c
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42

GET
H/1.1 200
OK pulse.php
tags.researchnow.com/trackers/ Frame 9FDB 42 B
325 B 468ms
468ms Image
image/gif 34.246.229.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.researchnow.com/trackers/pulse.php?bses_0=162481051352328554&pr_0=1432044599&top_0=6100&torc0_0=6100&torc2_0=6100&nm_0=0&af_0=1&pc_0=3&bindex=0&tm=7&tv=6_2_0&ref=http%3A%2F%2Fbabesinhairland.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.229.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-229-148.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.46 () / PHP/7.2.34
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 16:15:21 GMT
Server: Apache/2.4.46 ()
P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
X-Powered-By: PHP/7.2.34
Upgrade: h2,h2c
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: babesinhairland.com
URL: https://babesinhairland.com/wp-content/plugins/simple-social-icons/symbol-defs.svg

Domain: ir-na.amazon-adsystem.com
URL: http://ir-na.amazon-adsystem.com/e/ir?t=babeinhair-20&l=am2&o=1&a=076115678X

Domain: ir-na.amazon-adsystem.com
URL: http://ir-na.amazon-adsystem.com/e/ir?t=babeinhair-20&l=am2&o=1&a=B008D5I61Y

Domain: ir-na.amazon-adsystem.com
URL: http://ir-na.amazon-adsystem.com/e/ir?t=babeinhair-20&l=am2&o=1&a=B00OFUU3KI

Domain: ir-na.amazon-adsystem.com
URL: http://ir-na.amazon-adsystem.com/e/ir?t=babeinhair-20&l=am2&o=1&a=B003E0VMWI

Domain: babesinhairland.com
URL: https://babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/fonts/ssbp.woff?xj3ol1

Domain: babesinhairland.com
URL: https://babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/fonts/ssbp.ttf?xj3ol1

Domain: s.w.org
URL: https://s.w.org/images/core/emoji/13.0.1/svg/1f384.svg

Domain: s.w.org
URL: https://s.w.org/images/core/emoji/13.0.1/svg/1f332.svg

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/cdn/prod/config?src=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&u=http%3A%2F%2Fbabesinhairland.com%2Fcurls%2Fhow-to-care-for-your-daughters-curly-hair%2F

Domain: match.adsrvr.org
URL: http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=182762

Domain: api.rlcdn.com
URL: http://api.rlcdn.com/api/identity?pid=2&rt=envelope

Domain: babesinhairland.com
URL: https://babesinhairland.com/wp-content/plugins/simple-social-icons/symbol-defs.svg

Domain: prod.perf-serving.com
URL: https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx

Domain: event.clientgear.com
URL: https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=03e18118-4ea6-45cf-9e46-3bde6c43c14d

Domain: event.clientgear.com
URL: https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=03e18118-4ea6-45cf-9e46-3bde6c43c14d

Domain: cm.smadex.com
URL: https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=openx&bds_param=03e18118-4ea6-45cf-9e46-3bde6c43c14d

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=1&gdpr_consent=

Domain: ums.acuityplatform.com
URL: https://ums.acuityplatform.com/tum?umid=27&uid=97237eb20655b0045777729f&gdpr=1&gdpr_consent=

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=1&gdpr_consent=

Domain: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=54430581&p=156972&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=

Domain: match.justpremium.com
URL: https://match.justpremium.com/match/ox?ex_uid=06e0db79-6268-097c-3edc-70facb6c0489

Domain: green.erne.co
URL: https://green.erne.co/openx/cm

Domain: sync.outbrain.com
URL: https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_6822a837-36e8-465d-8c57-efd22c30f6c5&obuid=ENC(xWCEBWiw2aezlWVeMQJro_wPnMjuUukqrT98vIdnTlNu501_CueF6PWjELnKmjxy)

Domain: sync.ipredictive.com
URL: https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

Domain: sync.technoratimedia.com
URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D

Domain: match.deepintent.com
URL: https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/gumgum/?puid=e_ca48e0ca-6e88-496c-8041-1fbbecfcdc43&gdpr=1&gdpr_consent=&us_privacy=

Domain: sync.ipredictive.com
URL: https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}

Domain: sync.outbrain.com
URL: https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_6822a837-36e8-465d-8c57-efd22c30f6c5&obuid=ENC(H3YyJvXq8OYoD83UBlx2roWAbb_9aD_xD4Lx-S2RfvwfkxB2D8iIhPFxoLKpS00X)

Domain: sync.ipredictive.com
URL: https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

Domain: sync.technoratimedia.com
URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D

Domain: match.deepintent.com
URL: https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/gumgum/?puid=e_6822a837-36e8-465d-8c57-efd22c30f6c5&gdpr=1&gdpr_consent=&us_privacy=

Domain: sync.ipredictive.com
URL: https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}

Domain: sync.ipredictive.com
URL: https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}

Domain: sync.ipredictive.com
URL: https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

Domain: sync.technoratimedia.com
URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D

Domain: match.deepintent.com
URL: https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/gumgum/?puid=e_ca48e0ca-6e88-496c-8041-1fbbecfcdc43&gdpr=1&gdpr_consent=&us_privacy=

Domain: sync.ipredictive.com
URL: https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

Domain: sync.technoratimedia.com
URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D

Domain: match.deepintent.com
URL: https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/gumgum/?puid=e_ca48e0ca-6e88-496c-8041-1fbbecfcdc43&gdpr=1&gdpr_consent=&us_privacy=

Domain: ums.acuityplatform.com
URL: https://ums.acuityplatform.com/tum?umid=27&uid=595422e682081e8201db0d30&gdpr=1&gdpr_consent=

Domain: ad.yieldlab.net
URL: https://ad.yieldlab.net/m?dt_id=2448064&ext_id=869ee2c3-6544-0a13-1c55-d7ca35774687

Domain: pixel.advertising.com
URL: https://pixel.advertising.com/ups/55981/sync?_origin=1&gdpr=1&uid=62a59600-edb3-095f-3fe5-37c65dbab3da

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID

Domain: sync.outbrain.com
URL: https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D

Domain: sync.ipredictive.com
URL: https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

Domain: sync.technoratimedia.com
URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D

Domain: match.deepintent.com
URL: https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/gumgum/?puid=e_6822a837-36e8-465d-8c57-efd22c30f6c5&gdpr=1&gdpr_consent=&us_privacy=

Domain: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=

Domain: ssc-cms.33across.com
URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://babesinhairland.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: http://babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.2(Line 2) Message: YT API init check
console-api	log	URL: http://babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.2(Line 2) Message: YT API init check
console-api	log	URL: http://babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.2(Line 2) Message: YT API init check
console-api	log	URL: https://s0.2mdn.net/sadbundle/1907043113059267957/bn_1.0.0.min.js(Line 1) Message: Assets loading completed
console-api	log	URL: http://babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.2(Line 2) Message: YT API init check

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0772257f4364b1286f1d46250d9228a1.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ad.yieldlab.net
ads.pubmatic.com
ads.yieldmo.com
adservice.google.be
adservice.google.com
aorta.clickagy.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
as-sec.casalemedia.com
assets.pinterest.com
ats.rlcdn.com
b1sync.zemanta.com
babesinhairland.com
bcp.crwdcntrl.net
bh.contextweb.com
bloggernetwork-d.openx.net
btlr.sharethrough.com
c.amazon-adsystem.com
c.sharethis.mgr.consensu.org
c1.adform.net
c2shb.ssp.yahoo.com
cdn.cookielaw.org
cdn.districtm.io
ce.lijit.com
cm.g.doubleclick.net
cm.smadex.com
cmp-cdn.cookielaw.org
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
contextual.media.net
cookie-matching.mediarithmics.com
creativecdn.com
cs.emxdgt.com
d.turn.com
data.adsrvr.org
display.bfmio.com
dmx.districtm.io
dpm.demdex.net
dsum-sec.casalemedia.com
eu-u.openx.net
event.clientgear.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.privacymanager.io
geolocation.onetrust.com
global.ib-ibi.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gu.dyntrk.com
hbopenbid.pubmatic.com
i.pinimg.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
image6.pubmatic.com
imps.monu.delivery
ipwatch.monu.delivery
ir-na.amazon-adsystem.com
j.mrpdata.net
jadserve.postrelease.com
js-sec.indexww.com
js.gumgum.com
l.sharethis.com
log.pinterest.com
match.adsrvr.org
match.deepintent.com
match.justpremium.com
match.prod.bidr.io
maxcdn.bootstrapcdn.com
monu.delivery
openx2-match.dotomi.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.quantserve.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod.perf-serving.com
protected-by.clarium.io
px.owneriq.net
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
s.w.org
s0.2mdn.net
scontent-dfw5-1.cdninstagram.com
scontent-dfw5-2.cdninstagram.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
tags.bluekai.com
tags.crwdcntrl.net
tags.researchnow.com
tg.socdm.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
ums.acuityplatform.com
us-u.openx.net
w.sharethis.com
widgets.pinterest.com
www.google-analytics.com
www.google.com
www.googletagservices.com
x.bidswitch.net
ad.yieldlab.net
ads.pubmatic.com
api.rlcdn.com
b1sync.zemanta.com
babesinhairland.com
c.amazon-adsystem.com
cm.smadex.com
event.clientgear.com
green.erne.co
image6.pubmatic.com
ir-na.amazon-adsystem.com
match.adsrvr.org
match.deepintent.com
match.justpremium.com
pixel.advertising.com
prod.perf-serving.com
s.w.org
secure.adnxs.com
ssc-cms.33across.com
sync.ipredictive.com
sync.outbrain.com
sync.technoratimedia.com
ums.acuityplatform.com
104.111.242.245
104.111.242.53
104.16.68.69
142.250.185.98
142.250.74.194
151.101.13.194
151.101.132.84
151.101.14.49
154.59.122.79
159.253.128.188
178.162.133.150
18.156.195.47
18.158.188.139
18.159.8.206
18.195.155.181
18.211.29.63
185.184.8.65
185.29.133.208
185.33.221.14
185.64.189.112
185.86.137.107
192.124.249.6
193.0.160.128
198.148.27.139
199.232.80.84
2.18.233.180
2.18.234.21
2.18.235.93
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
202.241.208.56
213.19.147.44
213.19.147.45
216.58.212.162
23.45.99.241
2600:1901:0:333a::
2600:9000:2104:5200:c:a9b7:ddc0:93a1
2600:9000:2104:8c00:3:c04e:c780:93a1
2606:4700:10::6814:b944
2606:4700::6810:9540
2606:4700::6812:acf
2606:4700::6812:fb0
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:800::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2006
2a00:1450:4001:811::2004
2a00:1450:4001:811::200e
2a00:1450:4001:828::2001
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a01:7e00:1::b24f:afb0
2a02:26f0:6c00:2a7::1931
2a02:fa8:8806:16::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f234:1c5:face:b00c:0:43fe
2a03:2880:f234:c5:face:b00c:0:43fe
3.122.38.187
3.123.167.229
3.124.126.155
3.125.99.7
3.228.133.61
34.205.51.230
34.246.229.148
34.246.39.97
34.96.105.8
34.98.64.218
35.158.9.168
35.186.236.140
35.227.252.103
35.244.159.8
37.157.2.235
37.252.172.249
51.178.20.140
51.75.15.106
51.89.21.10
52.17.188.230
52.203.172.63
52.208.103.128
52.208.210.171
52.29.0.64
52.50.187.150
52.58.236.252
52.6.250.79
52.72.175.147
52.95.124.165
54.170.210.188
65.9.77.116
65.9.77.126
65.9.77.9
65.9.77.92
65.9.86.127
66.155.71.150
67.202.110.22
69.169.86.38
69.173.144.139
70.42.32.63
72.251.249.14
76.223.111.131
8.43.72.98
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
019566f1f657fc60662596023865d8e7f4bd7cc7360dc561783ff7b548267397
01bc53d4891be400d81d52d44a82d21ae53beb7ed6c50c2df137d8a06aeb9bb8
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04489412102f8613202098138a69d121b9b829c6be252ff1fdf54f95abb5e541
0469df31d92093bd8e779bb3f5925ff458c6e1ba022b5fdcc10b37eb70be67bd
046c9c9dd226e31d63fcd322f7caf9f9de63b898c4f29c6df36dd24c9f9fe35c
054f5df8abdc34b2db30d11e8ea01eb6fd8ab0e350082494581a21a820053ff8
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06ba6278283e162e46704f5af3a999e583b5d0c6d937a43b1d64f494ec35fd81
06d5a416d6b7be6b75d935d8a06f05d628032d4ab45547c65cdc5f82e847d302
08b7f96c8bbdcd6facbb690508b32a36c7bf710f291156db210063b0de2181a7
0b849949974aefb43cc40ad89ed7b38de6b50a434a7864cdc812d8481addc4c3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bebdbec3b2a68a5d7f63ab9e69f3870b12f662d0c01e1835038e77c6e98f56b
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
0d536bd5100377a6ab0510059b4238da9bfae51bbb8a58c14bc34611bde3a47d
0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
0f4b08d07ecca9f8fcaf108ea78bb163fc98cfc19a844bd0f87412ab34a41873
0f7fabf9f87c312ec0836ed9bf44e7d97de0594fee5cfc3c46567871670b99ba
1027fa0863da4fa34d3281ceb5bef5f6e6827a0ed4923b75a6fb648b5ef4daa0
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
11e6d135d2832f483dafa7529525846faefb511d2dd73100e1ac3fd103db3f78
126b7022b7fb59498c46fdd588a819927b0208e6618436e367a9030f0b90da0c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
129226b7f1f0a431034a959856825b66fb2cd310f83557de4b7fb17e53873423
12ad2021b07668fb3e60575a72c7bc306fc76b186bfed84d2716e500fac02bab
136a2ab137338e37851efa49d09d883f939a483cd6f609b76b4c416abcf54c29
149cdeb40c5b271cc07c7998d19c5e6782d3c22b5cdac59ef9351cd16f7998ec
1581a98c7cf9bf2b0299819f56357fbfa08a13626f000f204aea0e14cbca5b41
15b2d7962966deebbe498dc388596b7134f252d0ea4ead6418d626b92d9b14e9
179e097e74eb709f774a541e8d199490ef290f650264b14ecddf6b1a090da2be
179fb97be36d3a54cd593ef0aa3743b653c12a71bd881d6e0a245c9d6fe507b6
182c7599a26dd45c351eace9c9eafba449e9e52ad7e6c5ee790d18453621c962
1922280958d3110eeb115e6c304136e43201f1dd1742e6551d64ce8baa876eb6
19bcc24c9bbfc76a64d4578491ebf057cba9fff8d6fa566e027832a5ee91b913
1a92bb208274251f43fc39719410f29d4639a29d416b9d27c8083306f05f8e7a
1ab745d6abd71e9cd8a1dd236d58f95025a0b89055281d10ce238fc0df2028fc
1b810b507cefa9ebf6eec323ec72e7d4e27800b6d46bab0c4df0d42a1b6cf938
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1c5e12ed8627ce3f4433ac7400d337e3504863363544e47fc6915a90c342bf99
1cd2d4a8fdd3cd7854869ed88200088dbade95d2b3aaeeb5d5d1391232dfd86e
1ce633f8f5f2d79bdbffe23d710faeacf04ff4e705301d2f0b54eda82ff36977
1e41d1eee8001790dfb75cabf50b494fb012a6e52718a75f3ce2eb9e9d728bda
1e6deff6571292275cec05a7ac91e6319d920bf2748cb43d609972972b065c9c
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
2045a500bce2344d5fe28c20cf6ec7221f83cdc1c547c5c00a27e822cbe0564b
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
21953c34315412b082146f20bae424143a76cbdb220337b4517cb71287fbc863
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
232b938c178e8f4d5848c2af4b06cce03e8f3a73988b07c323bfaa66dfbd8744
243340307167f5bd8847e2fea6324a9fcf6f201c2f3867bfd18fc9919b5ab216
24987fd71ec2937658136c43fd91d083e36c1896d5d2e72418ef303554ad649e
2598fd0548d38d4414901e577ef33247f82a30acdb68a74236496143f7077192
260212e0acb13706f031e2f619aca9771b9904765989b8e48f3455aeefb9691f
260693715098c36fd5cf96688990d7fe5aab28a6160d4ba39100f4636b5bad0f
2717481d28d98b22e3277c45a2a0529b5044aef42d8f262ca7e11e73240c563d
27596146639e0bf6bdeaaad22d97cf566b1d77a331ef862f6ded3e3ca27fd299
27a9d34abb053178da74db9c72fabb1b3ec08fea99e924676e0b5483e5dd2c21
27ace02c9feb618341f3af57cde6c101efc0c7274adaaec3f87d17f6d062252e
2962a2f39903ffe4057dca6ccbcfbeed45b9955c37a184255ee2be1eb53f75af
2b94bd7db3d6e8b7991347e7c86bf2bb6c09f0fc6acb38d6a27450e0bed2299f
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d6bd710b8a8747bbb6a1a20d4a7a15762b4bb639c75901c719d17e827f6f02b
2e91afe0acc19cf30de860e2b21400bac60d148e2c298a4acc67c95f27d29a96
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33645f814144ba5aecb4a3750ae619fbcddecaf7fbfb4c4cf842ff10d20cb0d7
35576be509080878428d8e25359c712735a23db97d00e98848c79335f60d0278
358a6fb3a6bbdcfd11f73307f4b23453770b4e1a0d49205d240fe4ca4593733f
35c73f9c2955390a1ff1e4caf89302da9fd3759caac58aeab47491f238c2e8d6
3610fbeb2f26d2bd4c960cc760fc557cd9252ca8414590d19d00a3b2ecb61ceb
3680ac311a8a337cbeceb7c1e4bd14e69940b8196571d296896be9a3b9a2cbd7
3766d93ee6f48931ccd1ebd736c77e4c1179925d456c9df26f13639e660ec4d2
37eee3142be6be85225cd65f4f91bc594881b692aba3f39dfdbb8f8de8624515
393e660d33c8d0ae580f2d9029cf6f412c556de3a876e6544cdd3c916898dded
3da855756d952f2de9bc25a89e94be01895d9bfa2618c715470bfe3c7bde650c
3dfe97f4a77c2c40074e1ba976547598ef1bc1f336d67b35217f68cc729b378a
3e3714acb99245a19cc356672f4ed934a595d4de49339a9e1cd10083026bd59a
3efe24ee7ab5d24740d7d930448575fe7c48e2596016736947cf303e97510bca
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
3fb10f8a991455ca0b954e257f094e8193b90ff67e2bc89c19a43751e8ba72e6
4035a1d0192c92fbc955e7a5d055531c7b95d45351554dcfd21fafc96dff0db3
41da60c464524b8fc1e51031fbd4ab37a315d68da0bfc60e753eb12805d9e814
41ecb8fd0d1474f9c108f5c08824dbbe7d7c81494268d0849abb76e5c6217400
429b80a45d2956c684096828b42a23397a043560a715efd33235abb25d21ea57
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44c7595c7616f1d5a528c80e4732e1adc4206f31c1126a6b85546357b6f78881
4544acb7ac7d4390b2be6914690dbc8a6942bc49381cc34531f34438962dc813
4683d3f0458a208f4fef8bbccc7aa69b3a9108b1b37335fc2b268dc40bb30531
4776c46535052e39fc27cb2a91b9c759afc4541486e4ef8540287e308f3647ff
4893abac314a73d945f7a107e248483fe228399d3e59a1a16d283262da25aec0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dd48901c5ac994d3a55585090d55ac27a2d63278e6512e422d0dd4097d04afd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f165a5cc596ad4fdc6a35632841b126f1936e8c2d972f828a271f29940a908a
4f35375a39cd1a8f30f206cdc92c5eee630af8cb234a5099ffe0f89deccd5bee
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
513342e963bb0813a28f9c6adeda4745f4fba680bc8947b60fa4ee52e15c4833
51b6309ada49254e25272f0a5855f9b151c1ef6908a5d4717f0bdfb767364d9c
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54aa1201cd6dba8c88cb7ddf7d64db3e1f92a7014b7d3d9697a264dc8c3c2656
54b16a534f27d39f8edb7dd908ecf182b4be466f86f28ac0f01f415f2ba9d1cf
561747fbaee4ab8fc34641af932e2697eabd08ba310039414f10162ea58edee8
561e2b40a325b2f41cadcc46fa73314b536cbacf5e626134dd7b3c787247d3b3
5786cb29a5fc0b680709e71c8e318d4d751bf24e207689214db9e2638b04e5eb
598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd
5aef26df73dd11e9d8503ca9343209f3299b0779edfc9f0aa062414ba567ff46
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5ccce6782372362d3dcbcec3883b063b9977e7eb36656fca90c4ffda621d7216
5d25b73ed4010f9278e6b31c3d686b01745e63a806cbebb183c1b41a83ea63b9
5d404588d4854e9e54155c95dadbea51a7536d04bfdc3f4d10d69250433c253e
5d6b8af7425984c2b2e0fed1769c446ad58d41de60746619aa04c1d78713ba13
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e3ba50735e39b68f1b1fee83e1925282766044ea5d671b764ed4a1dc04489b6
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61d495d8536f5fe622fd3d8f38e49157575fa6089a1af7f214f94f6eb8c1ec51
65811929ff85715160ca21d13ddbebac0d3e4a1bf9ede506845b9d7181327377
66c53c50b033ac5fd2a9ee8ba13bc3d9df5af078bd440a05a4b0973648a7a224
675ed6c8b6651c2fa81d779adfab9c6b20b19e76e49651b1e3487a68887f22d3
67dc9453b3e8a58b6d91193b4866a2294cc3932d7f3d54c5ae417fb35d4e9967
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6afc129e9a01d2e26245157dd83c234c868d38f9a9920936264db79c3c87645b
6b2e634aa420c8d558ab6fc13942c11617f3e834464e28a2a2737c2ae3ac5335
6d5be1cf7ed69b3f27646a39b4e8c9afac4a13ce6fbedf33404a3e969d24e798
7322be1a646dc7926df55b582bde674155f48591788822f87906b4c20903c65a
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75a7261e493f6af3897e2f445a82ac859105c1d257fd0f7f22fbc3a2a947c9cc
767a2699978d5f976aad931075245e00e525bb26cbc9699148f0ee81791b628f
76a07adcb6d4d762c8c401ca6e79d13e21310e902c60d20765d7c553715cd202
76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce
78d00d28d5e9614aabd17c85e08b0f3048d26bdc9d263fd503bf78a470d393cb
7a59572ff910006171a796b3e6f25ae1f052f4bd5d9f0fd635722c01649122e8
7a8fee0a8096e3de089202f91f26ec7a5fdf7aa08106b35a8e5bc39fbcd978c2
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7c550d9f72981285b0e952f600632a0a7e84652f59a2fe5c3ceaf436ed1948c5
7d0a4d8961da84b2fedb041cdd3604453070081e9476d9d93664ecc1f27b9a1c
802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2
80519b748f4b8535d7d0be4f67ff397bfadf10580f2fabd6eb79fbc608565159
81b683dd9d42cd417d7d9b29ab60b1d30c8f3b6d0cd6dde6587725805559a7d2
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8477899c5bc12b892506084c53e431f8ee7f9cb8d00f547bc059592691a65330
859a299f6ba1ab8b2f235363828f6f3185e86505e12183832acb764b3ac0029c
859cfce2963648b03c58c353f1b2d5246c7b619758f9c8c07d5cfd89c0576972
860e4b944663ab48a4929f7f995379090822e06521ab6321612490be84de42fd
8776b5cb758f0a7841d6ed7e77a71167796aeae3658b91c79c0288b6a942e648
894be11fa6c36fb727c3d2bd899816290f93821908a0bf5bf0602151c49bb2fb
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8adb963c45cdf18bbe764f74326f688ab14f877cd7341bcc268a449377705c2c
8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6
8be3ffe5523bec1b0c3336590a969ba5a8a9e93d879558ffe7157f17f248ecbf
8bf0667de0b6776d48dbcdf37a25e7e7e0f5d33df7c3b41d519fdd7ee61e50f2
8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b
8cda16e6e287633ea9fd666d52eb64f2bdb59b692600652f3a36c5bde473c171
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d894250fc001c899f2f8da3112454d9198b2fd5c3d4460054bf1f5a7db2f309
8d91995862fb6bfce55aeed1035c54c4e2f4c83eb0cfb01df6d711aa7d0e7ea4
8dcba7b2b2f675c472efc594b7be7cb28fa05157895d601882df91de4b6b8c9f
924f2fb8066b66f4c163d433908df4c2c997250c5146d8a210c917b3e334206f
92857904df325afe1f29a64b2382eb7df89626a03d79bd16be4dac1296c3aef1
9440bbc7e43fa576e1ca35a4f4c501a46115180d3d6ac3188965ebb711cfff68
95bc243a72e77a71d1fbde4e223184c8475155fa0eb3d672239910cd9b8e5277
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
97982680a892d29f743ce32b99fb340cc4a186769e56380998145868781f4ebe
986a033d12c7403fa18201513e4396dba72e54e80e2f838b4222f2a8710ab6dd
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99fca8368b4c30000d57b8bd52eaeda6861af2404215bba179834621ec6b83e6
9c5348e4d76366efc13f2bcb5a5ce138e581e90d570a09d0ec66a8cab4920be6
9c7c1fa4f1cd4a94f5865e09ed103a1c208756cabd8be5d55b5dd704975adfd4
9c9e475d04f59873b52fb2512dfc901f441628235b82f9ed6a3e43b6ff360a82
9e1f1ef7172400a022ce88960359048cd55a49ec3774f52d4a1f4bcb59cddb20
9e263a42e214e343e1e18f6b0ab2d0dc57cecab21e1d481a3b3345ca918f4f67
9e28f989c45acf94de84baf9e08f9598c5d2c48d6c3f7b30d79be176676336a4
9efd00b2b6d9b02c9ce8001160f677d1b5a3ff8e4fa1c036d8a8b56c0631c524
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0192ca2b242aa948c52d4d21d0ba72fb05f69060d3fde28f8371f6a114f114a
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e15b3008ff0758230aeed2aa0f561fe61082f59136c3ef7bbeaaf7c1eeb762
a394d231cf4239d223b519366211f838236e4a3c2b76037e013bf8dabd43a749
a48e3091c3e26309f1329bb7ee2812cf158deb93cd80fe6439e53e8d57e58d3d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7ae56c41706391dee29d763058beff0746e76c75605dfbe86d4752d43dbae51
a97d143f7e487a0fdf7a5231fb400eb21608b63ff1d5e2fe934caa94a60ccf85
aa1f5c79753ed4168ff0e27fdd56b67639889dec21fce1b28b0e2e0e5653f6ba
aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
af56d72208ae082fe8ac092b6d8b1f0c983ac57ee42f5f44727e5b648fdeec8b
af79dd310d71adf5f0029246a128d05ef367c49a6d3e27f87d27920e18ec3605
afa07ffd0316f93d7980df193475bb8348d83c74faaabdd445dddc288518f48d
b09a18afa6c958f20492e1605db0397d7d99ec116f324e668a56131b622beb1f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1862f17a2d14dea1495a8ac565c81ac5968141f53de5927bc79b92741d05587
b273893bf2b88f5a3144322a462363124a5608979cec217e87423e5964596aef
b29954a61fb85c954bc5b6128adb4ad258d27b18b43632f4a243a8ac97da0d86
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f
b68a57ef12aa892428ab8cddf579df161ffdcf3ce08d043e722389bb822b413f
b73c021e58f6dd7800ef1baea88cf7d6884c8caa55448c9d2fa20acbac866d3e
b80e20c55ca6ced56a296c20d794c7bdd2baa6322102e970f20ad964f607a032
b8388718f670ddb4c773f542fef40257fd020ae066966c2ca33b0814eab04a74
b86d04082bc03dd77a69851d3ee615b51b0ae6b0f0765c18b26bb3ef4d7f1ee1
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
bd3c0250cd975b10b17e636313de0c8abbf26bcca3cd51f4b9ba5289aea8ec7e
bef140a1a96994029153dca8c00b1750b9a5a764fb9db2dc68d7bb40e8a29e8a
c031263250d6665b2f7296052dad9c1f275f828aae55166d42a29e9c450c303b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2a8da951e5fb1bab994537110bb58a21ef5bc369f948c841d7d5b4f0cf22003
c3c54ff47290bfa569249f470660410315a7fa8282a0ac501bda19bba3068098
c3e760afd8b413ecb7bd30370d4e5e2bfd5a847e8dc2c0f0e39d7621eba92c4b
c56eb126bf9d0593a343577d1ad43c540682489de9c6f92398a9dec14de5a967
c5846a520d69c8f9800059b170da9718a5c2557b6f517b608ce7ff455940f9da
c5f4f0627b7e14e9557378d8c87d2628e2f4ed6234b95ee45f01ecfc53ad476d
c604b3a9a3f1464144a15ce0ae7853500a51074eafb1e6ab4221e29a9986813a
c66afb28981d75b445d5d9d8341b9f6ece1c5bcf6efe7c7d72a74d8e3b9dc525
c6719049b4abb3e0fde4b147f5165c6cee4765594f2933d21c56e0069a008cc5
c78884ff0af71411e5255902b19d962505abe344daad6d523d6e3986d2ed2680
c799c70d3cae050e7292913344ed2b50f1646d2c30b82cf7a8d94497450ef587
c8b4d2c45268a19db7a754791b56dc60d49ae364f1ca58b0a5e172e961fd17d4
c91f49e3df6b9709de93f81591758f2a2bf13bbc542fe283b4d30ce97c070df2
c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a
caf9ba0c928dfb166f5f2adea37b154ead7462478f787e1e53ceeda27ae705e1
cbd1a970b98c920e5be1e77d2e3421f0382d398009e88ca7f5fd9e2f52c12541
cd40be7044447066cdf5b56767a13f3d75fbf041f82af86ed584b743556e5df6
cd44041e27f78770fced39f58e54ff661a452abda8f8541577caed06934f813d
ce8b3dc7792f065b336d3b71011510c4d4f5a385402f10436f821cdb6d8be2b7
cf5d69e59912ef4e959947c0b499323219d6431820f479878b28e6dc3423df13
cffabe0948ab31d5e6574c15c4e0d494ecc146d91cd0434d684c9ace31f9c068
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d3aa2e8f993b8fad5640426559006a1bf9fd8bc168098cab0d7a3d72d4086d6b
d4c930cf3b113474406d0e7401596df6b8aab4c0d805def0f0c23ad9cc758af6
d5bb8e9097a2f622718cd4922fe78ee9957d7710c58adb81e119a48ce9ed9791
d5e9645a277b6522f623130a70519cc50790466ea096e9b81f36a0f0f73e0d62
d67b75fa452095cd2bd0af0648a033192c404aa318b0c22377ecb2f0782f18be
d702945fb7bfbc9db41c4fec1d51089e521be82dce8261c54c9264b9b41c5c8c
daabe23174766d7adb0571cda0d9cc01d5ed490a1cc2872f72f0e9fabe89499a
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
db6dc3bc02be74485def19aac48f64b6ee44661b70ff8e8d71a4167a55aab291
dbafb4fa88edf10e79c8a8361b4eb2f365b5d5af700354e140af131ed2bcd208
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddda47b049ec774960fe39b5c0fca40c15abf80158daec17c8e29146d1d1c31e
df15236d4098113e3479fc540a9bd1046ca6029f5508098e9c4245a0e12fab05
e00373c9334f35c416fe7503a06319c15f5663991a8a7c511c9c7d98bf6e0232
e00b6494ed1f20fd79d438233767307905c04d6da43a9dfa72623b3dff435931
e0af4ed368c1e4e168b14916ed2c851b5e30393d0aae6927cd4022cbe9d46f2d
e2cfc5ee4e55ef850a3d79d800f56deb7ceb2cb11d8f6733450d34da4fd4e63f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5124e19529d1bab0b41651b7b3912e4b547a9a7345dc74b9c8d201b9903fa77
e5dc31e395e9ba0e7a32323c76212a27ca6321dc0e78c2f7e0e504d8de1ef010
e62a33aa8ce3b6670e2e0dac0f116ca4732b389be4d7033ffbb499b481554683
e6d45298b7301860d772fb2c1a7a7eb8460ce16e11cc306b549920b07a129366
eacf80a59970025a895879880b174f7ecca299b6de4ff8cc23d1a9a415e483f5
eb51506c619bb5ea0d447dc5a08683c9b73ecbe1e65dce794674622cd2e56f58
ec30ff8fa57c8addab76d43208f9607f485c0abd64b7dbccfa4e8e5a44b1fd57
ef0ad40fa45b9dc51f10ab7194105007b2f5cd260e7990ceaf27e51583ade9bd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00187b9639c398589c0bac3632be00aff6822bdfd90ef5a9cf655c4796ca4f5
f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a
f1038210fbb931b00eb5448b6433bff41d59925484996b802ecc82f89fa4fb66
f1639c853668f891e61b53b8585de074d841f934eb723f6ec3a3c05e75e92f76
f230538018f9156f925bd667c6ac4f437ae4541b9d421424728592d359b499c8
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f4d4eda42f85c6ccbbb5de2aff596085b3b1d380c8585464f2e53df2cad66f8e
f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95
f7485e293d4aa2733983180b494810000dc3b99dd87e1b695f09af5503c85428
f8284365ba340253ee9c71cfb5efcc37f10a23e8b8b5dd134ec7bbab05073845
fa79b39de9e8642d83b281055cb5c154d6f6bac1308c216887dbb306ac3cabb8
fab481879e9b2ea0d82718242d3da2c28f577d2af05c643aeae8e75e8647b9eb
fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684
fd8daa9185ee21208eec36103b532a995a7eb635e1b696cf384fb0392f0d40f6
fee3e6f2437e00d797b8118c7528aa0741ec6bb68ba2090c04182548d3b92aee

babesinhairland.com Open in urlscan Pro 192.124.249.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

771 Requests

88 %HTTPS

26 %IPv6

92 Domains

128 Subdomains

80 IPs

9 Countries

6735 kBTransfer

10653 kBSize

0 Cookies

41 Outgoing links

Redirected requests

771 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

babesinhairland.com Open in urlscan Pro
192.124.249.6 Public Scan

Screenshot
Live screenshot

Full Image

771
Requests

88 %
HTTPS

26 %
IPv6

92
Domains

128
Subdomains

80
IPs

9
Countries

6735 kB
Transfer

10653 kB
Size

0
Cookies

771 HTTP transactions
5 data transactions